Jump to content
linuxserver.io

[Support] Linuxserver.io - OpenVPN AS

1603 posts in this topic Last Reply

Recommended Posts

On 7/1/2019 at 9:01 AM, G1ng3rK!ng said:

I am attempting to set this up for the first time. I can access the /admin page, sometimes getting a connection refused, but after waiting a bit it goes through. But when I access the client page through https://unraidipaddress:943/?src=connect or /client or naked, I get "ERR_EMPTY_RESPONSE" [unraidserverip] did not send data.

 

Any suggestions?

 

*NOTE* Followed SpaceIndavaders 2019 guide to set it up. Have it in bridge mode. 

 

Hey, may be take a look at this.

Appears to be a bit different to your issue but maybe worth a look.

 

Share this post


Link to post

Hello, Can anyone help me I have just followed SpaceInvaderOne's Great openvpn video however I would like to find out how would I make my vpn obfuscated so I could use it in contries and networks which block vpns.

Share this post


Link to post
3 hours ago, MarkPla7z said:

Hello, Can anyone help me I have just followed SpaceInvaderOne's Great openvpn video however I would like to find out how would I make my vpn obfuscated so I could use it in contries and networks which block vpns.

Use port 80 and tcp to connect

Share this post


Link to post

I am having an issue where when I restart or update it reverts my license back to only two users at a time, and I am setup for 10 users. When I try and re add the license key I get this result but only remains at two users.

 

License Key Activated
License Manager
This page shows licenses activated for your Access Server, and allows you to add new licenses.
Installed License Keys
The license keys that are activated for this Access Server installation are shown below.
License Key Type Concurrent Users Expire
(none)
Concurrent User Limit:
Licensed for 2 concurrent users.

 

When I issue a ticket with openvpn.net they issue me a new license key and it works, until the next time I restart or update.

Share this post


Link to post

latest reply: 

Please be advised that running Access Server in docker is not supported. You may run int at your own risk.
And yes, each time your container restarted your license key will fail. Re-adding the key will not help.

 

I guess it is not going to work.  Before I ran it on my pfsense setup I thought I had it running flawless on Unraid a couple years ago.  Who knows maybe I am just doing something wrong.  

Share this post


Link to post
latest reply: 
Please be advised that running Access Server in docker is not supported. You may run int at your own risk.
And yes, each time your container restarted your license key will fail. Re-adding the key will not help.
 
I guess it is not going to work.  Before I ran it on my pfsense setup I thought I had it running flawless on Unraid a couple years ago.  Who knows maybe I am just doing something wrong.  
It might work if you found the location that it is added to, could then conceivably add it to appdata and symlink it to it's desired location.

Sent from my Mi A1 using Tapatalk

Share this post


Link to post
5 hours ago, Boren3459 said:

I am having an issue where when I restart or update it reverts my license back to only two users at a time, and I am setup for 10 users. When I try and re add the license key I get this result but only remains at two users.

 

License Key Activated
License Manager
This page shows licenses activated for your Access Server, and allows you to add new licenses.
Installed License Keys
The license keys that are activated for this Access Server installation are shown below.
License Key Type Concurrent Users Expire
(none)
Concurrent User Limit:
Licensed for 2 concurrent users.

 

When I issue a ticket with openvpn.net they issue me a new license key and it works, until the next time I restart or update.

None of the team members have a paid openvpn license so we can't really test how it works. I'll try to look into it, but I'm shooting in the dark here

Share this post


Link to post

I just tried installing openvpn-as and get this error in my log file "/var/lib/dpkg/info/openvpn-as.postinst: line 42: /usr/local/openvpn_as/bin/ovpn-init: No such file or directory". When I try and open the UI it refuses to connect.

Share this post


Link to post
11 hours ago, Its Andrew said:

I just tried installing openvpn-as and get this error in my log file "/var/lib/dpkg/info/openvpn-as.postinst: line 42: /usr/local/openvpn_as/bin/ovpn-init: No such file or directory". When I try and open the UI it refuses to connect.

Post a full log and a screenshot of your container settings

Share this post


Link to post

cool, thanks for the heads up.  I will keep messing with it, and keep an eye here just in case someone else might have solved this problem.  

Share this post


Link to post
7 hours ago, Boren3459 said:

cool, thanks for the heads up.  I will keep messing with it, and keep an eye here just in case someone else might have solved this problem.  

Could you give us more details on the form of the license?  Is it a text string you enter somewhere?   And if you can get OpenVPN to tell us where that information is stored a solution may be possible.

Share this post


Link to post

Can anyone tell me how to set up open vpn so that when I connect, I connect ONLY to a network that is not my main lan.

I need to also run pihole on that network so I can connect to it via vpn from my phone and it allows me internet access with ads blocked.
No access to my server network so if I lose my phone, the thief cant do any damage.

At the moment, open vpn connects as if I'm on my home lan.

Share this post


Link to post
4 hours ago, jj_uk said:

Can anyone tell me how to set up open vpn so that when I connect, I connect ONLY to a network that is not my main lan.

I need to also run pihole on that network so I can connect to it via vpn from my phone and it allows me internet access with ads blocked.
No access to my server network so if I lose my phone, the thief cant do any damage.

At the moment, open vpn connects as if I'm on my home lan.

You can unselect the option for letting the client access other devices on the network.

 

Put in the pihole ip into the dns ip setting in openvpn-as

Share this post


Link to post

So encountered a weird bug/issue.

 

1) Can't change the default admin password using the admin panel in the web-ui. After changing can still log in just using "password"

 

2) Can't delete the default admin account using the admin panel in the web-ui. After creating a new admin account, log in using that new account then delete the default admin account. The web-ui no longer lists the default admin account but can still log in using username: admin password: password.

 

In all cases when it did not work I tried restarting the server and restarting the container and the problem persists.

I have tried deleting the container and the image and the config folder and starting completely fresh: the problem still persists

Share this post


Link to post
3 hours ago, static said:

So encountered a weird bug/issue.

 

1) Can't change the default admin password using the admin panel in the web-ui. After changing can still log in just using "password"

 

2) Can't delete the default admin account using the admin panel in the web-ui. After creating a new admin account, log in using that new account then delete the default admin account. The web-ui no longer lists the default admin account but can still log in using username: admin password: password.

 

In all cases when it did not work I tried restarting the server and restarting the container and the problem persists.

I have tried deleting the container and the image and the config folder and starting completely fresh: the problem still persists

using the console to change it works.

 

passwd admin

 

using this and the password change sticks.

Share this post


Link to post
3 hours ago, static said:

using the console to change it works.

 

passwd admin

 

using this and the password change sticks.

 

Read the Readme on github. It's explained there.

Share this post


Link to post
Posted (edited)
16 hours ago, saarg said:

 

Read the Readme on github. It's explained there.

I guess this is the solution:

 

Quote

Application Setup

The admin interface is available at https://<ip>:943/admin with a default user/password of admin/password

During first login, make sure that the "Authentication" in the webui is set to "Local" instead of "PAM". Then set up the user accounts with their passwords (user accounts created under PAM do not survive container update or recreation).

The "admin" account is a system (PAM) account and after container update or recreation, its password reverts back to the default. It is highly recommended to block this user's access for security reasons:

Create another user and set as an admin,

Log in as the new user,

Delete the "admin" user in the gui,

Modify the as.conf file under config/etc and replace the line boot_pam_users.0=admin with #boot_pam_users.0=admin (this only has to be done once and will survive container recreation)

 

 

Although I would say this is not exactly what I encountered, even without any container update or restart the default admin password still will not change using the webui.

 

Anyway thanks for the heads up! The solution in the readme totally solved the problem it seems. Next time I'll rtfm.

Edited by static

Share this post


Link to post
3 hours ago, static said:

I guess this is the solution:

 

 

 

Although I would say this is not exactly what I encountered, even without any container update or restart the default admin password still will not change using the webui.

 

Anyway thanks for the heads up! The solution in the readme totally solved the problem it seems. Next time I'll rtfm.

I had the exact same issue this morning. Thanks for doing the leg-work and posting the results!

Share this post


Link to post

Hi All

 

QQ, every time I run an update it resets my admin account password and I have to download a new client.ovpn to my clients. Is there anyway to update without having my details reset?

 

Thanks

 

I.

Share this post


Link to post
1 hour ago, IrishBiker said:

Hi All

 

QQ, every time I run an update it resets my admin account password and I have to download a new client.ovpn to my clients. Is there anyway to update without having my details reset?

 

Thanks

 

I.

Did you read the posts above your post?

Share this post


Link to post
1 hour ago, saarg said:

Did you read the posts above your post?

The above posts talk about not being able to change the admin password - I want to keep my current settings during an update and not having to re-setup everything and to confirm I had/have changed the admin password using the console access, in my case not only does it change my admin password my user account also seems to be disabled. I have to go into user management and reset the password and then finally re-download the client.ovpn file to my devices.

Share this post


Link to post
31 minutes ago, IrishBiker said:

The above posts talk about not being able to change the admin password - I want to keep my current settings during an update and not having to re-setup everything and to confirm I had/have changed the admin password using the console access, in my case not only does it change my admin password my user account also seems to be disabled. I have to go into user management and reset the password and then finally re-download the client.ovpn file to my devices.

 

How to set up the admin account is explained in the Readme on github linked in the first post. It was mentioned in the posts above yours.

Share this post


Link to post
On 7/30/2019 at 7:43 AM, saarg said:

 

How to set up the admin account is explained in the Readme on github linked in the first post. It was mentioned in the posts above yours.

I believe what is happening to IrishBiker is the same thing that happened to me. It appears that after updating the docker image it basically performs a "factory reset" of the entire program. We have to set up all of our usernames and create new certificates for every user and distribute these .opvn files EVERY TIME we update. This has happened twice to me know and after an update more often than not I am completely unable to access the webui and it takes me hours to initialize it (different problems every time). I've read the ReadMe and while helpful it would simply be easier for everyone if there was a way to export/import a configuration file via the WebUI of OpenVPN settings page.

Share this post


Link to post
1 hour ago, SergeantCC4 said:

I believe what is happening to IrishBiker is the same thing that happened to me. It appears that after updating the docker image it basically performs a "factory reset" of the entire program. We have to set up all of our usernames and create new certificates for every user and distribute these .opvn files EVERY TIME we update. This has happened twice to me know and after an update more often than not I am completely unable to access the webui and it takes me hours to initialize it (different problems every time). I've read the ReadMe and while helpful it would simply be easier for everyone if there was a way to export/import a configuration file via the WebUI of OpenVPN settings page.

You likely created all the users while Authentication is set to something other than "local". The readme states that you need to switch to local first.

 

Or, you didn't map the config folder correctly, so all your data is lost after an update.

 

We don't control the openvpn-as webui, it's upstream. You can make a request to them for the import/export functionality. But just so you know. When you update/recreate the container, it automatically exports your old settings and database and imports into the new container (as long as the config folder is mapped correctly).

Share this post


Link to post
17 minutes ago, aptalca said:

You likely created all the users while Authentication is set to something other than "local". The readme states that you need to switch to local first.

 

Or, you didn't map the config folder correctly, so all your data is lost after an update.

I can't remember for sure if I did that or not prior to this last update (I want to say I did local instead of PAM) but I definitely did this time just to make sure. 

Isn't mapping of the config folders automatic?

Thanks for the quick reply btw.

Share this post


Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.