[Support] Linuxserver.io - OpenVPN AS


Recommended Posts

I can't get google authenticator to work, it won't let me enroll, says I'm putting in the wrong code.

 

Also the admin account keeps resetting itself to username admin password password and I can't disable login to it without also locking my other admin account out (when I disable login for user admin, my other user suddenly gets blocked from accessing the admin panel) which makes it... not really useable.

 

Also I found out that turning on the google authenticator MFA also affects clients logging on from the LAN, but doesn't affect the default admin account (fortunately, in this one case, because otherwise I wouldn't have been able to get back into the admin panel after turning it on, to turn it off again.)

 

so yeah I need to get MFA working, but only require it for users accessing from outside the LAN, and also I need to not let literally anyone on the internet admin my VPN server.

Link to comment
  • 2 weeks later...

Hi everyone,

 

Looked through quite a few pages and could not find a reference to this, I do not want to run the docker as host or bridge, I want to run it with its own IP address, however when I try to login to the admin GUI I get the following error:

 

Sorry, a session error has occurred

It is possible that your session has expired or your login credentials do not allow access to this resource. See error text below for further details:

SESSION ERROR: SESSION: Your session has expired, please reauthenticate (9007)

Retry Login

 

Any pointers appreciated.

Cheers

Edited by LondonDragon
Link to comment
11 hours ago, LondonDragon said:

Hi everyone,

 

Looked through quite a few pages and could not find a reference to this, I do not want to run the docker as host or bridge, I want to run it with its own IP address, however when I try to login to the admin GUI I get the following error:

 

Sorry, a session error has occurred

It is possible that your session has expired or your login credentials do not allow access to this resource. See error text below for further details:

SESSION ERROR: SESSION: Your session has expired, please reauthenticate (9007)

Retry Login

 

Any pointers appreciated.

Cheers

I have the same problem. 

Link to comment
On 2/22/2021 at 8:32 PM, Larssogn said:

I have the same problem. 

Same issue here.

 

```

Sorry, a session error has occurred

It is possible that your session has expired or your login credentials do not allow access to this resource. See error text below for further details:

SESSION ERROR: SESSION: Your session has expired, please reauthenticate (9007)
```

 

Edited by karldonteljames
Link to comment
On 2/22/2021 at 12:59 AM, LondonDragon said:

Hi everyone,

 

Looked through quite a few pages and could not find a reference to this, I do not want to run the docker as host or bridge, I want to run it with its own IP address, however when I try to login to the admin GUI I get the following error:

 

Sorry, a session error has occurred

It is possible that your session has expired or your login credentials do not allow access to this resource. See error text below for further details:

SESSION ERROR: SESSION: Your session has expired, please reauthenticate (9007)

Retry Login

 

Any pointers appreciated.

Cheers

Same problem here after it's been working for a year plus. Any updates on resolving this issue?

Link to comment

Anyone here using Ubiquiti UDM Pro? 

 

I'm running openvpn-as docker in bridge mode, I have port forwarding of UDP 1194 to my unraid server but I am not able to connect to VPN

 

I have port forwarding for SWAG and that has no issues (SWAG runs on static IP and not bridge mode)

Link to comment
4 hours ago, Kira said:

Anyone here using Ubiquiti UDM Pro? 

 

I'm running openvpn-as docker in bridge mode, I have port forwarding of UDP 1194 to my unraid server but I am not able to connect to VPN

 

I have port forwarding for SWAG and that has no issues (SWAG runs on static IP and not bridge mode)

I'm running a UDM Pro, But until i get the container to actually run as expectedin it's own i'm not able to help. Are you using the UDP in classic setting or modern settings? it might be worth double checking that rule is enabled. - It might also be worth trying to run in host mode rather than bridge mode. i'm not 100% sure but i think using it in bridge mode affects the way routing works.

Link to comment
4 hours ago, karldonteljames said:

I'm running a UDM Pro, But until i get the container to actually run as expectedin it's own i'm not able to help. Are you using the UDP in classic setting or modern settings? it might be worth double checking that rule is enabled. - It might also be worth trying to run in host mode rather than bridge mode. i'm not 100% sure but i think using it in bridge mode affects the way routing works.

 

Just tried, running in host mode not working

 

Host mode also cause the issue of the admin page keep ask to reauthenticate.

 

I use modern settings, the rule is enable under Internet In. Like I said SWAG works but not OpenVPN or even Wireguard doesnt work

 

So weird.

 

Note: I actually want to run the docker on its own IP like all my other containers but then seems only bridge mode works for admin page

Link to comment

Unfortunately, the state of this container currently is that it's a lottery if it will work for you.

There has been a long standing issue with this container: https://github.com/linuxserver/docker-openvpn-as/issues/113 everything is explained there.

 

In short, if you have issues with this container, I personally would suggest not wasting time on this and finding a better solution.

Edited by j0nnymoe
Link to comment

After moving from a pfsense device to a udmp, I’m happy with most of the offering with the exception of no open vpn. This solution would have meant not having to implement more hardware. Part of the reason I went for a udmp was to slim down the hard ware I’m using, not remove one and have to add two. Unraid runs all the time anyway, so having this in a docker image seems like an ideal solution, especially as I can put the open vpn docker in my dam and tunnel traffic without too many concerns.

Link to comment
  • 2 weeks later...

Trying to set this container up as per SIO's video, and I'm able to login using the admin/password, at which point I'm greeted by the "SESSION ERROR: SESSION: Your session has expired, please reauthenticate (9007)" message. Can anyone lend a hand? TIA!

Link to comment
  • 2 weeks later...
On 12/4/2017 at 6:04 PM, wgstarks said:

IIRC, using CLI doesn't create the user in the local database. Log in with the default admin user and then add the new user in the gui as I described. Once you have verified that that user is working delete the default admin user in the gui and run step 3 from the dockerhub page to be sure the default user doesn't get recreated during updates.

 

Let me know if this works.

man...it helps when i read EVERYTHING and not skip important steps!  i was pulling my hair out and screaming for months over the "security issue" of the "admin" account always being there (after deleting it multiple times).  Now that i have changed that line in as.config, everything is good!  i can no longer log in as "admin - password". 
thanks to myself for making me feel silly!

Link to comment
  • 2 weeks later...

Hi,

 

 I tried passing a USB Wireless Key to the Docker using the "--device=/dev/bus/usb/005/002" command (Bus 005 Device 002) and i am in privileged mode.

 

 I see that the device is there on the USB bus in /dev but i am not getting a WLAN /  WL0 interface after startup.

 

Anyone have suggestions on what i can do next?

 

Thanks in advance.

Link to comment
  • 2 weeks later...

Hi Guys ! 
I'm having a problem with OpenVPN. 

I've only recently installed this, so I'm new here :D

 

It was running fine for a couple of days. 
But today I tried to start it, and I get this error message in the log:

"./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: Permission denied"

It hangs there, and just repeats the message indefinitely.  
Is it a permission issue ? I don't know what to do. 

I've read that someone had the same issue, here on this exact post, on Page 15.

I could try to remove the container and re-install fresh, but last time I did something without asking first, people here told me I should ask before trying stuff myself. :D 

So, any suggestions ? :)

 

 



[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 01-envfile: executing...
[cont-init.d] 01-envfile: exited 0.
[cont-init.d] 10-adduser: executing...
usermod: no changes

-------------------------------------
_ ()
| | ___ _ __
| | / __| | | / \
| | \__ \ | | | () |
|_| |___/ |_| \__/


Brought to you by linuxserver.io
-------------------------------------

To support LSIO projects visit:
https://www.linuxserver.io/donate/
-------------------------------------
GID/UID
-------------------------------------

User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-time: executing...
[cont-init.d] 20-time: exited 0.
[cont-init.d] 30-config: executing...
[cont-init.d] 30-config: exited 0.
[cont-init.d] 40-openvpn-init: executing...
[cont-init.d] 40-openvpn-init: exited 0.
[cont-init.d] 50-interface: executing...
/var/run/s6/etc/cont-init.d/50-interface: line 9: /usr/local/openvpn_as/scripts/confdba: Permission denied
/var/run/s6/etc/cont-init.d/50-interface: line 10: /usr/local/openvpn_as/scripts/confdba: Permission denied
/var/run/s6/etc/cont-init.d/50-interface: line 11: /usr/local/openvpn_as/scripts/confdba: Permission denied
/var/run/s6/etc/cont-init.d/50-interface: line 12: /usr/local/openvpn_as/scripts/confdba: Permission denied
[cont-init.d] 50-interface: exited 126.
[cont-init.d] 99-custom-scripts: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-scripts: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: Permission denied
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: Permission denied
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: Permission denied
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: Permission denied
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: Permission denied
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: Permission denied

Link to comment

I have the same problem here:
 

"Sorry, a session error has occurred

It is possible that your session has expired or your login credentials do not allow access to this resource. See error text below for further details:

SESSION ERROR: SESSION: Your session has expired, please reauthenticate (9007)"

Thanks!

Link to comment
  • 3 weeks later...

sinds the last update I have problems connection to docker container with a own ip on the remote network. 

- I can  connect to the ip of the unraid server. 
- I can connect to other devices on the network.
- I can NOT connect to containers with a other ip than the unraid server.  
- I can NOT connect to my windows 10 VM (on unraid) with RDC  (vm was stopped) 

Under vpn settings / Routing I have 
"yes, using NAT" 
and under subnets the subnet of the internal remote network

A few weeks ago it was al working without problems.

 

Edited by open_borre
Link to comment

A friend of mine helped me to install it via command line, (he is a genius in linux by the way) however the sad part is that This OpenVPN only works for free for 2 simultaneous connections. If you need more, you need to pay for the service.

Just a heads up, should you need more connections for free, I would suggest to find another app that can do the job and stop loosing time trying to make this one work.

 

Cheers! 

Link to comment

I'm having issues with the scripts folder, why is it not there ? I've done a fresh reinstall of OpenVPN to be sure, same thing:

 

image.png.aeea8c59b3a9ad19ccbcaffc988fe85c.png

 

Is it due to the issue with the as-repo PPA ?

 

Current default time zone: 'Europe/Berlin'
Local time is now: Sat May 15 21:12:23 CEST 2021.
Universal Time is now: Sat May 15 19:12:23 UTC 2021.

[cont-init.d] 20-time: exited 0.
[cont-init.d] 30-config: executing...
installing openvpn-as for the first time
Hit:1 http://archive.ubuntu.com/ubuntu bionic InRelease
Get:2 http://archive.ubuntu.com/ubuntu bionic-updates InRelease [88.7 kB]
Get:4 http://archive.ubuntu.com/ubuntu bionic-security InRelease [88.7 kB]
Get:5 http://archive.ubuntu.com/ubuntu bionic-updates/universe Sources [573 kB]
Get:3 http://as-repository.openvpn.net/as/debian bionic InRelease
Err:3 http://as-repository.openvpn.net/as/debian bionic InRelease
Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)
Get:6 http://archive.ubuntu.com/ubuntu bionic-updates/main Sources [640 kB]
Get:7 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages [2,582 kB]
Get:8 http://archive.ubuntu.com/ubuntu bionic-updates/universe amd64 Packages [2,183 kB]
Get:9 http://archive.ubuntu.com/ubuntu bionic-security/restricted Sources [21.6 kB]
Get:10 http://archive.ubuntu.com/ubuntu bionic-security/main Sources [317 kB]
Get:11 http://archive.ubuntu.com/ubuntu bionic-security/universe amd64 Packages [1,411 kB]
Get:12 http://archive.ubuntu.com/ubuntu bionic-security/main amd64 Packages [2,150 kB]
Get:13 http://archive.ubuntu.com/ubuntu bionic-security/restricted amd64 Packages [423 kB]
Reading package lists...
E: Failed to fetch http://as-repository.openvpn.net/as/debian/dists/bionic/InRelease Clearsigned file isn't valid, got 'NOSPLIT' (does the network require authentication?)

E: The repository 'http://as-repository.openvpn.net/as/debian bionic InRelease' is not signed.
Stopping openvpn-as now; will start again later after configuring
cat: /var/run/openvpnas.pid: No such file or directory
kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec]

sed: can't read /usr/local/openvpn_as/etc/as_templ.conf: No such file or directory
[cont-init.d] 30-config: exited 0.
[cont-init.d] 40-openvpn-init: executing...
find: ‘/config/etc/db’: No such file or directory
/var/run/s6/etc/cont-init.d/40-openvpn-init: line 14: /usr/local/openvpn_as/bin/ovpn-init: No such file or directory
Stopping openvpn-as now; will start again later after configuring
cat: /var/run/openvpnas.pid: No such file or directory
kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec]

[cont-init.d] 40-openvpn-init: exited 0.
[cont-init.d] 50-interface: executing...
/var/run/s6/etc/cont-init.d/50-interface: line 9: /usr/local/openvpn_as/scripts/confdba: No such file or directory
/var/run/s6/etc/cont-init.d/50-interface: line 10: /usr/local/openvpn_as/scripts/confdba: No such file or directory
/var/run/s6/etc/cont-init.d/50-interface: line 11: /usr/local/openvpn_as/scripts/confdba: No such file or directory
/var/run/s6/etc/cont-init.d/50-interface: line 12: /usr/local/openvpn_as/scripts/confdba: No such file or directory
[cont-init.d] 50-interface: exited 127.
[cont-init.d] 99-custom-scripts: executing...
[custom-init] no custom files found exiting...
[cont-init.d] 99-custom-scripts: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: No such file or directory
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: No such file or directory
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: No such file or directory
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: No such file or directory
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: No such file or directory
./run: line 3: /usr/local/openvpn_as/scripts/openvpnas: No such file or directory

 

It only started doing that since yesterday evening, before it was all fine

Link to comment
  • 1 month later...

DEPRECATED! Updated yesterday and can't connect today. This is what the log says, and of course you find out about that only when you're away...

 

******************************************************
******************************************************
* *
* *
* This image is deprecated. *
* We will not offer support for this image *
* and it will not be updated. *
* *
* *
******************************************************
******************************************************

We recommend our wireguard image instead for vpn:
https://github.com/linuxserver/docker-wireguard


******************************************************
******************************************************
[cont-init.d] 99-deprecation: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.

 

Edited by Gico
Link to comment
On 5/10/2021 at 9:38 PM, rojarrolla said:

A friend of mine helped me to install it via command line, (he is a genius in linux by the way) however the sad part is that This OpenVPN only works for free for 2 simultaneous connections. If you need more, you need to pay for the service.

Just a heads up, should you need more connections for free, I would suggest to find another app that can do the job and stop loosing time trying to make this one work.

 

Cheers! 

... or you just setup another docker container and use two additional connections ;-)

 

But is it true that it is really depricated? I really cant believe it! I mean this container has a huge community, can somebody clearify this?

Link to comment
4 minutes ago, hundsboog said:

... or you just setup another docker container and use two additional connections ;-)

 

But is it true that it is really depricated? I really cant believe it! I mean this container has a huge community, can somebody clearify this?

Yes, it's deprecated. It's a pain in the ass to maintain as it breaks on every update. The latest release should work.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.