[Support] Linuxserver.io - OpenVPN AS


Recommended Posts

@Squid

 

so i watched the video  didnt really help me with port mappings  least didnt break it down...

i tried the BR0:   i set it to 192.168.1.9   

and my Unraid is 192.168.1.8

but still  at port 1194  figured it over right  when i specify a new ip address..   i also Added a port at the bottom you see..  still cant get 1200

so i could use more help

not sure what version of the OpenVPN AS is  it just says latest

 

does the guy have a specific video for my style of issue  needing a different port.. as he only talked about it for a few seconds really

1a.JPG

1b.JPG

Edited by comet424
Link to comment
2 minutes ago, comet424 said:

i tried the BR0:   i set it to 192.168.1.9   

 

2 minutes ago, comet424 said:

but still  at port 1194  figured it over right  when i specify a new ip address..   i also Added a port at the bottom you see..  still cant get 1200

 

Exactly.  As I've mentioned when in HOST or as an unique IP you cannot change the port numbers the app will use. 

Link to comment

ya you said that  but you see im not in Host mode im in BR0 mode

and shows 1194 not 1200 like it should be

 

so its not even showing the 2 1200 ports 

 

 

well if BRO cant give me port 1200 than what are my options?? since Bridge mode is not an option

or just scrap OpenVPN-AS and find an alternative?

Edited by comet424
Link to comment

ugh  so i cant run  BR0 or HOST as 1200 is what your saying

 

so then whats my options since you guys work with this stuff every day

what are my options to get this to work

 

and changing my rest of my network isnt an option..  only adjustin the unraid part   dont wanna modify VPN or PFsenseVPN

 

 

 

i just tried  just changing to Bridge Mode and then try to use my openvpn client to connect.. but that doesnt work keeps telling me my dns address cant be resolved  yet  it should be working fine

 

so i dont know why i get that error  if its being blocked or if bridge mode is not letting it be accessed... dont know

 

 

and i have tried the other OpenVPN-AS  and i have tried the OpenVPN Server and Client  and it kinda connects but it hangs  after connecting   so you dont get a command prompt

 

 

 

Edited by comet424
Link to comment
45 minutes ago, comet424 said:

ugh  so i cant run  BR0 or HOST as 1200 is what your saying

Yes, that is exactly what they are saying.  Neither host nor custom/Macvlan networks even care about ports.  Only a bridge network uses ports as has been explained several times.

 

48 minutes ago, comet424 said:

i just tried  just changing to Bridge Mode and then try to use my openvpn client to connect.. but that doesnt work keeps telling me my dns address cant be resolved  yet  it should be working fine

Bridge mode uses ports for external communications.  Although it is not necessary to do so, I setup OpenVPN-AS on two unRAID servers in my LAN.  Since they are on the same LAN, I really only need to be able to connect to one in order to have access to the other, but I wanted to prove access to either via OpenVPN client was possible.

 

Being on the same LAN, they could not use the same ports.  Of course, the OpenVPN-AS container on both servers is running in bridge mode.

 

On the second server, I assigned UDP port 1195 (what you are trying to do with 1200) to the second server and TCP port 9444 for management.  Here are my router port forwarding rules associated with both servers:

 

image.png.d8e10665c2e58f64ad1d71029345576c.png

 

I have a dynamic DNS name for each server and my OpenVPN client on my laptop has two profiles allowing me to connect to either server by DDNS name and the appropriate ports.

 

I rarely ever connect to the second server directly via OpenVPN as connecting to the first gives me access to the second which is strictly a backup server and is often not even powered on; however, I just tested it again and it works without issue on the alternate port of 1195.

 

Somewhere in your Open-VPN-AS container, VPN client, port forwarding rules, and/or DDNS settings, you must have something misconfigured.  It is possible to use a port other than 1194 as my setup proves.

  • Like 1
Link to comment

@Hoopster

 

maybe ill look at it tommorow...  its just frustrating...  

i tried several times to set up   and i followed the spaceinvaders video its exactly the same as his for setting it up minus i tried to get 1200 to work... and when i set it to bridge mode the gui is unacceassable.. page cant be found ...

so if you got bridge to work what did you do to get it to work?

 

the main purpose is  so  i can  openvpn  to remote site... transfer data using rsync..  then close the openvpn connection all in user scripts either once a day or once a week.  as my interenet isnt fast enough to keep openvpn connected both sites 24/7  only have the slowest dsl  package for country living people

 

and i have on PFsense  port forward to 192.168.1.8  for port 1200  so i dont have to SSH over internet  as i gotta keep recreating damn known hosts  which is a pain in the butt... when you do dns address name 

 

and when i setup  dns name  in the gui... it should connect fine or least try to connect and say  cant get port yet its saying cant resolve hostname 

 

 

as for the container you see my settings  now set to BR0  and the added port 1200 so i have 2 of them...

thats only thing i did in the container... ill relook at the gui..

 

but if i do 192.168.1.8:943    in Host mode  i can access the web gui...

if i do 192.168.1.8:943   in bridge mode    webgui is no longer an option anymore

so i havent been able to get past this hurdle...  it gets to you..

 

i just wanted a simple install the program  set a port and user name and be done.. 3 simple steps... 1... install... 2 set port... 3 setup username and click activate..

 

the PeterSM OpenVPN Client and Server setup easier but it has issues it hangs when it connects so i cant get the command prompt so i can run rsync..  so i end up pressing ctrl c to just quit it..

 

 

so in your setup your using  1195  but in bridge mode correct?

i just steping away from this today.. as i been 

fiddling with  OpenVPN-AS Mace and Linuxserver and  Peters  Server and Client version for a month on and off for hours trying to get to work that i just had enough  and i just frustrated  was hoping earlier someone just show me exact steps  to get what i want video of doing it or pictures.... i a visual learner  not a learner by words... need to see how things are done...

but ill try again 1 more time tommorow  ill also post the server settings as well... but i followed the space invaders setup  so dont know how i messed it up... but ill give another shot tommorow.. i just frustrated  they force it that 1194 is under editable for host or br0  i not sure why they lock it out on purpose..

 

 

thanks for the response @Hoopster  ill re read what you got and also post the gui  i have too tommorow

Link to comment
1 hour ago, comet424 said:

@Hoopster

 

maybe ill look at it tommorow...  its just frustrating...  

i tried several times to set up   and i followed the spaceinvaders video its exactly the same as his for setting it up minus i tried to get 1200 to work... and when i set it to bridge mode the gui is unacceassable.. page cant be found ...

so if you got bridge to work what did you do to get it to work?

 

the main purpose is  so  i can  openvpn  to remote site... transfer data using rsync..  then close the openvpn connection all in user scripts either once a day or once a week.  as my interenet isnt fast enough to keep openvpn connected both sites 24/7  only have the slowest dsl  package for country living people

 

and i have on PFsense  port forward to 192.168.1.8  for port 1200  so i dont have to SSH over internet  as i gotta keep recreating damn known hosts  which is a pain in the butt... when you do dns address name 

 

and when i setup  dns name  in the gui... it should connect fine or least try to connect and say  cant get port yet its saying cant resolve hostname 

 

 

as for the container you see my settings  now set to BR0  and the added port 1200 so i have 2 of them...

thats only thing i did in the container... ill relook at the gui..

 

but if i do 192.168.1.8:943    in Host mode  i can access the web gui...

if i do 192.168.1.8:943   in bridge mode    webgui is no longer an option anymore

so i havent been able to get past this hurdle...  it gets to you..

 

i just wanted a simple install the program  set a port and user name and be done.. 3 simple steps... 1... install... 2 set port... 3 setup username and click activate..

 

the PeterSM OpenVPN Client and Server setup easier but it has issues it hangs when it connects so i cant get the command prompt so i can run rsync..  so i end up pressing ctrl c to just quit it..

 

 

so in your setup your using  1195  but in bridge mode correct?

i just steping away from this today.. as i been 

fiddling with  OpenVPN-AS Mace and Linuxserver and  Peters  Server and Client version for a month on and off for hours trying to get to work that i just had enough  and i just frustrated  was hoping earlier someone just show me exact steps  to get what i want video of doing it or pictures.... i a visual learner  not a learner by words... need to see how things are done...

but ill try again 1 more time tommorow  ill also post the server settings as well... but i followed the space invaders setup  so dont know how i messed it up... but ill give another shot tommorow.. i just frustrated  they force it that 1194 is under editable for host or br0  i not sure why they lock it out on purpose..

 

 

thanks for the response @Hoopster  ill re read what you got and also post the gui  i have too tommorow

I really didn't have the patience to read all of your posts, but let me tell you it is quite possible to access vpn through different ports. But you really need to understand how these things for together. That's why everyone's been telling you to read the docker faq.

 

If you want to access it at port 1200, you can either

1) run it in bridge, don't change any ports in the openvpn-as gui, in container settings, map host port 1200 to container port 1194 with udp selected. Map any host port you like to container port 943 with tcp for the webgui. Leave the interface as eth0, or

2) run it in host networking, in the openvpn-as gui change the udp port to 1200. Set your interface to your ubraid network interface.

With either of the above, set the vpn client to use port 1200 udp and that's it.

 

Fyi, I'm accessing my vpn server on a different port than 1194 via the first option listed above

 

If the above doesn't make any sense to you, then read up on docker port mapping and docker host vs bridge networking. Google is your friend.

Edited by aptalca
Link to comment

and yes i told them i read the Real Dock FAQ by squid had no information  on changing the port  there was a breif part that was written in black text so it was unreadable about nzbt but that didnt help my specific issue...

it had no information about  Ports that cant be changed in Host mode  with work arounds

had no information  how to get around it

had no information when a docker cant be run in bridge mode to get the port you want because Host mode blocks you

had no information  why is port 1194 locked in host mode that its unconfigurable

because my questions are no in the FAQ

 

and like i mentioned too   i had it set up in the Gui  UDP 1200    bond0

 

but ill post the pics  i cant access the remote site  internet must be down there....  but ill post the gui  screen shot then you can see if it it was misconfigured

 

i maybe asking too much and i not here to get anyone mad at me ..  i just trying to get it to work  and right now  Bridge mode does not work but ill get you the pics tommorow if not today  of the screen shot when the internet is back

 

 

 

 

Link to comment
14 minutes ago, comet424 said:

 

but ill post the pics  i cant access the remote site  internet must be down there....  but ill post the gui  screen shot then you can see if it it was misconfigured

 

You can't connect to another server with this container. This is an openvpn server,and you connect a client to this server. 

Link to comment
31 minutes ago, aptalca said:

run it in bridge, don't change any ports in the openvpn-as gui, in container settings, map host port 1200 to container port 1194 with udp selected. Map any host port you like to container port 943 with tcp for the webgui. Leave the interface as eth0

Did you actually try this? You mostly just seem to be telling us lots of different things don't work, and frankly, I haven't been able to figure out what you have even tried. It all just comes out as a bunch of stuff all running together. You need to take a single attempt, explain it completely and clearly, and let us help you clear it up. I don't know if we are having a language barrier, or you just don't understand enough to express things in an intelligible way.

 

The key to mapping ports is to leave the container port as it is already configured to be and don't even attempt to change it in any way. Instead, change the host port that maps to that container port. Whatever port you want to use on the host side will be translated by the docker engine to the port the container is expecting as long as you don't change the container port part of the mapping.

Link to comment

@trurl

 

ok fine ill tell it again

Remote Side

I watched  Space Invaders Install OpenVPN-AS  i followed it..  when he came to Port 1194 i changed mine cuz i do not want 1194 as the main port i want 1200

so what i did when you first install OpenVPN-AS   you got to Host Port 3  that says 1194  and i changed it to 1200

and set to BOND0

then clicked save so it would install the program

 

i then logged into the Gui  and set it up  exactly as spaceinvaders video like i mentioned 

instead of his part i set it to 1200 UDP   deleted the admin user created a new admin account.. edited the as.conf   and edited out admin  and

i set my dns address name i have in my pfsense box

ran force update.. exactly like Space Invader did

 

On my router i Port Forward 1200 UDP  to the unraid box address 

 

i then logged out  and downloaded the Locked Yourself client file

 

then on my side  i installed Peters OpenVPN Client  and ran

 

openvpn  --config client.ovp

 

it then gives the error i showed first cant resolve hostname which is should..

when i was trouble shooting i seen that the Docker OpenVPN-AS  was still at 1194 not the 1200 i had set it up following the video

and thats how i got to you guys in this form.. posting the unable to resolve hostname 1200 error and the 1194 1200 issue i been having

 

 

i hope this helps?  dislexia sucks but it all makes sense to me in my head

Link to comment

@trurl   i use Pfsense  as a OpenVPN client for my cell or to remote access my sisters network

 

problem is    i have a 400k upload speed  so leaving a OpenVPN client is going to kill bandwith

 

and what i want is

Unraid User Script

Oopen VPN connect

Rsync  data

Close OpenVPn

 

i asked in the pfsense group and i think i did unraid 

 

if unraid can talk to pfsense in a userscript start the openvpn  run rsync  then close the openvpn

 

 

im hoping my explanation is better  i sorry if it isnt ill get pictures later

 

 

Edited by comet424
Link to comment
4 minutes ago, comet424 said:

it then gives the error i showed first cant resolve hostname which is should..

Then your problem is not the port, but that the address you used is not correct. 

Have you looked at the openvpn config file to see which address is there? 

Link to comment

i dont have a pic 

and i cant access her server right now

but the dns address i had to enter in is correct

the ip address is 192.168.1.8

i remember it saying 2 clients 

i had to change the 1194 TCP to 1200 UDP per the video

and i cant remember anymore now

 

 

ill get a screen shot as soon its back up

Edited by comet424
Link to comment
9 minutes ago, comet424 said:

dont know what a docker run command is  if you mean 

the screen shot  of 

when i type  openvpn --config client.ovpn  

while its in bridge mode i can

 

The docker run command is what results from making any change in the docker config on the edit screen and then clicking apply.  The docker is stopped and restarted with the changes and displays the run command as it is restarting. 

 

It looks something like this (this is the docker run command from a change I made in the UniFi container):

 

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='unifi-controller' --net='host' --log-opt max-size='100m' --log-opt max-file='2' -e TZ="America/Denver" -e HOST_OS="Unraid" -e 'UDP_PORT_3478'='3478' -e 'TCP_PORT_8080'='8080' -e 'TCP_PORT_8443'='8443' -e 'TCP_PORT_8880'='8880' -e 'TCP_PORT_8843'='8843' -e 'UDP_PORT_10001'='10001' -e 'UDP_PORT_1900'='1900' -e 'PUID'='99' -e 'PGID'='100' -v '/mnt/user/appdata/unifi/':'/config':'rw,slave' 'linuxserver/unifi-controller:5.9'

 

You are being asked to post the docker run command from OpenVPN-AS configured in bridge mode.  Make any change (even it it just changing one parameter and then setting it back to what it originally was) and apply the change.

Edited by Hoopster
Link to comment

Don't change the container port. You have set the host port as you want it to be, and that is OK, but you have changed the container port to match. You have to leave the container port alone and let it use the port the container expects it to be. That is what mapping is all about. The container port corresponds to (mapped to) a different port on the host. Just like with volume mapping. /config in the container corresponds to (mapped to) a different path on the host, /mnt/user/appdata/openvpn-as.

 

Understanding mapping is most of what you need to understand about setting up any docker all by yourself and without relying on anybody else to tell you exactly what you need to do.

Link to comment

ok so basiclly you mean its like  windows mapping 

 

network Share  Files aka Port 1194    share it as Drive G:  aka 1200   

and you do this in Bridge and in the GUI 

like this?

i edit the the 1200 back to 1194  in the container you call it

screen6.JPG

screen7.JPG

Edited by comet424
Link to comment
  • trurl pinned and unpinned this topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.