Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Linuxserver.io - OpenVPN AS

Featured Replies

No nano inside openvpn container.
 
He needs to edit it on unraid directly via "nano /mnt/user/appdata/openvpn-as/etc/as.conf"
I wondered that, but thought it was worth a try as I couldn't see what his appdata path was on mobile.

aptalca, worth us putting nano in and then documenting it on the readme? That way avoids SMB permission issues like this? Wouldn't add much to the container size. Just a thought.



Sent from my Mi A1 using Tapatalk

  • Replies 2k
  • Views 462.6k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • SpaceInvaderOne
    SpaceInvaderOne

    I have made un updated video guide for setting up this great container. It covers setting up the container, port forwarding and setting up clients on Windows, macOS Linux (ubuntu Mate) and on cel

  • PSA. It seems openvpn pushed another broken bin, tagged 2.7.3 I get the same error with it as I did with the previously pulled 2.7.2   While they/us try to figure it out, you can change

  • Stupifier
    Stupifier

    Ok, I used to be able to connect to Host network with this before the update....that allowed me to be assigned an IP on my WiFi subnet, which then allowed me to access the UnRAID GUI interface.  

Posted Images

37 minutes ago, aptalca said:

No nano inside openvpn container.

 

He needs to edit it on unraid directly via "nano /mnt/user/appdata/openvpn-as/etc/as.conf"

Tnx. I sucess edit this conf. Everything now is ok, but i force update again can't connect to WEB UI. Is this normal? Can I normally update version of openvpn when it comes up.

7 hours ago, sauso said:

Hi Guys,

 

So i had OpenVPN running smoothly until last nights update. (Have auto updating turned on).  When i tried to connect this morning it wouldn't connect.  Checked my openvpn-as appdata share and most of the contents were missing.  Not a big deal.  Just created from scratch and had the config back working about 10 mins later.

 

My problem is that now i can't connect on UDP (port 1194).  Port is still forwarded to the container it just won't connect.  I tried changing it to TCP (Port 9443, Opened it on my router) and it worked first time.  I just can't for the life of me figure out why this bugger won't connect on UDP any more.

 

Anyone else had a similar experience?

 

Below are my port mappings,  Using Bridged as my networking option.

 

172.17.0.10:1194/UDP-192.168.0.18:1194
172.17.0.10:943/TCP-192.168.0.18:943
172.17.0.10:9443/TCP-192.168.0.18:9443

Did you forward the udp port on your router as udp?

6 hours ago, Kristijan said:

Tnx. I sucess edit this conf. Everything now is ok, but i force update again can't connect to WEB UI. Is this normal? Can I normally update version of openvpn when it comes up.

Your previous logs showed a lot of weird errors.

 

Post a new log with your new config

1 hour ago, aptalca said:

Your previous logs showed a lot of weird errors.

 

Post a new log with your new config

Now is ok, but i dont run force update, after this i can't connect to WEB UI and I must remove docker, delete open vpn folder in appdata, and start installation again.

 

 

5.PNG

Hmm, I went ahead and updated to the latest version and I can't connect to the VPN or the WebUI page now.  It worked fine with the workaround posted earlier (forcing it to an earlier version), but not anymore.openvpndocker.thumb.PNG.b8dbb67b889be7e004eef57c9698f404.PNG

 

I also don't see any errors in the log.

 

openvpndockerlog.PNG

 

Also, as a side note, if you try to go back to the previous version, it will tell you the command failed and create an orphaned image.  I had to remove all orphaned containers, then go to CA and re-add the docker container.  Luckily nothing happened to my settings and it all works now pointing to the older version.

Edited by Coolsaber57
1 more issue.

3 hours ago, aptalca said:

Did you forward the udp port on your router as udp?

yep, nothing changed.  Port was forwarded and it was working fine before the update.  If i nmap the udp port from my local PC to the server it is showing as closed.

 

 

Capture.JPG

yep, nothing changed.  Port was forwarded and it was working fine before the update.  If i nmap the udp port from my local PC to the server it is showing as closed.
 
 
Capture.JPG.c945501555e6695d6431ffbfff6d0226.JPG


What’s your run command Sauso?
If you run in bridge mode with privileged=off, you also need --cap-add=NET_ADMIN
This was missing for me, probably because I’ve just been updating without problems for a long time and am using a very old template. It was causing all sorts of problems until I fixed it.
Just a thought, might not be your problem.


Sent from my iPhone using Tapatalk
2 hours ago, Coolsaber57 said:

Hmm, I went ahead and updated to the latest version and I can't connect to the VPN or the WebUI page now.  It worked fine with the workaround posted earlier (forcing it to an earlier version), but not anymore.openvpndocker.thumb.PNG.b8dbb67b889be7e004eef57c9698f404.PNG

 

I also don't see any errors in the log.

 

openvpndockerlog.PNG

 

Also, as a side note, if you try to go back to the previous version, it will tell you the command failed and create an orphaned image.  I had to remove all orphaned containers, then go to CA and re-add the docker container.  Luckily nothing happened to my settings and it all works now pointing to the older version.

 

Change it to bridge network as in the Readme and posted many times recently. 

I was also having problems getting openvpn-as back up and going. 

 

Tonight I made sure everything was completely deleted and the I download the linuxserver version using the Apps tab.  This way it wouldn't be using any of the settings that I might have in my personal dockers (I don't know if this part really mattered though).

image.thumb.png.1d8f95225e2bfaf582cb67060238c2a9.png

After I first ran the docker I saw these errors in my log file:

image.thumb.png.46c12cd3cc160eb90b81359da3816960.png

...

image.thumb.png.8857bec757b81365120f532db9836145.png

 

But after that the web UI was working again.  I stopped and started the docker and everything seemed to come back fixed:

image.png.afc782879e4c61269190d8f7b895201a.png

 

The last part I had difficulty with was figuring out where I could download the connection profile.  I finally found that if I changed "https://###.###.###.###:943/admin/" to be "https://###.###.###.###:943/?src=connect", I was able to download what I needed.  I'm sure there is an easier way but this did seem to work.

 

Everything seems to be back in order!  Sorry for such a long post, but I thought it might be helpful to see what I saw.

14 minutes ago, scott47 said:

I was also having problems getting openvpn-as back up and going. 

 

Tonight I made sure everything was completely deleted and the I download the linuxserver version using the Apps tab.  This way it wouldn't be using any of the settings that I might have in my personal dockers (I don't know if this part really mattered though).

image.thumb.png.1d8f95225e2bfaf582cb67060238c2a9.pngimageproxy.php?img=&key=00b562fcac28e727

After I first ran the docker I saw these errors in my log file:

imageproxy.php?img=&key=00b562fcac28e727image.thumb.png.46c12cd3cc160eb90b81359da3816960.png

...

image.thumb.png.8857bec757b81365120f532db9836145.png

 

But after that the web UI was working again.  I stopped and started the docker and everything seemed to come back fixed:

image.png.afc782879e4c61269190d8f7b895201a.png

 

The last part I had difficulty with was figuring out where I could download the connection profile.  I finally found that if I changed "https://###.###.###.###:943/admin/" to be "https://###.###.###.###:943/?src=connect", I was able to download what I needed.  I'm sure there is an easier way but this did seem to work.

 

Everything seems to be back in order!  Sorry for such a long post, but I thought it might be helpful to see what I saw.

Those errors are harmless. The openvpn package is trying to start itself via systemd after install and also after init and it's failing because there is no systemd service inside the container. We manage it with s6, so you can ignore those errors.

Client/admin web pages are managed through the admin gui. By default both are served over port 943, where the naked url gets you the client ui and the /admin subfolder gets you the admin interface. They are all openvpn-as standard behavior.

12 hours ago, Jorgen said:

 


What’s your run command Sauso?
If you run in bridge mode with privileged=off, you also need --cap-add=NET_ADMIN
This was missing for me, probably because I’ve just been updating without problems for a long time and am using a very old template. It was causing all sorts of problems until I fixed it.
Just a thought, might not be your problem.


Sent from my iPhone using Tapatalk

 

Hey Jorgen,

 

Below is my docker run.  It already has NET_ADMIN in it so i'm at a loss.  

 

docker run -d --name='openvpn-as' --net='bridge' -e TZ="Australia/Sydney" -e HOST_OS="Unraid" -e 'PGID'='100' -e 'PUID'='99' -p '943:943/tcp' -p '9443:9443/tcp' -p '1194:1194/udp' -v '/mnt/user/appdata/openvpn-as':'/config':'rw' --cap-add=NET_ADMIN 'linuxserver/openvpn-as'

 

This is where is gets really bizarre.  If if terminal into my unraid box and run  an nmap to the container the port is open.   I can even connect to localhost, the IP of my unraid box and the ip of the container all successfully.  But as soon as i try from another device it shows as blocked.

 

Anyone else have any ideas?

Capture.JPG

 

***EDIT***

Still scratching my head so i decided to setup the openvpn appliance.  changed my port forward to the new appliance and it worked first time.

 

Could it be my Unraid server blocking the connection??

 

**FINAL EDIT**

So i'm a muppet.  Something funky must have been going on in my Unraid box.  Restarted it and it came good straight away...  I forgot rule 1 of tech support.  Have you tried turning it off and on again....

Edited by sauso
update

I'm finally getting around to fixing openvpn-as, and it looks like I'm a few weeks behind all the threads. My openvpn-as stopped connecting, can't get to web-ui either. I deleted the docker, image, and appdata. The new settings don't match what Spacedinvader's video has, there's no INTERFACE section. A bunch of the defaults that come up are not the same.

 

When I just do the best I can in there, and hit Apply, still no web-gui. I see that some folks posted

docker pull linuxserver/openvpn-as:2.6.1-ls11

But I can't get this command to work in either the Main ">_", or in the docker Console >_

docker pull

does return a message, so there is a "docker" command in the Main console, but it gets confused when I put the rest of the "linuxserver/openvpn-as:2.6.1-ls11" on the line, also with "double quotes".

 

I tried installing the docker, then updating the Repository in the Docker template to "linuxserver/openvpn-as:2.6.1-ls11" but I still don't get any of the correct fields.

 

Would someone spell out the steps for rolling this back correctly to make it work for the interim? Including turning off auto-update to keep it from breaking automatically during the next update?

 

whuffie in advance.

 

xzSomEom.png

 

Edited by dkerlee

8 hours ago, dkerlee said:

I'm finally getting around to fixing openvpn-as, and it looks like I'm a few weeks behind all the threads. My openvpn-as stopped connecting, can't get to web-ui either. I deleted the docker, image, and appdata. The new settings don't match what Spacedinvader's video has, there's no INTERFACE section. A bunch of the defaults that come up are not the same.

 

When I just do the best I can in there, and hit Apply, still no web-gui. I see that some folks posted


docker pull linuxserver/openvpn-as:2.6.1-ls11

But I can't get this command to work in either the Main ">_", or in the docker Console >_


docker pull

does return a message, so there is a "docker" command in the Main console, but it gets confused when I put the rest of the "linuxserver/openvpn-as:2.6.1-ls11" on the line, also with "double quotes".

 

I tried installing the docker, then updating the Repository in the Docker template to "linuxserver/openvpn-as:2.6.1-ls11" but I still don't get any of the correct fields.

 

Would someone spell out the steps for rolling this back correctly to make it work for the interim? Including turning off auto-update to keep it from breaking automatically during the next update?

 

whuffie in advance.

openvpn settings.png

So basically you did everything but read the official documentation?

 

See here for the most accurate info: https://hub.docker.com/r/linuxserver/openvpn-as

 

Or here: https://github.com/linuxserver/docker-openvpn-as

 

You may have missed the cap add statement.

 

If it still doesn't work after that, check the logs (both the docker log and the log folder under config folder)

@aptalca you are exactly right, I'm guilty of RTFM no doubt. I did try and read it, but it was beyond me.

 

[SOLVED]

I got the regular docker template, and made some changes/additions.

Repository: "linuxserver/openvpn-as:2.6.1-ls11"

Network type: Host

Privileged: ON

and had to add a couple VARIABLES, I think: INTERFACE, and one of the PGID or PUID variables too.

 

Once I muddled through those bits, it came back up. It did take a minute or two. It was tripping over something initially (something about finding an old configuration, and I should run command DELETE), but I didn't do anything, and it came up. I don't see any errors in the logs any longer.

 

Weird that I had to make additions and changes to the template. Last time, it was only a couple changes that @SpaceInvaderOne made in his video. But it's a little old now, 12/2017.

 

v19Qpedm.png

 

Edited by dkerlee

On 4/6/2019 at 9:46 AM, aptalca said:

Alright ladies and gents, the rewrite for openvpn has been pushed to master and there is a new build on docker hub. You should be able to return to linuxserver/openvpn-as or update to 2.7.3 safely

 

Thank You!  Updating to 2.73 using master repository worked for me after switching Network Type to bridge mode

  • 2 weeks later...

I have been messing about for about 5 days trying to get this to work but finally I have it sorted (using bridging only). Because port udp 1194 is already in use on my system I have been mapping to a different external port. But after downloading the ovpn file for the client I was constantly getting the server poll time out.

 

What I have found seems to indicate the connection file you download from the gui only contains the container port for connection. If you are doing a straight 1194:1194 this makes no difference. But if for example you keep 1194 internal and map to say 1200 externally, the file will still contain 1194. If you change the internal port through the gui to match 1200, the file will contain 1200 but I don't think the container actually updates to use that port and remains using 1194.

 

What I did was leave internal port at 1194. Set an alternative external port, say 1200. Download the ovpn file. It will contain 1194 in it. Edit the file changing the 1194 to the 1200. Then import that file into client. It works!!!

Good afternoon, I launched the container

docker run -d --name='openvpn-as' --net='bridge' -e TZ="Australia/Sydney" -e HOST_OS="Unraid" -e 'PGID'='1000' -e 'PUID'='1000' -p '943:943/tcp' -p '9443:9443/tcp' -p '1194:1194/udp' -v '/home/user/openvpn-as':'/config':'rw' --cap-add=NET_ADMIN 'linuxserver/openvpn-as'


 Everything worked well.
But when I try to log in to the user, I get an error

Internal Server Error

Sorry, an internal server error has occurred

    CPage error in CLogin/renderHTTP

Retry Login


There is an error in the logs
 

019-04-22T18: 52: 03 + 1000 [twisted.python.log # info] "-" - - [22 / Apr / 2019: 08: 52: 02 +0000] "POST / RPC2 HTTP / 1.0" 200 201 "-" "Twisted / XMLRPClib"
2019-04-22T18: 52: 03 + 1000 [twisted.python.log # info] "-" - - [22 / Apr / 2019: 08: 52: 02 +0000] "POST / RPC2 HTTP / 1.0" 200 8597 "-" "Twisted / XMLRPClib"
2019-04-22T18: 52: 03 + 1000 [stdout # info] [WEB] OUT: "2019-04-22T18: 52: 03 + 1000 [stdout # info] CPage exception in CLogin / renderHTTP: 'hostname': connect / clogin: 147, connect / cpage: 84 (exceptions.KeyError) "
2019-04-22T18: 52: 03 + 1000 [stdout # info] [WEB] OUT: '2019-04-22T18: 52: 03 + 1000 [twisted.python.log # info] "192.168.0.14" - - [ 22 / Apr / 2019: 08: 52: 03 +0000] "GET / HTTP / 1.1" 500 798 "-" "Mozilla / 5.0 (X11; Ubuntu; Linux x86_64; rv: 66.0) Gecko / $ 2

Docker works in a virtual machine

uname -a
Linux debian 4.9.0-8-amd64 #1 SMP Debian 4.9.144-3.1 (2019-02-19) x86_64 GNU/Linux

df -h 
udev               1,5G            0  1,5G            0% /dev
tmpfs              302M         4,3M  297M            2% /run
/dev/sda1           15G         2,2G   12G           16% /
tmpfs              1,5G            0  1,5G            0% /dev/shm
tmpfs              5,0M            0  5,0M            0% /run/lock
tmpfs              1,5G            0  1,5G            0% /sys/fs/cgroup
tmpfs              302M            0  302M            0% /run/user/0

Unfortunately I could not find information on this error.

Screenshot_20190422_135214.png

Screenshot_20190422_135156.png

Above scott47 wrote, he managed to log in by changing the address to

https://ip:943?Src=connect

It helped me too.

So when I am in the webui, I see references to the local container ip addresses. Is this correct? Cause I can't get a network IP when I log in. Gives me the 172 range.

I know this is a known issue but I have attempted a solution to the problem of accessing dockers over VPN using OpenVPN-as as a docker. I follow these instructions:

 

 

Here is my network settings:

 

1735363579_2019-05-0515_59_00-unraid_NetworkSettings.thumb.png.a63c3cbe68bb16225170f45a582a196a.png

 

Docker settings:

 

1274313979_2019-05-0515_59_48-unraid_DockerSettings.thumb.png.b95938e3aba51e70f822ef0b4c989223.png

 

 

OpenVPN-as network settings:

 

1227190807_2019-05-0516_01_01-AS_unraid.thumb.png.373a7a755ace5bf70a88d7b9750ca3d9.png

 

 

What looks wrong here? I have the secondary NIC to support this as per bonienl instructions but still I am unable to access my docker IP's over VPN. unRAID GUI is fine just no dockers. 

 

Thanks

 

I was hoping to get some help on getting openvpn working.  I follow space invaders newest video and ran into a bunch of errors in the docker web ui.  Has this been addressed?  What should I be doing differently?  I know a bunch of the docker fields and the web ui changed since his video 1 year ago.  Below is the error I get when trying to start the server.

 

I also tried doing a fresh install and deleting the appdata.  Then left everything to defualt but changed it to bridged and privliged.  I cant even compile the docker.  I get this error.

 

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='openvpn-as' --net='bridge' --privileged=true -e TZ="America/New_York" -e HOST_OS="Unraid" -e 'PGID'='100' -e 'PUID'='99' -p '943:943/tcp' -p '9443:9443/tcp' -p '1194:1194/udp' -v '/mnt/user/appdata/openvpn-as':'/config':'rw' --cap-add=NET_ADMIN 'linuxserver/openvpn-as' 

d027a7aea71006567e8ff9f3ae2c0ff3a1d870cb7b5af4c3672169708221bf26
/usr/bin/docker: Error response from daemon: driver failed programming external connectivity on endpoint openvpn-as (29866595123c0e45cce280fa52df797867e95307dde14bb5bdda1f46dd2c3ade): (iptables failed: iptables --wait -t filter -A DOCKER ! -i docker0 -o docker0 -p tcp -d 172.17.0.4 --dport 9443 -j ACCEPT: iptables: No chain/target/match by that name.
(exit status 1)).

The command failed.

 

https://imgur.com/NaMcd85 and https://imgur.com/IZGFpXY This is the docker creation page for OpenVPN I am talking about.

Here are my network settings.

https://imgur.com/mspL162 https://imgur.com/ftysL1E https://imgur.com/2AloCA9

I am running RC8.

Edited by sittingmongoose
added more detail

here is my findings..

  • It doesn't like using a custom IP with using br0 (refuse to connect when trying to go to webui)
  • Try changing it back to bridge0. Still wont connect. delete docker container and reinstall. still same situation. 
  • Go into terminal and force remove the folder and reinstall. works. follow Spaceinvader One instructions on deleting admin out of as.conf. then i do a force update. (refuse to connect)

this thing is more temperamental then a damn car going to a mechanic.

Edited by demonmaestro

6 hours ago, demonmaestro said:

here is my findings..

  • It doesn't like using a custom IP with using br0 (refuse to connect when trying to go to webui)
  • Try changing it back to bridge0. Still wont connect. delete docker container and reinstall. still same situation. 
  • Go into terminal and force remove the folder and reinstall. works. follow Spaceinvader One instructions on deleting admin out of as.conf. then i do a force update. (refuse to connect)

this thing is more temperamental then a damn car going to a mechanic.

I reset network settings then rebooted and now it’s “on” but now I’m having issues with my dynamic dns.  

 

I have my own domain and Cloudflare is pointing my external ip to it.  I have my domain in Cloudflare but it’s stjll not letting me connect to openas.  Also, I don’t see anywhere to download or send configs like he did.

To get the opvn  files, go to the root, remove admin

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.