May 10, 20188 yr That may be better asked on the OpenVPN forums. We really just package the container.
May 13, 20188 yr Thank you for all the suggestions i managed to figure out what the problem was for whatever reason auto login needed to be enabled. as well as my local subnet being the issue they cant be identical in linux though this isnt a problem on windows . lastly having the (use this network only for its local resources) box enabled makes it not work (SOLVED)
May 15, 20188 yr On 5/10/2018 at 8:09 AM, Sinister said: I believe I already know which one your talking about and it' is enabled by default I just connected through my mobile device and I can access everything with no problem Has anyone had luck with this? Since the update my clients connect to OpenVPN-AS but I can't access any local devices. IE going to 192.168.1.1 just accesses the router at the remote site and not my router at home where UnRaid is. Similarly, I can't access the UnRaid WebUI.
May 15, 20188 yr 35 minutes ago, daniel329 said: Has anyone had luck with this? Since the update my clients connect to OpenVPN-AS but I can't access any local devices. IE going to 192.168.1.1 just accesses the router at the remote site and not my router at home where UnRaid is. Similarly, I can't access the UnRaid WebUI. Not sure what OS your running but if it is Windows then spaceinvader one tutorial works flawlessly. If its linux like my issue was then I'm no expert by any means but I can tell you what worked in my specific case
May 16, 20188 yr 1 hour ago, daniel329 said: going to 192.168.1.1 just accesses the router at the remote site and not my router at home That is a different issue. You need to make sure your home environment is a unique subnet so you won't have that type of collision. Use something unique like 192.168.210.X on your home network, that way no matter what remote network you access it from, the IP's will be unique. There are ways to work around it, but changing your home network subnet is the easiest foolproof method.
June 1, 20188 yr Hey all. Installed the Docker and was following Space invader's video but after disabling the admin user account and creating another account I've locked myself out of the openVPN webUI. I removed the docker and reinstalled but to no avail. Now the new docker install wont accept the default (admin/password). any idea how i can truly clear all settings on the docker and start with all default configs?
June 13, 20188 yr On the unraid docker I have tried to login to the admin ui with admin/openvpn with no luck as it shows in the wiki. Whats the default password? It doesnt state it in the directions or any of the settings boxes on the unraid plugin setup.
June 13, 20188 yr 15 minutes ago, WarDave said: On the unraid docker I have tried to login to the admin ui with admin/openvpn with no luck as it shows in the wiki. Whats the default password? It doesnt state it in the directions or any of the settings boxes on the unraid plugin setup. What wiki? Did you look at any of the documentation linked in the first post of this thread? See the docker hub or github links
June 13, 20188 yr 26 minutes ago, trurl said: What wiki? Did you look at any of the documentation linked in the first post of this thread? See the docker hub or github links Yes but for example Docker Hub: https://hub.docker.com/r/linuxserver/openvpn-as/ shows a setup guide nothing like it is for unraid, for example Usage docker create \ --name=openvpn-as \ -v <path to data>:/config \ -e PGID=<gid> -e PUID=<uid> \ -e TZ=<timezone> \ -e INTERFACE=<interface> \ --net=host --privileged \ linuxserver/openvpn-as You dont have to do this to set it up on unraid and none of the boxes to configure it shows a password box so you can edit the default one or the txt at the top doesnt show what its set to. Edited June 13, 20188 yr by WarDave
June 13, 20188 yr 10 hours ago, WarDave said: Yes but for example Docker Hub: https://hub.docker.com/r/linuxserver/openvpn-as/ shows a setup guide nothing like it is for unraid, for example Usage docker create \ --name=openvpn-as \ -v <path to data>:/config \ -e PGID=<gid> -e PUID=<uid> \ -e TZ=<timezone> \ -e INTERFACE=<interface> \ --net=host --privileged \ linuxserver/openvpn-as You dont have to do this to set it up on unraid and none of the boxes to configure it shows a password box so you can edit the default one or the txt at the top doesnt show what its set to. The page you linked to tells you what the default user pass are.
June 13, 20188 yr On 10/7/2015 at 2:06 AM, linuxserver.io said: Application Name: OpenVPN-AS Application Site: https://openvpn.net/index.php/access-server/overview.html Docker Hub: https://hub.docker.com/r/linuxserver/openvpn-as/ Github: https://github.com/linuxserver/docker-openvpnas Please post any questions/issues relating to this docker you have in this thread. If you are not using Unraid (and you should be!) then please do not post here, rather use the linuxserver.io forum for support. For upgrading from 2.1.9 to 2.1.12 you may need to follow the directions in this post https://forums.lime-technology.com/topic/41631-support-linuxserverio-openvpn-as/?do=findComment&comment=598988 Installed but when i click the webUI it says the below. This site can’t be reached 192.168.0.120 refused to connect.
June 13, 20188 yr 40 minutes ago, ThePhotraveller said: Installed but when i click the webUI it says the below. This site can’t be reached 192.168.0.120 refused to connect. You may have to set the interface correctly
June 13, 20188 yr Just now, aptalca said: You may have to set the interface correctly some technical info would help me. How to do that correctly?
June 13, 20188 yr hi, thank for the docker first of all. I installed via spaceinvaders youtube video so i did exactly like on the video however i cant connect. from my phone keeps giving reconnecting. what can be the issue? tia
June 28, 20188 yr Has anyone successfully got their OpenVPN-AS Docker running on network type br0 with it's own IP? Still struggling to get my clients communicating properly and I don't want to switch back to a full VM if I don't have to.
July 2, 20188 yr I have been running this OpenVPN container without issues for a few months now. Once I realized the option for assigning containers their own IP address was available in Unraid, I assigned most of my containers static IPs in their settings so I could use my router software to track bandwidth usage. I did not reassign the OpenVPN container and left it running on the same IP as Unraid. Internally, everything is fine. But when I connect via OpenVPN, I cannot get to any container that has it's own IP address. I am able to reach the Unraid webgui and any container still running off of the Unraid IP address. I am able to get to any other resources on the network with other PCs, web sites not on Unraid, etc. The static IPs are on the same internal subnet, 192.168.1.0/24. In searching for information, I came upon this old reddit thread where the top response says "Using custom IP's (macvlan) isolates you from the host, can't remember if it also isolates you from other containers.". Is this correct, and if so, is there any way around it or do I have to reassign the containers back to using the Unraid IP if I want to access them via OpenVPN? Edited July 2, 20188 yr by Lo Key
July 2, 20188 yr 3 hours ago, Lo Key said: I have been running this OpenVPN container without issues for a few months now. Once I realized the option for assigning containers their own IP address was available in Unraid, I assigned most of my containers static IPs in their settings so I could use my router software to track bandwidth usage. I did not reassign the OpenVPN container and left it running on the same IP as Unraid. Internally, everything is fine. But when I connect via OpenVPN, I cannot get to any container that has it's own IP address. I am able to reach the Unraid webgui and any container still running off of the Unraid IP address. I am able to get to any other resources on the network with other PCs, web sites not on Unraid, etc. The static IPs are on the same internal subnet, 192.168.1.0/24. In searching for information, I came upon this old reddit thread where the top response says "Using custom IP's (macvlan) isolates you from the host, can't remember if it also isolates you from other containers.". Is this correct, and if so, is there any way around it or do I have to reassign the containers back to using the Unraid IP if I want to access them via OpenVPN? That is correct and it is a limitation (security feature) of macvlan. There was another user here who tried to put openvpn on macvlan as well but still couldn't access the containers. Question though, why do you want every container to have their own ip? Most of them only need one port to interface through. Why not just map a port on the host?
July 2, 20188 yr 6 minutes ago, aptalca said: That is correct and it is a limitation (security feature) of macvlan. There was another user here who tried to put openvpn on macvlan as well but still couldn't access the containers. Question though, why do you want every container to have their own ip? Most of them only need one port to interface through. Why not just map a port on the host? You may have been referring to me. I'm having this issue. It is expected behavior. dockers with their own IP will be able to talk to each other but not other docker containers with host IP by design. I have moved my OpenVPN docker to its own IP as well, but I'm struggling to get the VPN connected clients to talk to anything other than the br0 containers in this scenario. As for why we want them on their own IP, well for me I have a few services that run the same port and I prefer to not redirect the port to something else. And if you even have 1 docker container using its own IP your VPN connected clients cant talk to them when running as a docker. Kind of the point of a VPN server. Unfortunately my search thus far has been fruitless and I may have to go back to OpenVPN as a VM instead of a docker container.
July 3, 20188 yr There are at least two ways around this depending on your server hardware. (fully supported) Best solution: at least 2 network interfaces. Do not bond the interfaces. Do not assign an IP to the 2nd interface (eth1/br1) Delete the docker custom network on eth0/br0 Setup the docker custom network on eth1/br1 Move all containers there. Done - you've side stepped the security feature/limitation ov mcvlan networks Alternate solution: have VLAN support on your network Create a VLAN subinterface (eth0.1/br0.1) Do not assign an IP to the VLAN subinterface Create a docker custom network on it Move containers there Done - you've side stepped the security feature/limitation ov mcvlan networks Alternate solution (not sure if supported by the GUI) in the go file, add code to create a macvlan subinterface (mac0) remove unRAID IP from eth0/br0 assign unRAID IP to macvlan subinterface (reset network gateway) Done - unRAID should be able to use the macvlan subinterface to work as if nothing has changed. conainters on docker custom networks should be able to talk to unRAID via the macvlan subinterface which does no trigger the security feature limitation.
July 3, 20188 yr Thank you ken-ji. Luckily enough, I am running Unraid on a server motherboard with dual NICs onboard. I'll try your best solution and report back in a few days.
July 3, 20188 yr @ken-ji it worked! Thank you so much! With everything moved over, I'm now able to get to any docker with an assigned static IP over OpenVPN. I had not managed anything with docker from the command line before this. So, in case anyone else was like me and wants to do this, here were the commands I used in the console for the steps "Delete the docker custom network on eth0/br0" and "Setup the docker custom network on eth1/br1" after I had broken the bond on the interfaces in network settings: docker network ls (this will list out what docker networks are available) NETWORK ID NAME DRIVER SCOPE c152fe231096 br0 macvlan local 2077b50fac9e bridge bridge local c73f55312022 host host local e219d9bf945e none null local docker network rm br0 (this will delete the br0 network used by docker when static ips are applied - be sure you're ready to do this) docker network create -d macvlan --subnet=192.168.1.0/24 --gateway=192.168.1.1 -o parent=eth1 docker (creates the new network and names it "docker". Name it what you want. Make sure the network settings match your own local network if you're keeping them all on the same subnet.) Then, go into Docker and move each container onto the new network.
July 3, 20188 yr I am trying to use the letsencrypt certbot docker (https://lime-technology.com/forums/topic/51808-support-linuxserverio-letsencrypt-nginx/) to create/update the web server certificate for the openvpn-as docker. I mounted the directory containing the certificates in this docker, but when I try to use the command line to set the certificates for openvpn, I get an error. root@3d57a74c7d35:/usr/local/openvpn_as/scripts# ./sacli --key "cs.priv_key" --value_file "{PRIV_KEY_LOCATION}" ConfigPut ERROR: [Errno 2] No such file or directory: '{PRIV_KEY_LOCATION}': util/options:79,sagent/sacli:808,util/simplefile:28,util/simplefile:20 (exceptions.IOError) Are there any instructions on how to update the web server certificate automatically? Or can anyone tell me what is going wrong?
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.