Jump to content

kormalan

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

 Content Type 

Posts posted by kormalan

    OpenVPN Server & Client for unRAID 6.2+ (6.1 are still supported)

    in Plugin Support

    Posted · Edited by kormalan

    Hello,

     

    My Windows 10 Pro client PC is connected via an USB cable to my smartphone that shares its Internet 4G connection. 

     

    I connect to the OpenVPN server without any problem with an OpenVPN GUI client x64.

     

    Ping the machines of my local network is ok.
    But, all connections with my web browser fail. So I do not have access to the Unraid Web interface.

     

    Of course I do not get a local IP and I do not know why !!!
    My Gateway is 192.168.1.254.

     

    Also, there is an error in the log of openvpn client :
    - Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:3: remote-gateway (2.4.7)

     

    Can you please help me ?

     

    Bellow all my configuration: 

    WAN IP                         XXXX.XXXX.XXXX.XXXX
UNRAID SERVER IP               192.168.1.200
LAN GATEWAY                    192.168.1.254
OPENVPN / EASYRSA VERSION      2.4.6/Master


      

    IPCONFIG on Windows 10 Pro 64 bits
----------------------------------

Configuration IP de Windows


Carte Ethernet Ethernet :

   Statut du média. . . . . . . . . . . . : Média déconnecté
   Suffixe DNS propre à la connexion. . . : lan

Carte réseau sans fil Connexion au réseau local* 1 :

   Statut du média. . . . . . . . . . . . : Média déconnecté
   Suffixe DNS propre à la connexion. . . :

Carte réseau sans fil Connexion au réseau local* 2 :

   Statut du média. . . . . . . . . . . . : Média déconnecté
   Suffixe DNS propre à la connexion. . . :

Carte Ethernet Ethernet 2 :

   Suffixe DNS propre à la connexion. . . :
   Adresse IPv6 de liaison locale. . . . .: fe80::24fc:59a0:7f83:cdb4%17
   Adresse IPv4. . . . . . . . . . . . . .: 10.8.0.6
   Masque de sous-réseau. . . . . . . . . : 255.255.255.252
   Passerelle par défaut. . . . . . . . . :

Carte Ethernet Connexion réseau Bluetooth :

   Statut du média. . . . . . . . . . . . : Média déconnecté
   Suffixe DNS propre à la connexion. . . :

Carte réseau sans fil Wi-Fi :

   Statut du média. . . . . . . . . . . . : Média déconnecté
   Suffixe DNS propre à la connexion. . . : lan

Carte Ethernet Ethernet 3 :

   Suffixe DNS propre à la connexion. . . :
   Adresse IPv6 de liaison locale. . . . .: fe80::b083:1d04:ebf4:7bb4%45
   Adresse IPv4. . . . . . . . . . . . . .: 192.168.42.32
   Masque de sous-réseau. . . . . . . . . : 255.255.255.0
   Passerelle par défaut. . . . . . . . . : 192.168.42.129


CLIENT SIDE LOG (OPENVPN CLIENT GUI on Windows 10 Pro 64 bits)
--------------------------------------------------------------

    Sun May 26 21:59:32 2019 OpenVPN 2.4.7 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Feb 21 2019
    Sun May 26 21:59:32 2019 Windows version 6.2 (Windows 8 or greater) 64bit
    Sun May 26 21:59:32 2019 library versions: OpenSSL 1.1.0j  20 Nov 2018, LZO 2.10
    Enter Management Password:
    Sun May 26 21:59:32 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
    Sun May 26 21:59:32 2019 Need hold release from management interface, waiting...
    Sun May 26 21:59:32 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
    Sun May 26 21:59:32 2019 MANAGEMENT: CMD 'state on'
    Sun May 26 21:59:32 2019 MANAGEMENT: CMD 'log all on'
    Sun May 26 21:59:32 2019 MANAGEMENT: CMD 'echo all on'
    Sun May 26 21:59:32 2019 MANAGEMENT: CMD 'bytecount 5'
    Sun May 26 21:59:32 2019 MANAGEMENT: CMD 'hold off'
    Sun May 26 21:59:32 2019 MANAGEMENT: CMD 'hold release'
    Sun May 26 21:59:32 2019 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    Sun May 26 21:59:32 2019 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    Sun May 26 21:59:32 2019 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
    Sun May 26 21:59:32 2019 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
    Sun May 26 21:59:32 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]XXXX.XXXX.XXXX.XXXX:1194
    Sun May 26 21:59:32 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
    Sun May 26 21:59:32 2019 UDP link local: (not bound)
    Sun May 26 21:59:32 2019 UDP link remote: [AF_INET]XXXX.XXXX.XXXX.XXXX:1194
    Sun May 26 21:59:32 2019 MANAGEMENT: >STATE:1558900772,WAIT,,,,,,
    Sun May 26 21:59:32 2019 MANAGEMENT: >STATE:1558900772,AUTH,,,,,,
    Sun May 26 21:59:32 2019 TLS: Initial packet from [AF_INET]XXXX.XXXX.XXXX.XXXX:1194, sid=e175b8f2 8b8e5482
    Sun May 26 21:59:32 2019 VERIFY OK: depth=1, CN=server
    Sun May 26 21:59:32 2019 VERIFY KU OK
    Sun May 26 21:59:32 2019 Validating certificate extended key usage
    Sun May 26 21:59:32 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
    Sun May 26 21:59:32 2019 VERIFY EKU OK
    Sun May 26 21:59:32 2019 VERIFY OK: depth=0, CN=server
    Sun May 26 21:59:33 2019 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
    Sun May 26 21:59:33 2019 [server] Peer Connection Initiated with [AF_INET]XXXX.XXXX.XXXX.XXXX:1194
    Sun May 26 21:59:34 2019 MANAGEMENT: >STATE:1558900774,GET_CONFIG,,,,,,
    Sun May 26 21:59:34 2019 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
---    Sun May 26 21:59:34 2019 PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 192.168.1.254,redirect-gateway local def1,remote-gateway 192.168.1.200,resolv-retry infinite,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM'
---    Sun May 26 21:59:34 2019 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:3: remote-gateway (2.4.7)
---    Sun May 26 21:59:34 2019 Options error: option 'resolv-retry' cannot be used in this context ([PUSH-OPTIONS])
    Sun May 26 21:59:34 2019 OPTIONS IMPORT: timers and/or timeouts modified
    Sun May 26 21:59:34 2019 OPTIONS IMPORT: --ifconfig/up options modified
    Sun May 26 21:59:34 2019 OPTIONS IMPORT: route options modified
    Sun May 26 21:59:34 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Sun May 26 21:59:34 2019 OPTIONS IMPORT: peer-id set
    Sun May 26 21:59:34 2019 OPTIONS IMPORT: adjusting link_mtu to 1625
    Sun May 26 21:59:34 2019 OPTIONS IMPORT: data channel crypto options modified
    Sun May 26 21:59:34 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
    Sun May 26 21:59:34 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
    Sun May 26 21:59:34 2019 interactive service msg_channel=920
    Sun May 26 21:59:34 2019 ROUTE_GATEWAY 192.168.42.129/255.255.255.0 I=45 HWADDR=02:7c:59:35:30:5f
    Sun May 26 21:59:34 2019 open_tun
    Sun May 26 21:59:34 2019 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{D8BE8B5E-39EB-4160-B671-197B2CBA8E5B}.tap
    Sun May 26 21:59:34 2019 TAP-Windows Driver Version 9.21 
    Sun May 26 21:59:34 2019 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {D8BE8B5E-39EB-4160-B671-197B2CBA8E5B} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
    Sun May 26 21:59:34 2019 Successful ARP Flush on interface [17] {D8BE8B5E-39EB-4160-B671-197B2CBA8E5B}
    Sun May 26 21:59:34 2019 MANAGEMENT: >STATE:1558900774,ASSIGN_IP,,10.8.0.6,,,,
    Sun May 26 21:59:36 2019 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
    Sun May 26 21:59:36 2019 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
    Sun May 26 21:59:36 2019 Route addition via service succeeded
    Sun May 26 21:59:36 2019 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
    Sun May 26 21:59:36 2019 Route addition via service succeeded
    Sun May 26 21:59:36 2019 MANAGEMENT: >STATE:1558900776,ADD_ROUTES,,,,,,
    Sun May 26 21:59:36 2019 C:\Windows\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
    Sun May 26 21:59:36 2019 Route addition via service succeeded
    Sun May 26 21:59:36 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Sun May 26 21:59:36 2019 Initialization Sequence Completed
    Sun May 26 21:59:36 2019 MANAGEMENT: >STATE:1558900776,CONNECTED,SUCCESS,10.8.0.6,XXXX.XXXX.XXXX.XXXX,1194,,


DEFAUKLT CONFIG - CLIENT SIDE CONFIG (OPENVPN CLIENT GUI on Windows 10 Pro 64 bits)
-----------------------------------------------------------------------------------

remote XXXX.XXXX.XXXX.XXXX
tls-client
cipher AES-256-GCM
auth sha512
client
dev tun
proto udp
port 1194
nobind
persist-key
persist-tun
resolv-retry infinite
comp-lzo adaptive
verb 3
mute-replay-warnings
tls-version-min 1.2
remote-cert-tls server
remote-cert-eku "TLS Web Server Authentication"
route-delay 2
tls-cipher TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384:TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA38:TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA


DEFAULT CONFIG - SERVER SIDE CONFIG
-----------------------------------

Dynamic DNS
OpenVPN server IP                       10.8.0.0
Netmask                                 255.255.255.0
Allow Client to Client                  no
Pushing DHCP options to clients         DNS local gateway
Port for the server                     1194
Tunnel Protocol                         UDP
Encryption Ciphers                      AES-256-GCM
Hash Algorithm                          SHA512
Control channel encryption (tls-crypt)  yes
ifconfig-pool-persist ipp.txt           yes    
Redirect-gateway                        redirect gateway def1
Topology subnet                         no
Push LAN subnet to the clients          yes
LZO Compression                         adaptive
TELNET management console               no
LOG settings                            3
OpenVPN Port-Share 

     

    [DOCKER] ownCloud is here!

    in Docker Containers

    Posted

    Dear All,

     

    I can not create the first admin user at the first ownCloud connection.

     

    Error msg is : Cannot write in /mnt/user/appdata/mariadb

     

    (It's not exactly that the message is in french.)

     

     

    Owncloud form to create administrator account

    User: admin

    Password: xxxxx

    Database engine: MySQL/MariaDB

    Data directory: /mnt/user/appdata/mariadb

    User: ocuser

    Password: xxxx

    Database name: owncloud

    Host (database): 192.168.1.210

     

     

    UnRaid informations

    UnRaid version: 6.1.9

    Docker version 1.7.1, build 786b29d4

    Share appdata exist, security is Public (for a moment) and export is No

    User ocuser exist

     

    Docker Containers Informations

    Containers MariabDB: needo/mariadb:latest

    Container Volume

    Host Path

    /db

    /mnt/user/appdata/mariadb

     

    Container Port

    Host Port

    3306

    3306

     

    Containers Owncloud: gfjardim/owncloud:latest

    Container Volume

    Host Path

    /var/www/owncloud/data

    /mnt/user/appdata/owncloud

     

    Container Port

    Host Port

    8000

    8000

     

    ls of /mnt/user/appdata/mariadb

    root@Tower:/mnt/user/appdata/mariadb# ls -l
total 28704
-rw-rw---- 1 nobody users    16384 Apr 26 17:02 aria_log.00000001
-rw-rw---- 1 nobody users       52 Apr 26 17:02 aria_log_control
-rw-rw---- 1 nobody users  5242880 Apr 26 17:02 ib_logfile0
-rw-rw---- 1 nobody users  5242880 Apr 26 17:02 ib_logfile1
-rw-rw---- 1 nobody users 18874368 Apr 26 17:02 ibdata1
drwx------ 1 nobody root      4096 Apr 26 17:02 mysql/
-rw-rw---- 1 nobody users     3201 Apr 26 17:02 mysql_safe.log
drwx------ 1 nobody users     4096 Apr 26 17:02 performance_schema/

     

    Questions

    • What are the permissions to grant and to whom ?
    • Is it only a permission problem ?
    • How to effectively protect appdata sharing ?

       

      Thank's for your help

×
×
  • Create New...