I’ve had a Pritunl Server running on Ubuntu 18.04 for several years. I got an email a few weeks ago from Azure stating that I should update my servers to 22.04. I instead creating a new VM targeting 22.04 and pointed this instance to my existing MongoDB and got it up and running. However, none of my existing clients could connect anymore. I re-downloaded my vpn profile, that will connect to the new server successfully. This is an issue though since the majority of the clients are headless routers connected to machines all over the globe. I have no way of issuing new profiles to these devices unless I’m physically with them. I was able to switch back to the old 18.04 server and restore my MongoDB from a backup, all active clients successfully reconnected.
Is there a seamless upgrade path from Ubuntu 18.04 to 22.04 that won’t break existing connections? I’m thinking it had something to do with the server’s ssl certificate and key changing, those are the only differences I could find after restoring the MongoDB.
That upgrade will use a new version of OpenSSL requiring increasing the DH Params Size in the server settings of all servers to 2048. This will not impact the client configuration file. If the clients are not connecting check for error messages in the server output and top right logs in the web console navigation bar. If the server IP is changing that will require updating the client configuration files.
Currently there are no known security risks with running Pritunl on Ubuntu 18.04 as long as other system services are not open to the internet. With the release of Pritunl v1.32 which includes a bundled Python 3.9 interpreter this will allow bringing a future release of v1.32 to Ubuntu 18.04 if it were needed.
If there are no security concerns, then I’ll just leave it.
I had checked all the logs and there were none which I found weird. We use a domain name for the service, we changed the IP and that was resolving to the new server. After switching back to the original server, the result was the same, no connection logs at all. My Open VPN Client logs only showed an ‘event wait’ log looping until it gave up. It wasn’t until I restored the MongoDB that it started working again.
Anyway, classic case of if it isn’t broke, don’t fix it. I’ll try again another day.