Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Linuxserver.io - OpenVPN AS

Featured Replies

1 minute ago, baldfox said:

Got it. As I am typing this, i just successfully managed to login with the openvpn plugin. Worked relatively quickly. Will sort this when I get a chance. 

Thanks again for your help.

Sounds awsome :) A side note, when you are done and the docker works as planned, take a backup. So if you in the future mess things up or an update crashes anything, you can revert back ;) 

  • Replies 2k
  • Views 462.6k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • SpaceInvaderOne
    SpaceInvaderOne

    I have made un updated video guide for setting up this great container. It covers setting up the container, port forwarding and setting up clients on Windows, macOS Linux (ubuntu Mate) and on cel

  • PSA. It seems openvpn pushed another broken bin, tagged 2.7.3 I get the same error with it as I did with the previously pulled 2.7.2   While they/us try to figure it out, you can change

  • Stupifier
    Stupifier

    Ok, I used to be able to connect to Host network with this before the update....that allowed me to be assigned an IP on my WiFi subnet, which then allowed me to access the UnRAID GUI interface.  

Posted Images

But that shows it running? Can you not get to the webui.

Sent from my Mi A1 using Tapatalk

Hey Everybody,

 

I'm hit with these problems as well after upgrading to 6.7. Using the instructions here I got the connection to work again, however I'm using a layer 2 link to connect directly to my local subnet so I can use Bonjour and all that. Now when I connect the connection is successful but I get a random IP address outside of my subnet instead a DHCP-assigned ip on my 10.0.0.0/24 subnet. I'm guessing switching from host to bridge is preventing docker from talking to my network including the DHCP server? I'm not 100% sure what's happening.

 

Am I basically out of luck here? Or is there way to maintain compatibility with layer 2 connections? 

Edited by aartr

21 hours ago, CHBMB said:

But that shows it running? Can you not get to the webui.

Sent from my Mi A1 using Tapatalk
 

Ah yes it's working now, I guess I tried it while it was still loading up.

 

I just realise that it's limited for 2 connections? I remember it was totally free and open source?

10 minutes ago, CyberMew said:

I just realise that it's limited for 2 connections? I remember it was totally free and open source?

this was the reason i switched to pfsense with openvpn in it..

1 hour ago, uldise said:

this was the reason i switched to pfsense with openvpn in it..

Yeah, but it's good to have a backup, in case you can't connect to one for some reason.

 

I have my pfsense one with udp on the standard port, the container on unraid that is tcp stream proxied by letsencrypt on port 80 and wireguard on an rpi3.

 

Some public wifi block all outgoing udp connections and tcp over non-http/s so the port 80 one saved my a$$ quite a few times

Edited by aptalca

How do we connect to the docker from iOS OpenVPN Connect app? I selected Access Server and put in the details but it isnt working. Edit: needed to provide 9443 in port field.

 

Edit 2: why is it connecting to my docker internal ip 172.17.x.x:1194?

Edited by CyberMew
help required

7 hours ago, CyberMew said:

How do we connect to the docker from iOS OpenVPN Connect app? I selected Access Server and put in the details but it isnt working. Edit: needed to provide 9443 in port field.

 

Edit 2: why is it connecting to my docker internal ip 172.17.x.x:1194?

Provide more clarification

I'm so confused on the docker network mapping stuff, when I try to connect to the AS from an external client the client is trying to connect to the docker network IP which is 172.12.0.5 which obviously won't resolve on a completely different private network behind another internet connection. Shouldn't the config be attempting to connect to my public IP? What is the 'fix' for this? The container is setup with all of the most recent defaults.

11 minutes ago, dajinn said:

I'm so confused on the docker network mapping stuff, when I try to connect to the AS from an external client the client is trying to connect to the docker network IP which is

172.12.0.5

which obviously won't resolve on a completely different private network behind another internet connection. Shouldn't the config be attempting to connect to my public IP? What is the 'fix' for this? The container is setup with all of the most recent defaults.

 

This has been gone over several times in the last few pages. You need to add your subnet in the settings page under routing :)

 

1 hour ago, ProZac said:

This has been gone over several times in the last few pages. You need to add your subnet in the settings page under routing :)

 

I believe you misunderstood, the issue was not with routing. I probably left some keywords out.

 

I resolved my issue by changing the hostname of my vpn server in the Access Server settings from the bridge network to my public IP. I felt like this was an obvious thing but for some reason was thinking that however it came configured out of the box was just 'how it was supposed to be'. But alas after making the change my third party clients are able to connect to the VPN. 

 

Dank.

18 hours ago, CyberMew said:

How do we connect to the docker from iOS OpenVPN Connect app? I selected Access Server and put in the details but it isnt working. Edit: needed to provide 9443 in port field.

 

Edit 2: why is it connecting to my docker internal ip 172.17.x.x:1194?

Go into your Access Server settings and change the hostname from the docker IP to your public IP/hostname.

6 hours ago, dajinn said:

Go into your Access Server settings and change the hostname from the docker IP to your public IP/hostname.

Thanks! Working fine, able to connect now! Now I just need to find out why my new nonadmin users don't have a cert (client cert revoked) and fix it.. edit: worked by itself after a while. all good

Edited by CyberMew

On 6/7/2019 at 4:26 AM, dajinn said:

Go into your Access Server settings and change the hostname from the docker IP to your public IP/hostname.

I thought I had the answer with this as well but this is not working for me. I have my Dynamic DNS hostname in place which I use for other services so I know it's resolving properly. However, when I try to connect from my phone I see it trying to connect to the Docker Containers IP address which is 172.12.0.5. I should mention that the Open Port Checker at https://www.yougetsignal.com/tools/open-ports/ shows that 9443 is open. So I know it's got to be an issue with the app config. Here are a few screen grabs of my network config for OpenVPN-AS. I temporarily masked my Dynamic DNS address for the grab.

 

image.thumb.png.361de57586ea050eb4eb06aa8852be43.png

 

image.thumb.png.1426f071c45e6be698a1cdf0a13a7da2.png

 

Here is the log file from the OpenVPN client app on my iPhone where I have the Dynamic DNS address set as the hostname and port 9443 as the port:

2019-07-09 07:07:47 ----- OpenVPN Start -----
OpenVPN core 3.2 ios arm64 64-bit PT_PROXY built on Oct  3 2018 06:35:04

2019-07-09 07:07:47 Frame=512/2048/512 mssfix-ctrl=1250

2019-07-09 07:07:47 UNUSED OPTIONS
11 [sndbuf] [0] 
12 [rcvbuf] [0] 
15 [verb] [3] 
24 [CLI_PREF_ALLOW_WEB_IMPORT] [True] 
25 [CLI_PREF_BASIC_CLIENT] [False] 
26 [CLI_PREF_ENABLE_CONNECT] [True] 
27 [CLI_PREF_ENABLE_XD_PROXY] [True] 
28 [WSHOST] [172.17.0.5:9443] 
29 [WEB_CA_BUNDLE] [-----BEGIN CERTIFICATE----- [Certificate Masked]...] 
30 [IS_OPENVPN_WEB_CA] [1] 
31 [ORGANIZATION] [OpenVPN Inc] 

2019-07-09 07:07:47 EVENT: RESOLVE

2019-07-09 07:07:47 Contacting [172.17.0.5]:9443/TCP via TCP

2019-07-09 07:07:47 EVENT: WAIT

2019-07-09 07:07:58 Server poll timeout, trying next remote entry...

2019-07-09 07:07:58 EVENT: RECONNECTING

2019-07-09 07:07:58 EVENT: RESOLVE

2019-07-09 07:07:58 Contacting [172.17.0.5]:9443/TCP via TCP

2019-07-09 07:07:58 EVENT: WAIT

2019-08-09 07:08:09 Server poll timeout, trying next remote entry...

2019-08-09 07:08:09 EVENT: RECONNECTING

2019-08-09 07:08:09 EVENT: RESOLVE

2019-08-09 07:08:09 Contacting [172.17.0.5]:9443/TCP via TCP

2019-08-09 07:08:09 EVENT: WAIT

2019-08-09 07:08:19 EVENT: CONNECTION_TIMEOUT [ERR]

2019-08-09 07:08:19 Raw stats on disconnect:
  CONNECTION_TIMEOUT : 1
  N_RECONNECT : 2

2019-08-09 07:08:19 Performance stats on disconnect:
  CPU usage (microseconds): 49938
  Network bytes per CPU second: 0
  Tunnel bytes per CPU second: 0

2019-08-09 07:08:19 EVENT: DISCONNECTED

2019-08-09 07:08:19 Raw stats on disconnect:
  CONNECTION_TIMEOUT : 1
  N_RECONNECT : 2

2019-08-09 07:08:19 Performance stats on disconnect:
  CPU usage (microseconds): 51440
  Network bytes per CPU second: 0
  Tunnel bytes per CPU second: 0

Any assistance is greatly appreciated.

3 hours ago, Riotz said:

I thought I had the answer with this as well but this is not working for me. I have my Dynamic DNS hostname in place which I use for other services so I know it's resolving properly. However, when I try to connect from my phone I see it trying to connect to the Docker Containers IP address which is 172.12.0.5. I should mention that the Open Port Checker at https://www.yougetsignal.com/tools/open-ports/ shows that 9443 is open. So I know it's got to be an issue with the app config. Here are a few screen grabs of my network config for OpenVPN-AS. I temporarily masked my Dynamic DNS address for the grab.

 

image.thumb.png.361de57586ea050eb4eb06aa8852be43.png

 

image.thumb.png.1426f071c45e6be698a1cdf0a13a7da2.png

 

Here is the log file from the OpenVPN client app on my iPhone where I have the Dynamic DNS address set as the hostname and port 9443 as the port:


2019-07-09 07:07:47 ----- OpenVPN Start -----
OpenVPN core 3.2 ios arm64 64-bit PT_PROXY built on Oct  3 2018 06:35:04

2019-07-09 07:07:47 Frame=512/2048/512 mssfix-ctrl=1250

2019-07-09 07:07:47 UNUSED OPTIONS
11 [sndbuf] [0] 
12 [rcvbuf] [0] 
15 [verb] [3] 
24 [CLI_PREF_ALLOW_WEB_IMPORT] [True] 
25 [CLI_PREF_BASIC_CLIENT] [False] 
26 [CLI_PREF_ENABLE_CONNECT] [True] 
27 [CLI_PREF_ENABLE_XD_PROXY] [True] 
28 [WSHOST] [172.17.0.5:9443] 
29 [WEB_CA_BUNDLE] [-----BEGIN CERTIFICATE----- [Certificate Masked]...] 
30 [IS_OPENVPN_WEB_CA] [1] 
31 [ORGANIZATION] [OpenVPN Inc] 

2019-07-09 07:07:47 EVENT: RESOLVE

2019-07-09 07:07:47 Contacting [172.17.0.5]:9443/TCP via TCP

2019-07-09 07:07:47 EVENT: WAIT

2019-07-09 07:07:58 Server poll timeout, trying next remote entry...

2019-07-09 07:07:58 EVENT: RECONNECTING

2019-07-09 07:07:58 EVENT: RESOLVE

2019-07-09 07:07:58 Contacting [172.17.0.5]:9443/TCP via TCP

2019-07-09 07:07:58 EVENT: WAIT

2019-08-09 07:08:09 Server poll timeout, trying next remote entry...

2019-08-09 07:08:09 EVENT: RECONNECTING

2019-08-09 07:08:09 EVENT: RESOLVE

2019-08-09 07:08:09 Contacting [172.17.0.5]:9443/TCP via TCP

2019-08-09 07:08:09 EVENT: WAIT

2019-08-09 07:08:19 EVENT: CONNECTION_TIMEOUT [ERR]

2019-08-09 07:08:19 Raw stats on disconnect:
  CONNECTION_TIMEOUT : 1
  N_RECONNECT : 2

2019-08-09 07:08:19 Performance stats on disconnect:
  CPU usage (microseconds): 49938
  Network bytes per CPU second: 0
  Tunnel bytes per CPU second: 0

2019-08-09 07:08:19 EVENT: DISCONNECTED

2019-08-09 07:08:19 Raw stats on disconnect:
  CONNECTION_TIMEOUT : 1
  N_RECONNECT : 2

2019-08-09 07:08:19 Performance stats on disconnect:
  CPU usage (microseconds): 51440
  Network bytes per CPU second: 0
  Tunnel bytes per CPU second: 0

Any assistance is greatly appreciated.

Download a new client config. Your current config was generated before you fixed the hostname on your server.

1 hour ago, aptalca said:

Download a new client config. Your current config was generated before you fixed the hostname on your server.

Yup that did it! Thank you so much! Hope this helps someone else as well!

Hi guys, 

looking for some advice I am on the latest version of Unraid using PFSENSE VM as my firewall/router. 

 

When I install the openvpn-as non of the options i select allows me to connect to the openVPN management gui

Has anyone else got this setup working and have the time to point me in the right direction 

 

Thanks 

 

Ant 

13 minutes ago, antohind said:

I am on the latest version of Unraid using PFSENSE VM as my firewall/router. 

Why are you trying to use the OpenVPN AS docker? Pfsense has OpenVPN functionality pretty much out of the box.

2 hours ago, jonathanm said:

Why are you trying to use the OpenVPN AS docker? Pfsense has OpenVPN functionality pretty much out of the box.

Which Docker image would you recommend for this?

Just now, Globe89 said:

Which Docker image would you recommend for this?

For what? Please describe what you need to accomplish.

4 hours ago, jonathanm said:

For what? Please describe what you need to accomplish.

I want a hardened OpenVPN server + firewall.

13 hours ago, jonathanm said:

Why are you trying to use the OpenVPN AS docker? Pfsense has OpenVPN functionality pretty much out of the box.

Hi yeah, after playing around i figured out I can configure OpenVPn directly onto the PFsense VM :) 

It's almost ready just have a few issues still 

 

1 - once i connect via openvpn I am unable to reach my internal subnet of 192.168.1.0/24 not sure why the automatic NAT rules are failing 

7 hours ago, Globe89 said:

I want a hardened OpenVPN server + firewall.

As jonathanm noted, that sounds like a description of pfSense, so maybe you don't really need to bother with this docker at all.

2 hours ago, antohind said:

Hi yeah, after playing around i figured out I can configure OpenVPn directly onto the PFsense VM :) 

It's almost ready just have a few issues still 

 

1 - once i connect via openvpn I am unable to reach my internal subnet of 192.168.1.0/24 not sure why the automatic NAT rules are failing 

Not to sound like a brokren record, but did you add your subnet in the routing info in the server, as the new ovpn spits out an ip in the subnet of the docker as default.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.