Openvpn: Difference between revisions

From miki
Jump to navigation Jump to search
 
(2 intermediate revisions by the same user not shown)
Line 2: Line 2:
* [https://wiki.debian.org/OpenVPN OpenVPN on debian.org]
* [https://wiki.debian.org/OpenVPN OpenVPN on debian.org]
* [https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-debian-8 How To Set Up an OpenVPN Server on Debian 8 on digitalocean.com]
* [https://www.digitalocean.com/community/tutorials/how-to-set-up-an-openvpn-server-on-debian-8 How To Set Up an OpenVPN Server on Debian 8 on digitalocean.com]
* [https://support.vpnsecure.me/articles/frequently-asked-questions/using-openvpn-from-behind-a-proxy-server Using OpenVPN from behind a proxy server]


== Troubleshooting ==
== Troubleshooting ==
=== Test server - client connectivity ===
On the server, run
<source lang=bash>
openvpn --config /etc/openvpn/server.conf --verb 6
</source>

On the client, run
<source lang=bash>
openvpn --config /etc/openvpn/client.conf --verb 6
</source>

We should see [https://wiki.debian.org/OpenVPN]
...
Wed Mar 7 18:05:30 2012 Peer Connection Initiated with [AF_INET]SERVER_IP:PORT
Wed Mar 7 18:05:30 2012 Initialization Sequence Completed
...

=== Server not running (systemd) ===
=== Server not running (systemd) ===
After configuring the server (file {{file|/etc/openvpn/server.conf}}, the server does not start:
After configuring the server (file {{file|/etc/openvpn/server.conf}}, the server does not start:
Line 11: Line 29:
service openvpn status # show active (exited)
service openvpn status # show active (exited)
ps faux | grep openvpn # no service running
ps faux | grep openvpn # no service running
ss -tupan | grep 1194 # idem
service openvpn stop
service openvpn stop
</source>
</source>
Line 20: Line 39:
systemctl daemon-reload
systemctl daemon-reload
service openvpn start
service openvpn start
ps faux | grep openvpn # ok!
ps faux | grep openvpn
# nobody 28798 0.0 0.0 30676 3016 ? Ss 11:46 0:00 /usr/sbin/openvpn ...
ss -tupan | grep 1194
# udp UNCONN 0 0 *:1194 *:* users:(("openvpn",pid=28798,fd=6))
</source>
</source>



Latest revision as of 11:57, 24 October 2016

Guides

Troubleshooting

Test server - client connectivity

On the server, run

openvpn --config /etc/openvpn/server.conf --verb 6

On the client, run

openvpn --config /etc/openvpn/client.conf --verb 6

We should see [1]

...
Wed Mar  7 18:05:30 2012 Peer Connection Initiated with [AF_INET]SERVER_IP:PORT
Wed Mar  7 18:05:30 2012 Initialization Sequence Completed
...

Server not running (systemd)

After configuring the server (file /etc/openvpn/server.conf, the server does not start:

service openvpn start           # or systemctl start openvpn
service openvpn status          # show active (exited)
ps faux | grep openvpn          # no service running
ss -tupan | grep 1194           # idem
service openvpn stop


We have to tell systemd to create new generators [2]:

systemctl daemon-reload
service openvpn start
ps faux | grep openvpn          
# nobody   28798  0.0  0.0  30676  3016 ?        Ss   11:46   0:00 /usr/sbin/openvpn ...
ss -tupan | grep 1194
# udp    UNCONN     0      0                      *:1194                  *:*      users:(("openvpn",pid=28798,fd=6))

More info on openvpn in systemd. For instance, to start a specific configuration:

systemctl enable openvpn@sample.service
# creates a symlink in /etc/systemd/system/multi-user.target.wants/openvpn@sample.service 
# pointing to /lib/systemd/system/openvpn@.service