WexfordStyle Posted October 5, 2017 Share Posted October 5, 2017 On 9/30/2017 at 3:51 AM, CHBMB said: It does for the most part. What is the ip address of your Unraid server? The ip address of my unraid server is 192.168.2.134 Quote Link to comment
DaLeberkasPepi Posted October 13, 2017 Share Posted October 13, 2017 (edited) I've got a problem when i try to start the webserver. I always get this error message: process started and then immediately exited: ['Fri Oct 13 23:59:16 2017 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)'] service failed to start or returned error status my docker run command is this: /plugins/dynamix.docker.manager/scripts/docker create --name="openvpn-as" --net="host" --privileged="true" -e TZ="Europe/Berlin" -e HOST_OS="unRAID" -e "TCP_PORT_943"="943" -e "TCP_PORT_9443"="9443" -e "UDP_PORT_1194"="1194" -e "INTERFACE"="bond0" -e "PGID"="100" -e "PUID"="99" -v "/mnt/cache/appdata/openvpn-as":"/config":rw --cpuset-cpus=0-4,8-12 linuxserver/openvpn-as i tried multiple times reinstalling the docker with removing the config folder and also removing the docker with all their images without success. I hope someone can help me with this. EDIT: a simple restart of the server fixed the problem.... Edited October 15, 2017 by DaLeberkasPepi Quote Link to comment
pipo90 Posted October 16, 2017 Share Posted October 16, 2017 Hey guys, I have successfully set everything up and it works perfectly. SSL and all. However, when a user connects and clicks "more details..." when asked "Allow VPN connection to...", the info presents the whole config file - something that doesnt feel right. Even the SSL information is there in plain sight. Is that normal? Can one edit the data that is shown in this "More information..." thing? If so, how ? I appreciate any help ! Quote Link to comment
puma1824 Posted October 19, 2017 Share Posted October 19, 2017 So far I have this OpenVPN docker working great with both my laptop and phone. How do I upgrade the docker to the latest version of OpenVPN? Thanks Quote Link to comment
wgstarks Posted October 19, 2017 Share Posted October 19, 2017 23 minutes ago, puma1824 said: So far I have this OpenVPN docker working great with both my laptop and phone. How do I upgrade the docker to the latest version of OpenVPN? Thanks Restart the docker and it will pull the latest version. Quote Link to comment
wirenut Posted October 27, 2017 Share Posted October 27, 2017 (edited) i received unraid notification email of an update to the container from overnight. container auto update enabled in unraid. now i cannot connect from phone app or work computer. log just keeps repeating TLS Error: cannot locate HMAC in incoming packet from [AF_INET]XX.XXX.XXX.XXX:1194 I tried restarting container, did not change. Is there something I need to change on my end as a result of the container update? Edited October 27, 2017 by wirenut Quote Link to comment
wgstarks Posted October 27, 2017 Share Posted October 27, 2017 Looks like I’m having the same issue. Quote Link to comment
MowMdown Posted October 27, 2017 Share Posted October 27, 2017 (edited) 3 hours ago, wirenut said: i received unraid notification email of an update to the container from overnight. container auto update enabled in unraid. now i cannot connect from phone app or work computer. log just keeps repeating TLS Error: cannot locate HMAC in incoming packet from [AF_INET]XX.XXX.XXX.XXX:1194 I tried restarting container, did not change. Is there something I need to change on my end as a result of the container update? 2 hours ago, wgstarks said: Looks like I’m having the same issue. Same issue as well version went from 2.1.9 to 2.1.12 maybe we need to wait for the client app to be updated? Edited October 27, 2017 by MowMdown Quote Link to comment
wgstarks Posted October 27, 2017 Share Posted October 27, 2017 56 minutes ago, MowMdown said: Same issue as well version went from 2.1.9 to 2.1.12 maybe we need to wait for the client app to be updated? No updates available yet but who knows what’s coming down the pipe. I posted about this issue in the openvpn forum. If I get an answer there I’ll forward it along. Quote Link to comment
wgstarks Posted October 27, 2017 Share Posted October 27, 2017 6 hours ago, wirenut said: i received unraid notification email of an update to the container from overnight. container auto update enabled in unraid. now i cannot connect from phone app or work computer. log just keeps repeating TLS Error: cannot locate HMAC in incoming packet from [AF_INET]XX.XXX.XXX.XXX:1194 I tried restarting container, did not change. Is there something I need to change on my end as a result of the container update? 2 hours ago, MowMdown said: Same issue as well version went from 2.1.9 to 2.1.12 maybe we need to wait for the client app to be updated? From OpenVPN Support- In Safari, go to the client web service - https://vpnurl here:943Login and then click on your profile download at the bottom of that page, then choose Open in OpenVPN. You might just need a new profile due to changes in the default TLS settings of the new version. I’m mobile today so I can’t check this since I’d have to do it from my local network. Maybe one of y’all can test it? Quote Link to comment
MowMdown Posted October 27, 2017 Share Posted October 27, 2017 43 minutes ago, wgstarks said: From OpenVPN Support- I’m mobile today so I can’t check this since I’d have to do it from my local network. Maybe one of y’all can test it? I did generate a new openvpn "Client.ovpn" profile and that didn't work. Quote Link to comment
wirenut Posted October 27, 2017 Share Posted October 27, 2017 Same here, didnt work Quote Link to comment
wgstarks Posted October 28, 2017 Share Posted October 28, 2017 (edited) On 10/27/2017 at 4:00 PM, MowMdown said: I did generate a new openvpn "Client.ovpn" profile and that didn't work. On 10/27/2017 at 4:03 PM, wirenut said: Same here, didnt work Ok. New reply from OpenVPN-AS support- It looks like the upgrade procedure you followed broke the database. Try the following to reset the TLS settings: Go to Advanced VPN in the Admin UI. Disable the "Enable TLS authentication" option. Save settings. Update running servers. Enable the "Enable TLS authentication" option. Save settings. Update running servers. Now try again. This fixed the problem for me. @linuxserver.io Looks like updating the docker caused an incompatibility of the local database??? Edited October 30, 2017 by wgstarks 1 3 Quote Link to comment
MowMdown Posted October 28, 2017 Share Posted October 28, 2017 2 hours ago, wgstarks said: Ok. New reply from OpenVPN-AS support- It looks like the upgrade procedure you followed broke the database. Try the following to reset the TLS settings: Go to Advanced VPN in the Admin UI. Disable the "Enable TLS authentication" option. Save settings. Update running servers. Enable the "Enable TLS authentication" option. Save settings. Update running servers. Now try again. This fixed the problem for me. @linuxserver.io Looks like updating the docker caused a corruption of the local database??? Worked for me, thanks! Quote Link to comment
wirenut Posted October 28, 2017 Share Posted October 28, 2017 Worked for me, thanks!Yes. Worked for me also. Thank you!Sent from my HTC One M9 using Tapatalk Quote Link to comment
SCSI Posted October 28, 2017 Share Posted October 28, 2017 Thanks for the fix. All working now after the update. Quote Link to comment
wgstarks Posted October 29, 2017 Share Posted October 29, 2017 (edited) @linuxserver.io @CHBMB @sparklyballs After being questioned by OpenVPN tech support regarding the process I used to update OpenVPN-AS to the current version I informed them that I was running the server in a docker and that I had just updated the docker to install the updated application. I received this reply from OpenVPN-AS tech support- Quote Hello Walter,That explains it. When the OpenVPN Access Server is updated with the installer package, it automatically makes corrections to the database to make it function on the new version. Simply yanking the databases out and putting it into a new version of Access Server will not take these steps.In the future, this update process you have used can lead to a recurrence of problems. The recommended upgrade step is to update the package itself so that it can do its job. You are fortunate that I happen to know that that particular setting is what has been altered between 2.1.9 and 2.1.12 and was at the root of your problem. For future problems, we might not be able to provide such manual repair instructions.This page shows you the instructions to do an in-place upgrade of Access Server:https://docs.openvpn.net/configuration/keeping-openvpn-access-server-updated/I think that you should be able to devise a means of upgrading now that will ensure the program has a chance to update your database before you do the docker replacement method.I trust I have provided you with the information you were looking for. In order to keep our support system clean I will now close this support ticket. Of course, if you still have questions regarding this issue you may reopen this ticket at your convenience.Kind regards,Johan DraaismaOpenVPN Technologies, Inc. I haven’t had a chance to completely review all the info they sent me, but it looks like future updates to the application may need to be applied within the application rather than pushing out an updated container??? Not quite sure if the exact process yet though? Edited October 29, 2017 by wgstarks Quote Link to comment
sparklyballs Posted October 29, 2017 Share Posted October 29, 2017 On 28/10/2017 at 3:12 PM, wgstarks said: Ok. New reply from OpenVPN-AS support- It looks like the upgrade procedure you followed broke the database. Try the following to reset the TLS settings: Go to Advanced VPN in the Admin UI. Disable the "Enable TLS authentication" option. Save settings. Update running servers. Enable the "Enable TLS authentication" option. Save settings. Update running servers. Now try again. This fixed the problem for me. @linuxserver.io Looks like updating the docker caused a corruption of the local database??? I'm not certain that the update "corrupted" anything at all as to my knowledge this is the first time an update of the application has resulted in such a situation I'd rather say it was a compatibility issue between versions that lead to a "broken" database Gonna cite this post in the OP though Quote Link to comment
wgstarks Posted October 29, 2017 Share Posted October 29, 2017 17 minutes ago, sparklyballs said: I'm not certain that the update "corrupted" anything at all as to my knowledge this is the first time an update of the application has resulted in such a situation I'd rather say it was a compatibility issue between versions that lead to a "broken" database Gonna cite this post in the OP though I agree, “corrupt” isn’t correct. The update required a modification of the database which didn’t occur when just pulling an updated docker. Will updates work using the method recommended by tech support in a docker exec command? Not quite sure what the correct procedure should be. Quote Link to comment
aptalca Posted October 29, 2017 Share Posted October 29, 2017 I think the way they handle database changes is not optimal. The app itself should update the database (through proper versioning), not the installer. What if someone were to restore an older database that was backed up a few versions ago, do they have to install that old version and update through the installer? Quote Link to comment
wgstarks Posted October 30, 2017 Share Posted October 30, 2017 4 minutes ago, realies said: OpenVPN Connect times out after the latest update; output of Tunnelblick: Scroll up a little. Should fix your problem. If not, post back. https://forums.lime-technology.com/topic/41631-support-linuxserverio-openvpn-as/?do=findComment&comment=598988 Quote Link to comment
wgstarks Posted October 30, 2017 Share Posted October 30, 2017 2 hours ago, aptalca said: I think the way they handle database changes is not optimal. The app itself should update the database (through proper versioning), not the installer. What if someone were to restore an older database that was backed up a few versions ago, do they have to install that old version and update through the installer? I'm not even sure exactly how to create the backup? Tried using the docs supplied by tech support but I just get a segfault. root@Brunnhilde:/mnt/cache/appdata/openvpn-as# ./bin/sqlite3 ./etc/db/config.db .dump > ./config.db.bak Segmentation fault Quote Link to comment
wgstarks Posted October 30, 2017 Share Posted October 30, 2017 After receiving the info from tech support regarding updating the app from within the docker container I've been trying to work out the docker commands required to download and install the update inside the docker. Figured if I could figure out how to create the backup files they recommend that would be a good start. I believe I have finally worked that out but I keep getting a segfault error. root@Brunnhilde:~# docker exec openvpn-as /bin/bash -c 'cd /config && ./bin/sqlite3 ./etc/db/config.db .dump > ./config.db.bak' /bin/bash: line 1: 435 Segmentation fault ./bin/sqlite3 ./etc/db/config.db .dump > ./config.db.bak I'm not positive, but after googling I think this is related to the permissions set on the openvpn appdata folder- root@Brunnhilde:~# cd /mnt/cache/appdata/openvpn-as root@Brunnhilde:/mnt/cache/appdata/openvpn-as# ls -al total 84 drwxr-xr-x 10 nobody users 174 Oct 30 18:48 ./ drwxrwxrwx 13 nobody users 258 Oct 30 03:00 ../ drwxr-xr-x 2 nobody users 70 Oct 27 18:17 bin/ -rw-r--r-- 1 root root 0 Oct 30 18:48 config.db.bak drwxr-xr-x 5 nobody users 161 Oct 27 18:16 doc/ drwxr-xr-x 9 nobody users 233 Oct 27 18:17 etc/ -rw-r--r-- 1 nobody users 448 Aug 30 17:34 exports drwxr-xr-x 3 nobody users 23 Oct 27 18:16 include/ -rw-r--r-- 1 nobody users 10898 Oct 27 18:17 init.log drwxr-xr-x 6 nobody users 4096 Oct 27 18:16 lib/ -rw-r--r-- 1 nobody users 54308 Oct 27 18:16 license.txt drwxr-xr-x 2 nobody users 4096 Oct 28 09:57 log/ drwxr-xr-x 2 nobody users 79 Oct 27 18:16 sbin/ drwxr-xr-x 2 nobody users 4096 Oct 27 18:17 scripts/ I know these permissions aren't the same as any of the other docker appdata folders I have installed, but that doesn't mean they aren't correct. Should I run "New Permissions" on this folder? Or maybe I'm using the wrong command completely and should be using something else? Quote Link to comment
puncho Posted October 31, 2017 Share Posted October 31, 2017 I followed space invader's tutorial, tested it and it works if I use the user 'admin'. I tried to set up another user but was unable to log on, says login failed? I created the user/password by telneting into the docker as shown in the video. Also, since I only have the DDNS (xxxxxx.duckdns.org), does that mean I can't make use of the SSL certificate? Is it less secure then/what other downsides are there? Thanks Quote Link to comment
puma1824 Posted October 31, 2017 Share Posted October 31, 2017 4 hours ago, puncho said: I followed space invader's tutorial, tested it and it works if I use the user 'admin'. I tried to set up another user but was unable to log on, says login failed? I created the user/password by telneting into the docker as shown in the video. Also, since I only have the DDNS (xxxxxx.duckdns.org), does that mean I can't make use of the SSL certificate? Is it less secure then/what other downsides are there? Thanks 1 Yeah, I followed his directions prior the upgrade and all WAS good. After the upgrade couldn't get the 2nd user setup like you when I tried to re-setup. Ad for using duckdns, maybe you can use the other authentication methods by temporarily setting up a ftp / web site to register for a cert. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.