[Support] Linuxserver.io - OpenVPN AS


Recommended Posts

3 hours ago, Chrysen said:

Hi, 🤗

One question is it possible to route all traffic through this vpn tunnel and then to another vpn tunnel.

 

Now      WAN -->  AVM  Fritzbox Router   -->  Asus Merlin Wrt Router  -->  Unraid Server

 

port forwarding works to unraid openvpn server  docker.

 

But how can i route this traffic to another vpn tunnel like perfect-privacy. ( and maybe other docker container like privoxy before)

 

I will connect to my home and perfect-privay at same time like this 

 

WAN -->  AVM  Fritzbox Router   -->  Asus Merlin Wrt Router  -->  Unraid Server --> openvpn server --> privoxy docker --> openvpn client.

 

Vpn connection to Fritzbox, Asus wrt Router,  openvpn docker or perfect-privacy will work, but not at same time. (Openvpn server  docker and vpn client.🤔

 

Thanks 

 

Chrysen

Yes, you can do that. Make sure that your unraid host is connected through a vpn client and your openvpnas container is in host mode. 

 

I do it in a similar fashion. My pfsense router is running an openvpn client that connects to PIA. Unraid uses that for all outbound connections. I also have openvpn-as container running on unraid. So when I vpn into home remotely, not only I can access all the local computers on the home lan, but my internet connection also goes through PIA thanks to the client on pfsense. I'm double vpn'ed and it works beautifully

Link to comment
4 hours ago, aptalca said:

Yes, you can do that. Make sure that your unraid host is connected through a vpn client and your openvpnas container is in host mode. 

 

I do it in a similar fashion. My pfsense router is running an openvpn client that connects to PIA. Unraid uses that for all outbound connections. I also have openvpn-as container running on unraid. So when I vpn into home remotely, not only I can access all the local computers on the home lan, but my internet connection also goes through PIA thanks to the client on pfsense. I'm double vpn'ed and it works beautifully

 

Ok do you use pfsense on unraid too?😅

 

I've try this, openvpn docker as host.

If i start the other vpn client (on asus wrt merlin Router) i get no connection to unraid anymore.

(Because all traffic from unraid will go through vpn client)

 

Can i setup that only out going traffic throuh vpn client.

2018-08-22-01-04-31.jpg

Link to comment

I'm getting OpenVPN setup and thought I had it working.. but then realized that when the container updated, my admin and user passwords were reset.  What is the solution for this? I'm assuming there is an easy fix I'm overlooking.

 

I've tried searching, but the forums search is failing me.

Link to comment
5 hours ago, tmchow said:

I'm getting OpenVPN setup and thought I had it working.. but then realized that when the container updated, my admin and user passwords were reset.  What is the solution for this? I'm assuming there is an easy fix I'm overlooking.

 

I've tried searching, but the forums search is failing me.

 

From the links in the first post in this forum (this resolves the issue of user/password reset on container update):

 

Setting up the application

The admin interface is available at https://<ip>:943/admin with a default user/password of admin/password

 

During first login, make sure that the "Authentication" in the webui is set to "Local" instead of "PAM". Then set up the user accounts with their passwords (user accounts created under PAM do not survive container update or recreation).

 

The "admin" account is a system (PAM) account and after container update or recreation, its password reverts back to the default. It is highly recommended to block this user's access for security reasons:
1) Set another user as an admin,
2) Delete the "admin" user in the gui,
3) Modify the as.conf file under config/etc and replace the line boot_pam_users.0=admin with #boot_pam_users.0=admin (this only has to be done once and will survive container recreation)

Edited by Hoopster
Link to comment

I still can't get this to work.

 

I can connect to the Unraid server's OpenVPN server. But none of the services on my home network are available. 192.168.1.1 (router) or 192.168.1.50 (unraid server) aren't available, neither is anything else.

 

Also after only about 2 minutes it disconnects me and says "Invalid credentials". Even though my credentials are fine and they work to login in the first place.

 

Tue Sep 04 15:05:05 2018 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Tue Sep 04 15:05:05 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Sep 04 15:05:05 2018 library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10
Enter Management Password:
Tue Sep 04 15:05:05 2018 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Sep 04 15:05:05 2018 Need hold release from management interface, waiting...
Tue Sep 04 15:05:06 2018 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Sep 04 15:05:06 2018 MANAGEMENT: CMD 'state on'
Tue Sep 04 15:05:06 2018 MANAGEMENT: CMD 'log all on'
Tue Sep 04 15:05:06 2018 MANAGEMENT: CMD 'echo all on'
Tue Sep 04 15:05:06 2018 MANAGEMENT: CMD 'bytecount 5'
Tue Sep 04 15:05:06 2018 MANAGEMENT: CMD 'hold off'
Tue Sep 04 15:05:06 2018 MANAGEMENT: CMD 'hold release'
Tue Sep 04 15:05:07 2018 MANAGEMENT: CMD 'username "Auth" "markus"'
Tue Sep 04 15:05:07 2018 MANAGEMENT: CMD 'password [...]'
Tue Sep 04 15:05:07 2018 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Tue Sep 04 15:05:07 2018 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Sep 04 15:05:07 2018 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Sep 04 15:05:07 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]<PUBLIC.IP.REMOVED>
Tue Sep 04 15:05:07 2018 Socket Buffers: R=[65536->100000] S=[65536->100000]
Tue Sep 04 15:05:07 2018 UDP link local: (not bound)
Tue Sep 04 15:05:07 2018 UDP link remote: [AF_INET]<PUBLIC.IP.REMOVED>
Tue Sep 04 15:05:07 2018 MANAGEMENT: >STATE:1536062707,WAIT,,,,,,
Tue Sep 04 15:05:07 2018 MANAGEMENT: >STATE:1536062707,AUTH,,,,,,
Tue Sep 04 15:05:07 2018 TLS: Initial packet from [AF_INET]<PUBLIC.IP.REMOVED>:1194, sid=a5a3543b 823aedd8
Tue Sep 04 15:05:07 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Sep 04 15:05:07 2018 VERIFY OK: depth=1, CN=OpenVPN CA
Tue Sep 04 15:05:07 2018 VERIFY OK: nsCertType=SERVER
Tue Sep 04 15:05:07 2018 VERIFY OK: depth=0, CN=OpenVPN Server
Tue Sep 04 15:05:07 2018 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Sep 04 15:05:07 2018 [OpenVPN Server] Peer Connection Initiated with [AF_INET]<PUBLIC.IP.REMOVED>:1194
Tue Sep 04 15:05:08 2018 MANAGEMENT: >STATE:1536062708,GET_CONFIG,,,,,,
Tue Sep 04 15:05:08 2018 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Tue Sep 04 15:05:08 2018 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 12,ping-restart 50,auth-tokenSESS_ID,comp-lzo yes,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 172.27.224.1,dhcp-option DNS 9.9.9.9,register-dns,block-ipv6,ifconfig 172.27.224.10 255.255.240.0,peer-id 0,cipher AES-256-GCM'
Tue Sep 04 15:05:08 2018 Obsolete option --dhcp-release detected. This is now on by default
Tue Sep 04 15:05:08 2018 Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:18: block-ipv6 (2.4.6)
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: timers and/or timeouts modified
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: explicit notify parm(s) modified
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: compression parms modified
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: --ifconfig/up options modified
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: route options modified
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: route-related options modified
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: peer-id set
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: adjusting link_mtu to 1625
Tue Sep 04 15:05:08 2018 OPTIONS IMPORT: data channel crypto options modified
Tue Sep 04 15:05:08 2018 Data Channel: using negotiated cipher 'AES-256-GCM'
Tue Sep 04 15:05:08 2018 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Sep 04 15:05:08 2018 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Sep 04 15:05:08 2018 interactive service msg_channel=792
Tue Sep 04 15:05:08 2018 ROUTE_GATEWAY 192.168.43.1/255.255.255.0 I=10 HWADDR=9c:b6:d0:f6:b9:93
Tue Sep 04 15:05:08 2018 open_tun
Tue Sep 04 15:05:08 2018 TAP-WIN32 device [Ethernet 3] opened: \\.\Global\{BBFBF683-27C3-421B-BF23-29783C56E882}.tap
Tue Sep 04 15:05:08 2018 TAP-Windows Driver Version 9.21 
Tue Sep 04 15:05:08 2018 Set TAP-Windows TUN subnet mode network/local/netmask = 172.27.224.0/172.27.224.10/255.255.240.0 [SUCCEEDED]
Tue Sep 04 15:05:08 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 172.27.224.10/255.255.240.0 on interface {BBFBF683-27C3-421B-BF23-29783C56E882} [DHCP-serv: 172.27.239.254, lease-time: 31536000]
Tue Sep 04 15:05:08 2018 Successful ARP Flush on interface [50] {BBFBF683-27C3-421B-BF23-29783C56E882}
Tue Sep 04 15:05:08 2018 NOTE: Release of DHCP-assigned IP address lease on TAP-Windows adapter failed: An address has not yet been associated with the network endpoint.   (code=1228)
Tue Sep 04 15:05:12 2018 TAP: DHCP address renewal succeeded
Tue Sep 04 15:05:12 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Sep 04 15:05:12 2018 MANAGEMENT: >STATE:1536062712,ASSIGN_IP,,172.27.224.10,,,,
Tue Sep 04 15:05:17 2018 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Tue Sep 04 15:05:17 2018 ROUTE remote_host is NOT LOCAL
Tue Sep 04 15:05:17 2018 C:\WINDOWS\system32\route.exe ADD <PUBLIC.IP.REMOVED> MASK 255.255.255.255 192.168.43.1
Tue Sep 04 15:05:17 2018 Route addition via service succeeded
Tue Sep 04 15:05:17 2018 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 172.27.224.1
Tue Sep 04 15:05:17 2018 Route addition via service succeeded
Tue Sep 04 15:05:17 2018 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 172.27.224.1
Tue Sep 04 15:05:17 2018 Route addition via service succeeded
Tue Sep 04 15:05:17 2018 Initialization Sequence Completed
Tue Sep 04 15:05:17 2018 Register_dns request sent to the service
Tue Sep 04 15:05:17 2018 MANAGEMENT: >STATE:1536062717,CONNECTED,SUCCESS,172.27.224.10,<PUBLIC.IP.REMOVED>,1194,,
Tue Sep 04 15:07:39 2018 [OpenVPN Server] Inactivity timeout (--ping-restart), restarting
Tue Sep 04 15:07:39 2018 C:\WINDOWS\system32\route.exe DELETE <PUBLIC.IP.REMOVED> MASK 255.255.255.255 192.168.43.1
Tue Sep 04 15:07:39 2018 Route deletion via service succeeded
Tue Sep 04 15:07:39 2018 C:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 128.0.0.0 172.27.224.1
Tue Sep 04 15:07:39 2018 Route deletion via service succeeded
Tue Sep 04 15:07:39 2018 C:\WINDOWS\system32\route.exe DELETE 128.0.0.0 MASK 128.0.0.0 172.27.224.1
Tue Sep 04 15:07:39 2018 Route deletion via service succeeded
Tue Sep 04 15:07:39 2018 Closing TUN/TAP interface
Tue Sep 04 15:07:39 2018 TAP: DHCP address released
Tue Sep 04 15:07:39 2018 SIGUSR1[soft,ping-restart] received, process restarting
Tue Sep 04 15:07:39 2018 MANAGEMENT: >STATE:1536062859,RECONNECTING,ping-restart,,,,,
Tue Sep 04 15:07:39 2018 Restart pause, 5 second(s)
Tue Sep 04 15:07:44 2018 WARNING: --ns-cert-type is DEPRECATED.  Use --remote-cert-tls instead.
Tue Sep 04 15:07:44 2018 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Sep 04 15:07:44 2018 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Sep 04 15:07:44 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]<PUBLIC.IP.REMOVED>:1194
Tue Sep 04 15:07:44 2018 Socket Buffers: R=[65536->100000] S=[65536->100000]
Tue Sep 04 15:07:44 2018 UDP link local: (not bound)
Tue Sep 04 15:07:44 2018 UDP link remote: [AF_INET]<PUBLIC.IP.REMOVED>:1194
Tue Sep 04 15:07:44 2018 MANAGEMENT: >STATE:1536062864,WAIT,,,,,,
Tue Sep 04 15:07:44 2018 MANAGEMENT: >STATE:1536062864,AUTH,,,,,,
Tue Sep 04 15:07:44 2018 TLS: Initial packet from [AF_INET]<PUBLIC.IP.REMOVED>:1194, sid=408c80a1 59f121a6
Tue Sep 04 15:07:44 2018 VERIFY OK: depth=1, CN=OpenVPN CA
Tue Sep 04 15:07:44 2018 VERIFY OK: nsCertType=SERVER
Tue Sep 04 15:07:44 2018 VERIFY OK: depth=0, CN=OpenVPN Server
Tue Sep 04 15:07:44 2018 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1550', remote='link-mtu 1558'
Tue Sep 04 15:07:44 2018 WARNING: 'cipher' is used inconsistently, local='cipher AES-256-GCM', remote='cipher AES-256-CBC'
Tue Sep 04 15:07:44 2018 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
Tue Sep 04 15:07:44 2018 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Tue Sep 04 15:07:44 2018 [OpenVPN Server] Peer Connection Initiated with [AF_INET]<PUBLIC.IP.REMOVED>:1194
Tue Sep 04 15:07:46 2018 MANAGEMENT: >STATE:1536062866,GET_CONFIG,,,,,,
Tue Sep 04 15:07:46 2018 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Tue Sep 04 15:07:46 2018 AUTH: Received control message: AUTH_FAILED
Tue Sep 04 15:07:46 2018 SIGUSR1[soft,auth-failure] received, process restarting
Tue Sep 04 15:07:46 2018 MANAGEMENT: >STATE:1536062866,RECONNECTING,auth-failure,,,,,
Tue Sep 04 15:07:46 2018 Restart pause, 5 second(s)

Also it seems to be assigning me some kind of local I.P. like 172.27.244.** when really I think I am meant to be 192.168.1.** or something.

 

What am I doing wong?

Edited by plantsandbinary
Fixed formatting
Link to comment
On 7/20/2018 at 9:34 AM, etsi said:

After latest update openvpn server no longer works. I tried to delete it and clean the image files but still I can't connect to web admin it doesn't connect at all.

 

EDIT 11/09/2018 - This has self-corrected itself after a week of no joy. No idea what the cause was!

 

Hello all,

 

Like this user, my OpenVPN has stopped working as of about 6 days ago - I changed no config at all other than pulling an update it seems. I can get into Admin though, it just doesn't connect from any client. I've tried everything to resolve/reinstall and had no luck getting this going again. Is this a known issue currently? I'm surprised more people aren't reporting it if it is?

 

My log (stripped to the essential parts)

 

20:22:07.638 -- UNUSED OPTIONS
4 [nobind] 
12 [sndbuf] [100000] 
13 [rcvbuf] [100000] 
16 [verb] [3] 
25 [CLI_PREF_ALLOW_WEB_IMPORT] [True] 
26 [CLI_PREF_BASIC_CLIENT] [False] 
27 [CLI_PREF_ENABLE_CONNECT] [True] 
28 [CLI_PREF_ENABLE_XD_PROXY] [True] 
29 [WSHOST] [myDNS:943] 
30 [WEB_CA_BUNDLE] [-----BEGIN CERTIFICATE----- certificate number...] 
31 [IS_OPENVPN_WEB_CA] [1] 
32 [ORGANIZATION] [OpenVPN, Inc.] 

20:22:07.639 -- EVENT: RESOLVE
20:22:07.970 -- Contacting [my server]:1194 via UDP
20:22:07.971 -- EVENT: WAIT
20:22:07.973 -- Connecting to [myDNS]:1194 (my server) via UDPv6
20:22:17.641 -- Server poll timeout, trying next remote entry...
20:22:17.653 -- EVENT: RECONNECTING
20:22:17.658 -- EVENT: RESOLVE
20:22:17.665 -- EVENT: WAIT
20:22:17.698 -- Connecting to [myDNS]:1194 (my server) via UDPv6
20:22:27.643 -- Server poll timeout, trying next remote entry...
20:22:27.655 -- EVENT: RECONNECTING
20:22:27.658 -- EVENT: RESOLVE
20:22:27.665 -- EVENT: WAIT
20:22:37.646 -- Server poll timeout, trying next remote entry...
20:22:37.656 -- EVENT: RECONNECTING
20:23:07.652 -- EVENT: DISCONNECTED
20:23:07.655 -- EVENT: CORE_THREAD_INACTIVE
20:23:07.656 -- Tunnel bytes per CPU second: 0
20:23:07.661 -- ----- OpenVPN Stop -----

Edited by Rusty6285
Link to comment

Hey All,

 

Having some trouble getting OpenVPN-as running on my machine. Seems like the only way I've been able to actually get it running and access the web ui is when I run it in `Bridge` mode, which from what I understand is not the correct way to get this set up. Any insight here would be greatly appreciated!

 

Here is my log from Docker

Initializing OpenVPN...
Adding new user login...
useradd -s /sbin/nologin "admin"
Writing as configuration file...
Perform sa init...
Wiping any previous userdb...
Creating default profile...
Modifying default profile...
Adding new user to userdb...
Modifying new user as superuser in userdb...
Getting hostname...
Hostname: tayshserve
Preparing web certificates...
Getting web user account...
Adding web group account...
Adding web group...
Adjusting license directory ownership...
Initializing confdb...
Generating init scripts...
Generating PAM config...
Generating init scripts auto command...
Starting openvpnas...
Error: Could not execute server start.

[cont-init.d] 40-openvpn-init: exited 0.
[cont-init.d] 50-interface: executing...
MOD Default {u'admin_ui.https.ip_address': u'all'} {u'admin_ui.https.ip_address': 'bond0'}
MOD Default {u'admin_ui.https.ip_address': u'all'} {u'admin_ui.https.ip_address': 'bond0'}
MOD Default {u'cs.https.ip_address': u'all'} {u'cs.https.ip_address': 'bond0'}
MOD Default {u'vpn.daemon.0.listen.ip_address': u'all'} {u'vpn.daemon.0.listen.ip_address': 'bond0'}
MOD Default {u'vpn.daemon.0.server.ip_address': u'all'} {u'vpn.daemon.0.server.ip_address': 'bond0'}
[cont-init.d] 50-interface: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.

And here is the full log from the OpenVPN container itself: https://pastebin.com/V8ZAHfDZ

 

@aptalca fixed! My bad.

Edited by tayshserve
Link to comment

I'm guessing the problem I referenced above is related to this line..

2018-09-12 16:16:20-0700 [-] PortPool: port 984: [Errno 98] Address already in use: util/sock:199,python2.7/socket:228 (socket.error)

When I check what's on that port I get the following...

COMMAND    PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
rpc.statd 1656  rpc    5u  IPv4   8965      0t0  UDP tower:984

I'm seeing this is related to NFS? 

 

EDIT: I feel like I should also note.. I have Bonding turned ON but I have no idea what it is or why I would need it. I think it was on by default. I'm using whatever onboard LAN my mother board has, nothing special.

Edited by tayshserve
Link to comment
On 7/4/2018 at 11:22 PM, ken-ji said:

that's really weird. Can you show your network settings? and the docker network settings?

 

There should be no difference between the OpenVPN-AS container vs other containers.

are VPN clients assigned to a different subnet? please include that too...

Ok, Sorry, I finally got back to this.  Just to rehash.  I now have 2 nics in my unraid server.  I removed the br0 network.  I created the br1 network with the eth1 nic in it (eth0 is the unraid server primary nic).  I moved all my docker containers with static IPs into br1.  I shelled into the openvpn-as container and verified I can ping the unraid host and my main network router by ip and by DNS name.  I can do dns lookups (dns server is my main router 192.168.1.1) so it appears I have the docker problem worked around.

 

Problem is, my openvpn connected clients still cant access resources.  Once connected to the vpn I am still having connectivity issues.  The VPN clients cant ping or access the unraid host (192.168.1.207).  They can ping my main router (192.168.1.1) and other docker containers by ip (headphones container at 192.168.1.57 for example).  They can't do DNS resolution at all (tried nslookup tool using 192.168.1.1 as name server but it times out, same as using 8.8.8.8 as name server).    I have attached screen shots of what I think would be useful settings.  Any assistance would be appreciated.  I'm banging my head against the wall on this.

openvpn003.png

docker_config.png

docker_config_openvpn.png

openvpn.png

openvpn002.png

Link to comment

Hi, i just setup this docker some days ago, and look like it's working. Sad to see only 2 concurrent connections in free licence, but time will tell if i can live with that..

one question (and sorry if it was answered already..) - i have such a two lines at the Client side log:

Sat Sep 22 10:13:08 2018 ROUTE remote_host is NOT LOCAL
Sat Sep 22 10:13:08 2018 C:\WINDOWS\system32\route.exe ADD <IP> MASK 255.255.255.255 <GW>

where <IP> is my VPNServer public IP, <GW> is client side default gateway.

i'm not routing all internet through VPN, and wondering why this route is needed? for me it would be nice if i can route my VPNs server external address through VPN.. Would it be possible? 

 

Link to comment
12 minutes ago, uldise said:

Hi, i just setup this docker some days ago, and look like it's working. Sad to see only 2 concurrent connections in free licence, but time will tell if i can live with that..

one question (and sorry if it was answered already..) - i have such a two lines at the Client side log:

Sat Sep 22 10:13:08 2018 ROUTE remote_host is NOT LOCAL
Sat Sep 22 10:13:08 2018 C:\WINDOWS\system32\route.exe ADD <IP> MASK 255.255.255.255 <GW>

where <IP> is my VPNServer public IP, <GW> is client side default gateway.

i'm not routing all internet through VPN, and wondering why this route is needed? for me it would be nice if i can route my VPNs server external address through VPN.. Would it be possible? 

 

I don't think it's two concurrent connections, but two concurrent users. You can have multiple devices/connections using the same user account. Iirc I tried connecting with 3 devices at the same time all using the same account and it was fine. 

Link to comment
7 hours ago, aptalca said:

Iirc I tried connecting with 3 devices at the same time all using the same account and it was fine. 

thanks for that!

@aptalca just tested this and it don't work for me - when i connect second device with same username, already connected device gets disconnected.. what i'm missing? i have checkbox in settings to allow multiple sessions per user... 

Edited by uldise
Link to comment
14 hours ago, uldise said:

thanks for that!

@aptalca just tested this and it don't work for me - when i connect second device with same username, already connected device gets disconnected.. what i'm missing? i have checkbox in settings to allow multiple sessions per user... 

I connect 2 devices through the same user account on a daily basis. It must be the settings. 

Link to comment
59 minutes ago, Biff Bojangles said:

In either the user accounts under show more info

 

Or in the box at the bottom of the picture you shared.  In the routing box with yes, using NAT

139EB93C-3CF5-49A1-8914-AE5E0AF116F0.png.2279b34283926231d4170ae35d8c9fff.png

 

Gotcha, unsure why that wasnt in my screenshot, private subnets should be given access to there is:

172.27.224.0/24
192.168.1.0/24

 

So I believe I have it set like you are suggesting and still doesnt work

Link to comment
On 9/23/2018 at 1:26 AM, aptalca said:

I connect 2 devices through the same user account on a daily basis. It must be the settings. 

i'm running on approx default settings, switched on google authenticator.. 

have you any clue which settings should i check?

 

BTW, i setup pfsense for openPVN. looks like everything is working OK, but it have no builtin support for google authenticator.. you can install Radius server, and then use your password fields for both - your password and 2FA code...

Link to comment
  • 2 weeks later...
On 10/3/2018 at 1:40 PM, jfrancais said:

Still struggling on getting the OpenVPN Docker working properly when configured with it's own IP.  Does anyone have it working in this scenario?

 

I would like to know this as well. I want to run it on one of my customer networks (br1.20) so it can access dockers and the unRAID host, but could never figure it out. 

Link to comment

hi 

 

I have open vpn installed in docker and on my pc, what do i need to do now so i can configer my sever when i'm not home and also put files on my raid system.

I can't find how i need to do that. I also hav made a DNS ( duckdns.org ).  

can somone help me pleas?

Link to comment
3 hours ago, joeri said:

hi 

 

I have open vpn installed in docker and on my pc, what do i need to do now so i can configer my sever when i'm not home and also put files on my raid system.

I can't find how i need to do that. I also hav made a DNS ( duckdns.org ).  

can somone help me pleas?

Look at this post...

 

 

Edited by Chrysen
Link to comment
  • trurl pinned and unpinned this topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.