Jump to content
peter_sm

OpenVPN Server & Client for unRAID 6.2+ (6.1 are still supported)

838 posts in this topic Last Reply

Recommended Posts

I try to run the system and I get an error. What am I doing wrong.

 

Options error: In [CMD-LINE]:1: Error opening configuration file: Chose
Use --help for more information.

 

I get same problem. How do we set up a config file? All I want to do is access another unRAID server and vice versa.

Please, need more info, is it server or client? what UnRAID version? anyway, both the 2 plugins install on a fresh system perfect (Beta 10 on a VM)

 

Syslog ?

 

Thanks

 

//Peter

 

 

 

Share this post


Link to post

I try to run the system and I get an error. What am I doing wrong.

 

Options error: In [CMD-LINE]:1: Error opening configuration file: Chose
Use --help for more information.

 

I get same problem. How do we set up a config file? All I want to do is access another unRAID server and vice versa.

Please, need more info, is it server or client? what UnRAID version? anyway, both the 2 plugins install on a fresh system perfect (Beta 10 on a VM)

 

Syslog ?

 

Thanks

 

//Peter

I've been running this in both beta 10 and 10a (client, not server) and it has consistently worked flawlessly for me.  I actually haven't had to touch OpenVPN in over a year because its so rock solid.  Peter is the man!!!

Share this post


Link to post

Options error: In [CMD-LINE]:1: Error opening configuration file: Chose
Use --help for more information.

 

Client version, beta10 and using PIA.

 

I have no idea how to check logs for the errors.

Share this post


Link to post

please post your openvpnconfig.cfg

and where are the PIA files located ?

 

I'm on PIA as well.

 

What more are you running on your system V6 B10a ?

 

//Peter

Share this post


Link to post

# openvpn client plugin configuration file
USER="xxxxxx"
PASS="xxxxxx"
START_ON_MOUNT="no"
PLG_EXT="no"
PLG_PASSWORD="no"
OVPNCHOOSE="/boot/openvpn/US Florida.ovpn"

 

xxxx being my user and password

 

 

Oct 4 08:15:11 UNRAID sudo: root : TTY=unknown ; PWD=/boot/openvpn ; USER=root ; COMMAND=/usr/sbin/openvpn --writepid /var/run/openvpn/openvpn.pid --script-security 3 --mute-replay-warnings --config /boot/openvpn/US Florida.ovpn /dev/null

 

The Unraid log when i try to start it.

Share this post


Link to post

Change password settings  to yes, then try again, since PIA needs password ;-)

 

same error

Share this post


Link to post

Can you putty in to Unraid, then cd to /boot/openvpn.

If that is your folder with pia config files.

 

Then run this

 

openvpn --config  your ovpn file

 

Example: openvpn --config Sweden.ovpn

 

Paste the result

Share this post


Link to post

I found the issue! Is the space in the file name. This was solved long time ago, but the bug is back again?  Will solve this later, please try to change file name and try.

 

EDIT

 

Client plugin are updated to handle space in file name.

//Peter

Share this post


Link to post

I found the issue! Is the space in the file name. This was solved long time ago, but the bug is back again?  Will solve this later, please try to change file name and try.

 

EDIT

 

Client plugin are updated to handle space in file name.

//Peter

 

that seemed to fix it , THANKS!  ;D

Share this post


Link to post

I have a quick question, is there any way to verify that all of my unraid traffic is going through the VPN both docker and Xen vm's? If I google "where am i" in my windows 8.1 vm it finds my exact location.

Share this post


Link to post

Does this plugin need to be updated for beta12?  I just tried installing the 64 bit server and the config page comes up blank.  Not sure if it's my issue or the plugins.  I installed from the web GUI and didn't see any errors.

Share this post


Link to post

Yes it will , I need to know first what have been done to the plugin manager ..... This Will take some time I'm afraid.......

Share this post


Link to post

The OpenVPN server plugin are now functional on beta 12!! Thanks to dmacias for your kind support!

 

 

The Server plugin will be modified to the new interface, but that I will do later... Ned to get Client working firstl!

 

 

//Peter

Share this post


Link to post

The OpenVPN server plugin are now functional on beta 12!! Thanks to dmacias for your kind support!

//Peter

 

I can confirm that the server is up and running on my beta12 box.  Thanks for the quick turnaround!

Share this post


Link to post

The OpenVPN client plugin are now functional on beta 12!! Thanks to dmacias for your kind support!

 

New links on first post for both Server & Client

Pleas try and give feedback whats needs to be improved....

 

 

 

//Peter

Share this post


Link to post

can't get the client to start getting this error

 

Dec 3 09:00:38 HOMESERVER sudo: root : TTY=unknown ; PWD=/boot/openvpn ; USER=root ; COMMAND=/bin/bash -c nohup /tmp/openvpn/openvpn.sh > /tmp/openvpn/openvpn.out /dev/null 2>&1 &

Dec 3 09:01:07 HOMESERVER sudo: root : TTY=unknown ; PWD=/boot/openvpn ; USER=root ; COMMAND=/bin/bash -c nohup /tmp/openvpn/openvpn.sh >

Share this post


Link to post

I can't get the route specific IP through Vpn to work. The IP's do not show up in the route list after connecting.

I can however get it to work if I add the route manually or add the specific IP's to the .ovpn file like this:

route IP-to-route 255.255.255.255

 

Shouldn't the IP's that I want to route show up under Extended routing IP?

Wouldn't it make more sense to show the wan IP that the specific IP's are routed through instead of the IP my router have?

 

I have checked that every config file is using unix format. Here is my config and logs:

 

Log

Wed Dec  3 17:40:25 2014 DEPRECATED OPTION: --tls-remote, please update your configuration
Wed Dec  3 17:40:25 2014 OpenVPN 2.3.2 x86_64-slackware-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [iPv6] built on Oct 12 2013
Wed Dec  3 17:40:25 2014 WARNING: file '/boot/config/plugins/openvpnclient/password.txt' is group or others accessible
Wed Dec  3 17:40:25 2014 Socket Buffers: R=[212992->131072] S=[212992->131072]
Wed Dec  3 17:40:25 2014 UDPv4 link local: [undef]
Wed Dec  3 17:40:25 2014 UDPv4 link remote: [AF_INET]138.199.67.165:443
Wed Dec  3 17:40:25 2014 TLS: Initial packet from [AF_INET]138.199.67.165:443, sid=b3347730 0c085c97
Wed Dec  3 17:40:25 2014 VERIFY OK: depth=1, /C=KY/ST=GrandCayman/L=GeorgeTown/O=GoldenFrog-Inc/CN=GoldenFrog-Inc_CA/emailAddress=admin@goldenfrog.com
Wed Dec  3 17:40:25 2014 VERIFY X509NAME OK: /C=KY/ST=GrandCayman/L=GeorgeTown/O=GoldenFrog-Inc/CN=no1.vpn.giganews.com/emailAddress=admin@goldenfrog.com
Wed Dec  3 17:40:25 2014 VERIFY OK: depth=0, /C=KY/ST=GrandCayman/L=GeorgeTown/O=GoldenFrog-Inc/CN=no1.vpn.giganews.com/emailAddress=admin@goldenfrog.com
Wed Dec  3 17:40:26 2014 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Dec  3 17:40:26 2014 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Dec  3 17:40:26 2014 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Dec  3 17:40:26 2014 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Dec  3 17:40:26 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Dec  3 17:40:26 2014 [no1.vpn.giganews.com] Peer Connection Initiated with [AF_INET]138.199.67.165:443
Wed Dec  3 17:40:28 2014 SENT CONTROL [no1.vpn.giganews.com]: 'PUSH_REQUEST' (status=1)
Wed Dec  3 17:40:28 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 138.199.67.53,dhcp-option DNS 138.199.67.54,explicit-exit-notify 5,rcvbuf 262144,route-gateway 10.79.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.79.0.117 255.255.0.0'
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: timers and/or timeouts modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: explicit notify parm(s) modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Wed Dec  3 17:40:28 2014 Socket Buffers: R=[131072->425984] S=[131072->131072]
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: --ifconfig/up options modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: route options modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: route-related options modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Dec  3 17:40:28 2014 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=br0 HWADDR=d0:50:99:26:ad:8a
Wed Dec  3 17:40:28 2014 TUN/TAP device tun5 opened
Wed Dec  3 17:40:28 2014 TUN/TAP TX queue length set to 100
Wed Dec  3 17:40:28 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Dec  3 17:40:28 2014 /usr/sbin/ip link set dev tun5 up mtu 1500
Wed Dec  3 17:40:28 2014 /usr/sbin/ip addr add dev tun5 10.79.0.117/16 broadcast 10.79.255.255
Wed Dec  3 17:40:28 2014 /usr/sbin/ip route add 138.199.67.165/32 via 192.168.1.1
Wed Dec  3 17:40:28 2014 /usr/sbin/ip route add 0.0.0.0/1 via 10.79.0.1
Wed Dec  3 17:40:28 2014 /usr/sbin/ip route add 128.0.0.0/1 via 10.79.0.1
Wed Dec  3 17:40:28 2014 Initialization Sequence Completed
Starting Routing...
216.196.109.144    >>>>>>>    news-europe.giganews.com
104.130.28.231    >>>>>>>    icanhazip.com
VPN Gateway: 
ip route add 216.196.109.0/24 via dev tun5
ip route add 104.130.28.0/24 via dev tun5

 

Route

default via 192.168.1.1 dev br0  metric 207 
10.79.0.0/16 dev tun5  proto kernel  scope link  src 10.79.0.117 
127.0.0.0/8 dev lo  scope link 
138.199.67.165 via 192.168.1.1 dev br0 
172.17.0.0/16 dev docker0  proto kernel  scope link  src 172.17.42.1 
192.168.1.0/24 dev br0  proto kernel  scope link  src 192.168.1.5 
192.168.1.0/24 dev br0  proto kernel  scope link  src 192.168.1.5  metric 207 
192.168.1.5 via 127.0.0.1 dev lo  metric 207 

 

Ovpn file

client
proto udp
dev tun5
remote no1.vpn.giganews.com 443
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
ca ca.vyprvpn.com.crt
tls-remote no1.vpn.giganews.com
comp-lzo
verb 3
auth SHA256
cipher AES-256-CBC
keysize 256
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA
auth-user-pass /boot/config/plugins/openvpnclient/password.txt
auth-nocache
status /tmp/openvpn/openvpn-status.log

 

webbadress.txt

news-europe.giganews.com
icanhazip.com

Share this post


Link to post

Hi,

 

First, I did this function with help from other resources that asked for this features, and If some one can highlight to me how to verify above issue and how to solve it I would be happy,  I'm far away an expert of routing.

 

Since I don't can't support these extra function to route traffic, I think to remove this from the plugin, and user hopefully can come up with a solution outside the plugin.

 

//Peter

 

 

Share this post


Link to post

Hi,

 

First, I did this function with help from other resources that asked for this features, and If some one can highlight to me how to verify above issue and how to solve it I would be happy,  I'm far away an expert of routing.

 

Since I don't can't support these extra function to route traffic, I think to remove this from the plugin, and user hopefully can come up with a solution outside the plugin.

 

//Peter

 

Is it possible to have a field for entering the web address or IP to route when selecting "Route only specific IP addresses"?

Then you only have to add this in the .ovpn config file for it to work:

route IP-to-route 255.255.255.255

It might also work to use the web address also, but I haven't tested that.

Share this post


Link to post

If that works , I can made your way instead, so much easier!

 

We can still have the web addresses in the file we have now.

 

Then get the IP from each address and loop trough them with command

 

route IP-to-route/24 255.255.255.255

 

 

Will these IP addresses going trough VPN or standard WAN IP ?

 

//Peter

 

Share this post


Link to post

You do not need the /24. The only thing that needs to be added to the .ovpn file is this

route ip-to-route 255.255.255.255

 

The IP addresses wil go through the vpn.

 

Just out of curiosity, how did you route the addresses in webbaddress.txt now?

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.