01111000 Posted July 13, 2016 Share Posted July 13, 2016 Has this been fixed or do I need to use the old plugin on 6.1? How can I disable the auto updates that break it? Thanks Quote Link to comment
peter_sm Posted July 14, 2016 Author Share Posted July 14, 2016 Any ideas why I would suddenly have openvpn just stop working? Nothing has changed except unRaid has updated. The connection in the open VPN app on any of my iOS devices just spins. Shows bytes going out. But no response. Keeps taking out. Checked port forwarding for UDP 1194 and it's going to the unraid IP Checked that open VPN is running. It is. Rebooted. Nothing Created a new opvn file. Nothing. Any ideas **EDIT** I have rebooted everything. The OpenVPN logs from my iphone keep showing that not bytes are coming in. Router has 1194 forwarded, thats the Port in the OpenVPN plugin Server Settings. This all used to work. I have also removed the entire plugin and tried again to no avail. What unRAID version are you on? If 6.2 I want you to save your unRAID network settings and try again. I have a new release soon that read the unRAID variables from a different way, apart from that the latest version should work in 6.2. For unRAID Version 6.1 is not affected about this and should be running fine Quote Link to comment
peter_sm Posted July 14, 2016 Author Share Posted July 14, 2016 Has this been fixed or do I need to use the old plugin on 6.1? How can I disable the auto updates that break it? Thanks Version 6.1 should be fine for latest plugin Quote Link to comment
01111000 Posted July 14, 2016 Share Posted July 14, 2016 Has this been fixed or do I need to use the old plugin on 6.1? How can I disable the auto updates that break it? Thanks Version 6.1 should be fine for latest plugin Do we need to rebuild anything? I have the same issue even with the latest update. Rolling back to the version that was linked two pages or do ago allows me to connect right away. I appreciate the help Quote Link to comment
sol Posted July 15, 2016 Share Posted July 15, 2016 Can't seem to generate a client. Getting; Adding client: spawn ./easyrsa build-client-full nopass Generating a 4096 bit RSA private key ..................++ ...++ writing new private key to '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/nopass.key.XXXXy2EIKW' Enter PEM pass phrase: Verifying - Enter PEM pass phrase:cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/issued/.crt': No such file or directory cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/.key': No such file or directory you got only one client script, instead of script plus 4 keys and certs /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 473: ./.crt: No such file or directory /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 477: ./.key: No such file or directory cp: cannot stat '.crt': No such file or directory cp: cannot stat '.key': No such file or directory rm: cannot remove '.crt': No such file or directory rm: cannot remove '.key': No such file or directory Done Inline file ! Quote Link to comment
peter_sm Posted July 15, 2016 Author Share Posted July 15, 2016 Can you check in your openvpn folder that these files exis. It looks like the step where you should "Generate the server certificates and keys" didn't finish. You have chosen 4096 RSA key and this can take up to 60 minutes or more ca.crt dh.pem easy-rsa/ ipp.txt openvpnserver.ovpn server.crt server.key ta.key EDIT I did a new fresh installation and all is good Files in pki folder root@Tower:/mnt/appdata/myVPNserver_test5/easy-rsa/easyrsa3/pki# ls ca.crt certs_by_serial/ dh.pem index.txt index.txt.attr index.txt.attr.old index.txt.old issued/ private/ reqs/ serial serial.old file in application folder ca.crt clients/ dh.pem easy-rsa/ openvpnserver.ovpn server.crt server.key ta.key root@Tower:/mnt/appdata/myVPNserver_test5# files for client root@Tower:/mnt/appdata/myVPNserver_test5/clients/peter# ls backup/ peter.ovpn root@Tower:/mnt/appdata/myVPNserver_test5/clients/peter# client Adding client: peter spawn ./easyrsa build-client-full peter nopass Generating a 4096 bit RSA private key .....++ ..++ writing new private key to '/mnt/appdata/myVPNserver_test5/easy-rsa/easyrsa3/pki/private/peter.key.XXXXHipV6N' ----- Using configuration from /mnt/appdata/myVPNserver_test5/easy-rsa/easyrsa3/openssl-1.0.cnf Enter pass phrase for /mnt/appdata/myVPNserver_test5/easy-rsa/easyrsa3/pki/private/ca.key: Check that the request matches the signature Signature ok The Subject's Distinguished Name is as follows commonName :ASN.1 12:'peter' Certificate is to be certified until Jul 13 02:23:13 2026 GMT (3650 days) Write out database with 1 new entries Data Base Updated you got only one client script, instead of script plus 4 keys and certs Done Inline file ! Quote Link to comment
peter_sm Posted July 15, 2016 Author Share Posted July 15, 2016 Has this been fixed or do I need to use the old plugin on 6.1? How can I disable the auto updates that break it? Thanks Version 6.1 should be fine for latest plugin Do we need to rebuild anything? I have the same issue even with the latest update. Rolling back to the version that was linked two pages or do ago allows me to connect right away. I appreciate the help do you mean the older version of OpenVPN packages? if so I think there is files on 6.1 that also need to be updated to work with latest current version of openVPN. I can't help you here :-( Maybe try withe curent SSL packeges ? Quote Link to comment
sol Posted July 15, 2016 Share Posted July 15, 2016 Can you check in your openvpn folder that these files exis. It looks like the step where you should "Generate the server certificates and keys" didn't finish. You have chosen 4096 RSA key and this can take up to 60 minutes or more *update update* I'm an idiot. It helps if you put in a name in the field for the client. Totally sorry for bothering you. *update* I checked all the files you listed and they are there, minus peter of course. Yeah I waited for quite a while. Didn't really keep track. It did give me a green check mark. Tried it with 2048 bit and got the same error: Adding client: spawn ./easyrsa build-client-full nopass Generating a 2048 bit RSA private key ..................................................................................................+++ ...+++ writing new private key to '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/nopass.key.XXXXbBXC6g' Enter PEM pass phrase: Verifying - Enter PEM pass phrase:cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/issued/.crt': No such file or directory cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/.key': No such file or directory you got only one client script, instead of script plus 4 keys and certs /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 473: ./.crt: No such file or directory /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 477: ./.key: No such file or directory cp: cannot stat '.crt': No such file or directory cp: cannot stat '.key': No such file or directory rm: cannot remove '.crt': No such file or directory rm: cannot remove '.key': No such file or directory Done Inline file ! Quote Link to comment
peter_sm Posted July 16, 2016 Author Share Posted July 16, 2016 Can you check in your openvpn folder that these files exis. It looks like the step where you should "Generate the server certificates and keys" didn't finish. You have chosen 4096 RSA key and this can take up to 60 minutes or more *update update* I'm an idiot. It helps if you put in a name in the field for the client. Totally sorry for bothering you. *update* I checked all the files you listed and they are there, minus peter of course. Yeah I waited for quite a while. Didn't really keep track. It did give me a green check mark. Tried it with 2048 bit and got the same error: Adding client: spawn ./easyrsa build-client-full nopass Generating a 2048 bit RSA private key ..................................................................................................+++ ...+++ writing new private key to '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/nopass.key.XXXXbBXC6g' Enter PEM pass phrase: Verifying - Enter PEM pass phrase:cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/issued/.crt': No such file or directory cp: cannot stat '/mnt/cache/openvpn/easy-rsa/easyrsa3/pki/private/.key': No such file or directory you got only one client script, instead of script plus 4 keys and certs /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 473: ./.crt: No such file or directory /usr/local/emhttp/plugins/openvpnserver/scripts/rc.openvpnserver: line 477: ./.key: No such file or directory cp: cannot stat '.crt': No such file or directory cp: cannot stat '.key': No such file or directory rm: cannot remove '.crt': No such file or directory rm: cannot remove '.key': No such file or directory Done Inline file ! Is all OK for you now ? And there is new version released today :-) //Peter Quote Link to comment
zarfx4 Posted July 17, 2016 Share Posted July 17, 2016 Thanks for the response Peter. I am on 6.1.9. I tried the network settings idea thinking maybe it would help. It did not. It is almost as if the Server is no longer listening to Port 1194. I removed the plugin and re-installed. I verified that the port is properly open on the router, which was unchanged as well. I ended up having to remove the plugin and installed one of the Open VPN dockers (which is a pain to setup in contrast to your plugin) and it worked right away. Any ideas why I would suddenly have openvpn just stop working? Nothing has changed except unRaid has updated. The connection in the open VPN app on any of my iOS devices just spins. Shows bytes going out. But no response. Keeps taking out. Checked port forwarding for UDP 1194 and it's going to the unraid IP Checked that open VPN is running. It is. Rebooted. Nothing Created a new opvn file. Nothing. Any ideas **EDIT** I have rebooted everything. The OpenVPN logs from my iphone keep showing that not bytes are coming in. Router has 1194 forwarded, thats the Port in the OpenVPN plugin Server Settings. This all used to work. I have also removed the entire plugin and tried again to no avail. What unRAID version are you on? If 6.2 I want you to save your unRAID network settings and try again. I have a new release soon that read the unRAID variables from a different way, apart from that the latest version should work in 6.2. For unRAID Version 6.1 is not affected about this and should be running fine Quote Link to comment
peter_sm Posted July 17, 2016 Author Share Posted July 17, 2016 The issue is the latest openvpn packages and unRAID 6.1 :-( Quote Link to comment
peter_sm Posted July 17, 2016 Author Share Posted July 17, 2016 But if you can find older version of openvpn packages then you can use the plugin, put this in the folder extra :-) Quote Link to comment
peter_sm Posted July 17, 2016 Author Share Posted July 17, 2016 Hi, Here are two links to older version of OpenVPN for you that are on 6.1* :-) https://www.dropbox.com/s/42qtpgipmrvfqrf/openvpn-2.3.6-x86_64-1.txz?dl=0 https://www.dropbox.com/s/sibppxdp63cqi0y/openvpn-2.3.9-x86_64-1.txz?dl=0 //Peter Quote Link to comment
zarfx4 Posted July 18, 2016 Share Posted July 18, 2016 Thanks Peter. At least now i know i am not crazy. Is this going to be fixed in the newer release you previously spoke about...or is it an UnRaid issue..? Quote Link to comment
01111000 Posted July 18, 2016 Share Posted July 18, 2016 Thanks Peter. At least now i know i am not crazy. Is this going to be fixed in the newer release you previously spoke about...or is it an UnRaid issue..? I think it needs a new package that isn’t in 6.1 Peter, how can I ensure that the plugin doesn’t auto update and kill itself? Thanks Quote Link to comment
peter_sm Posted July 19, 2016 Author Share Posted July 19, 2016 Thanks Peter. At least now i know i am not crazy. Is this going to be fixed in the newer release you previously spoke about...or is it an UnRaid issue..? Hi, unRAID need an update of SSL to work with current OpenVPN. Skickat från min iPhone med Tapatalk Quote Link to comment
peter_sm Posted July 19, 2016 Author Share Posted July 19, 2016 Thanks Peter. At least now i know i am not crazy. Is this going to be fixed in the newer release you previously spoke about...or is it an UnRaid issue..? I think it needs a new package that isn’t in 6.1 Peter, how can I ensure that the plugin doesn’t auto update and kill itself? Thanks The plugin using latest current version of OpenVPN. But did you try one of the links from me with older version of OpenVPN? If you have one of these in /boot/extra did that override the version of OpenVPN package I have in the plugin? Skickat från min iPhone med Tapatalk Quote Link to comment
peter_sm Posted July 19, 2016 Author Share Posted July 19, 2016 New version is available with some GUI updates //Peter Quote Link to comment
peter_sm Posted July 19, 2016 Author Share Posted July 19, 2016 For you on 6.1.* can you try to install current version of SSL ( link below ) and see if the plugin works for you with latest OpenVPN Slackware packages that are in latest version of the plugin? http://mirrors.slackware.com/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2h-x86_64-1.txz http://mirrors.slackware.com/slackware/slackware64-current/slackware64/n/openssl-1.0.2h-x86_64-1.txz //Peter Quote Link to comment
tayshun12 Posted July 24, 2016 Share Posted July 24, 2016 Hey All, I was wondering if there were anyway to enable TAP mode instead of TUN mode? I'm trying to get my steam home streaming up and running but without being on the same subnet it doesn't detect it. Steam unfortunately does not allow manual IP entry so there is no way of accessing it! please help! Thanks T Quote Link to comment
peter_sm Posted July 25, 2016 Author Share Posted July 25, 2016 Hey All, I was wondering if there were anyway to enable TAP mode instead of TUN mode? I'm trying to get my steam home streaming up and running but without being on the same subnet it doesn't detect it. Steam unfortunately does not allow manual IP entry so there is no way of accessing it! please help! Thanks T Hi, You can try to edit the openvpnserver.ovpn manually. Follow this guide --> https://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html //Peter Quote Link to comment
UntouchedWagons Posted July 28, 2016 Share Posted July 28, 2016 How do I install the older version of OpenVPN? I'm using version 2.3.11 now but it won't start up because of "openvpn: symbol lookup error: openvpn: undefined symbol: SSL_CTX_get0_certificate". If I uninstall the plugin, then install it fresh I'm told that it's already installed even though I had just uninstalled it. Quote Link to comment
peter_sm Posted July 28, 2016 Author Share Posted July 28, 2016 DL it to /boot/extra and reboot or install it manually. installpkg /boot/extra/openvpn-2.3.9-x86_64-1.txz This will override the version of openVPN in the plugin //Peter Quote Link to comment
BLaKay Posted July 29, 2016 Share Posted July 29, 2016 For you on 6.1.* can you try to install current version of SSL ( link below ) and see if the plugin works for you with latest OpenVPN Slackware packages that are in latest version of the plugin? http://mirrors.slackware.com/slackware/slackware64-current/slackware64/a/openssl-solibs-1.0.2h-x86_64-1.txz http://mirrors.slackware.com/slackware/slackware64-current/slackware64/n/openssl-1.0.2h-x86_64-1.txz //Peter Seems to work. Thanks Quote Link to comment
Guest Posted July 31, 2016 Share Posted July 31, 2016 Peter_sm, quick bug report - when I have ipp enabled, OpenVPN keeps using the ipp.txt file in the appdata share. So when I do server maintenance and have to shut the array down, OpenVPN prevents drives from unmounting - thus creating an unmount error loop and hanging the emhttp process. Therefore I cannot access the WebUI anymore and have to manually shutdown the server via SSH: powerdown So... from what I thought 1. Since ipp.txt isn't frequently accessed, it could be saved to the flash drive itself. Therefore array could be properly unmounted. 2. This brings the benefit that OpenVPN could still function while the array is down - therefore we can do maintenance from the outside world. 3. Which means that OpenVPN could also start itself up on system boot and kill itself on system shutdown. 4. Unless flash drive save isn't possible, then we'd have to resort to getting the unmount signal and killing the server. But this means that we can't fix our servers from the outside. Since I'm out frequently, it would be a huge plus for me if it could function while the array's down and restart itself along with the server. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.