[Support] Linuxserver.io - OpenVPN AS


Recommended Posts

In host mode you never see port mappings as the app has access to any port as it sees fit

 

Thanks, managed to access the Web GUI in Bridge mode but couldn't in Host mode.

When I access the WebGUI, under 'Server Network Settings' I see "eth0: 172.17.0.2"

Should this match my internal IP range or external IP? as it does not match either.

Also I have a bridge setup in UnRAID (br0) should I be using that instead of eth0?

 

In short No, and default is for the Network Settings within OPenVPN-AS using this container to be (in this case this is my Backup Server who's IP address is 192.168.1.3):

 

eth0: 192.168.1.3

 

As for an explanation, I shall do my best to explain as I understand it.

 

No this is the "internal" IP of the Container. Note that you access this on the "unRAID Server" via its IP or hostname.

 

E.g.: Container = 172.17.0.2:port# => unRAID machine = 192.168.1.1:port#

 

AFAIK the port(s) in use by the container is usually static (in some cases changeable like OpenVPN-AS) but the port on the unRAID machine is variable. Note also that some Containers HAVE to run in Host or Bridge mode for them to work.

 

Anyway, in general IF you select the Container to run in Host mode then you are essentially saying to Docker => please map the Container Port to my unRAID Server port. This can be a hassle IF you have more than one Container wanting the same port(s). This is where Bridge mode comes in. This is where docker differs from a VM for instance. It means that docker still uses the unRAID Server IP address, but that there is a mapping (bridge) between the ports as seen inside the docker container, and the ports these are mapped to at the unRAID Server level.  This is how you can have two different docker containers think they are using the same port internally, but that they are seen as different ports on the unRAID Server.

 

I hope that makes some sense to you.

Link to comment

In host mode you never see port mappings as the app has access to any port as it sees fit

 

Thanks, managed to access the Web GUI in Bridge mode but couldn't in Host mode.

When I access the WebGUI, under 'Server Network Settings' I see "eth0: 172.17.0.2"

Should this match my internal IP range or external IP? as it does not match either.

Also I have a bridge setup in UnRAID (br0) should I be using that instead of eth0?

 

In short No, and default is for the Network Settings within OPenVPN-AS using this container to be (in this case this is my Backup Server who's IP address is 192.168.1.3):

 

eth0: 192.168.1.3

 

As for an explanation, I shall do my best to explain as I understand it.

 

No this is the "internal" IP of the Container. Note that you access this on the "unRAID Server" via its IP or hostname.

 

E.g.: Container = 172.17.0.2:port# => unRAID machine = 192.168.1.1:port#

 

AFAIK the port(s) in use by the container is usually static (in some cases changeable like OpenVPN-AS) but the port on the unRAID machine is variable. Note also that some Containers HAVE to run in Host or Bridge mode for them to work.

 

Anyway, in general IF you select the Container to run in Host mode then you are essentially saying to Docker => please map the Container Port to my unRAID Server port. This can be a hassle IF you have more than one Container wanting the same port(s). This is where Bridge mode comes in. This is where docker differs from a VM for instance. It means that docker still uses the unRAID Server IP address, but that there is a mapping (bridge) between the ports as seen inside the docker container, and the ports these are mapped to at the unRAID Server level.  This is how you can have two different docker containers think they are using the same port internally, but that they are seen as different ports on the unRAID Server.

 

I hope that makes some sense to you.

Sounds like a candidate for the Docker FAQ
Link to comment

As for an explanation, I shall do my best to explain as I understand it. I hope that makes some sense to you.

 

Thanks for the explanation.

 

Should I be able to test OpenVPN internally from a machine on the network? (I have the AS Host Name set to UNRAID local IP)

I can't seem to get OpenVPN GUI on Windows to connect to the Server:

 

This Docker is set to Bridge with Privileged On, see attached screenshot for a few settings/error:

 

 

 

 

OpenVPN_AS.png.8cc38df38e1bfa2ebd266ec00dd4f56e.png

Link to comment

Got OpenVPN-AS installed yesterday and started the webGUI.  I stopped the docker this morning as I wasn't set with config and didn't want it running for no reason.

 

I got home tonight, restarted it and it can't seem to start. It dies after it tries to pull files for update. here is snippet of last lines from docker log:

 

Get:26 http://mirrors.accretive-networks.net trusty/restricted amd64 Packages [16.0 kB]
Get:27 http://mirrors.accretive-networks.net trusty/multiverse amd64 Packages [169 kB]
Get:28 http://mirrors.accretive-networks.net trusty/main amd64 Packages [1,743 kB]
Get:29 http://mirrors.accretive-networks.net trusty/restricted amd64 Packages [16.0 kB]
Get:30 http://mirrors.accretive-networks.net trusty/universe amd64 Packages [5,859 kB]
Hit http://mirrors.accretive-networks.net trusty/universe Sources [7,926 kB]
Hit http://mirrors.accretive-networks.net trusty/multiverse Sources [211 kB]
Err http://mirrors.accretive-networks.net trusty/main amd64 Packages
406 Not Acceptable
Err http://mirrors.accretive-networks.net trusty/restricted amd64 Packages
406 Not Acceptable
Err http://mirrors.accretive-networks.net trusty/universe Sources
406 Not Acceptable
Err http://mirrors.accretive-networks.net trusty/multiverse Sources
406 Not Acceptable

Link to comment

Got OpenVPN-AS installed yesterday and started the webGUI.  I stopped the docker this morning as I wasn't set with config and didn't want it running for no reason.

 

I got home tonight, restarted it and it can't seem to start. It dies after it tries to pull files for update. here is snippet of last lines from docker log:

 

Get:26 http://mirrors.accretive-networks.net trusty/restricted amd64 Packages [16.0 kB]
Get:27 http://mirrors.accretive-networks.net trusty/multiverse amd64 Packages [169 kB]
Get:28 http://mirrors.accretive-networks.net trusty/main amd64 Packages [1,743 kB]
Get:29 http://mirrors.accretive-networks.net trusty/restricted amd64 Packages [16.0 kB]
Get:30 http://mirrors.accretive-networks.net trusty/universe amd64 Packages [5,859 kB]
Hit http://mirrors.accretive-networks.net trusty/universe Sources [7,926 kB]
Hit http://mirrors.accretive-networks.net trusty/multiverse Sources [211 kB]
Err http://mirrors.accretive-networks.net trusty/main amd64 Packages
406 Not Acceptable
Err http://mirrors.accretive-networks.net trusty/restricted amd64 Packages
406 Not Acceptable
Err http://mirrors.accretive-networks.net trusty/universe Sources
406 Not Acceptable
Err http://mirrors.accretive-networks.net trusty/multiverse Sources
406 Not Acceptable

 

I have just tried it and it is working fine. Are you still having issues?

Link to comment

As for an explanation, I shall do my best to explain as I understand it. I hope that makes some sense to you.

 

Thanks for the explanation.

 

Should I be able to test OpenVPN internally from a machine on the network? (I have the AS Host Name set to UNRAID local IP)

I can't seem to get OpenVPN GUI on Windows to connect to the Server:

 

This Docker is set to Bridge with Privileged On, see attached screenshot for a few settings/error:

 

I think you should be able to do this.

 

Note that the Docker is set to run in Host mode. Please see this from the docker hub page linked to in the first post of this thread:

 

IMPORTANT, will not operate unless in host mode.

 

https://hub.docker.com/r/linuxserver/openvpn-as/

 

Now this is NOT strictly true. You CAN operate in Bridge mode AFTER you have setup the application in host mode OR if you have decided which ports the services are going to operate on. What I did was set OpenVPN-AS to run the VPN Server on port 1194 and the Admin / Connect services to run on 943 and tested it worked. Then I switched from Host to Bridge and mapped Container ports 1194 and 943 to the Host. Obviously IF I ever want to change these ports I won't be able to change the ports in the OpenVPN-AS Admin web gui (like I would be able to if I had this setup in Host mode) I will have to change the ports of the Bridge mode setup.

 

You might ask why I did this and it was because I have a bonded NIC setup and this setup wasn't playing well with this Docker in Host mode. In bridge mode it worked perfect.

 

Anyway, I digress. Setup the docker working in host mode and AFAIK you should be able to do what you are trying.

Link to comment

Note that the Docker is set to run in Host mode. Please see this from the docker hub page linked to in the first post of this thread:

 

I think that might be my problem, I can't access the Web GUI at all in Host mode, so had to set to Bridge mode to access.

What do I need to do/change to setup in Bridge mode? I'm want to use UDP 1194.

 

Note: I setup a quick Debian Wheezy VM and installed OpenVPN AS, that works fine, but would prefer to use Docker for this service.

 

 

Link to comment

Note that the Docker is set to run in Host mode. Please see this from the docker hub page linked to in the first post of this thread:

 

I think that might be my problem, I can't access the Web GUI at all in Host mode, so had to set to Bridge mode to access.

What do I need to do/change to setup in Bridge mode? I'm want to use UDP 1194.

 

Note: I setup a quick Debian Wheezy VM and installed OpenVPN AS, that works fine, but would prefer to use Docker for this service.

 

That could be because you have some port conflicts but without more information I don't know. Anyway, if the goal is to get you running quickly the fact that your setup is like you explain, well, thats good, that means your setup is just like mine is on my Main Server. Setup like this and I promise it works great:

 

Admin and Connect URL (assuming your unRAID Server is called Tower OR has an IP of 192.168.1.2):

 

http://Tower:943 OR http://192.168.1.2:943

 

External Open VPN Port (assuming your domain name is www.example.com OR Dynamic DNS is my_sample_name.dyndns.org OR IP Address is 111.222.333.444 ):

 

example.com:1194 [uDP] OR my_sample_name.dyndns.org:1194 [uDP] OR 111.222.333.444:1194 [uDP]

 

Screen_Shot_2016_03_31_at_7_02_56_AM.png

 

Screen_Shot_2016_03_31_at_7_03_37_AM.png

 

Screen_Shot_2016_03_31_at_7_04_50_AM.png

 

And don't forget your router config:

 

Screen_Shot_2016_03_31_at_7_15_28_AM.png

Link to comment

That could be because you have some port conflicts but without more information I don't know. Anyway, if the goal is to get you running quickly the fact that your setup is like you explain, well, thats good, that means your setup is just like mine is on my Main Server. Setup like this and I promise it works great:

 

Thanks for the guide/help danioj, all working perfect now!  8)

 

As for Host mode, not sure why it doesn't work, only other Docker/Plugin I have is MariaDB. It doesn't matter as it is now all working fine in Bridge mode  :)

 

Link to comment

That could be because you have some port conflicts but without more information I don't know. Anyway, if the goal is to get you running quickly the fact that your setup is like you explain, well, thats good, that means your setup is just like mine is on my Main Server. Setup like this and I promise it works great:

 

Thanks for the guide/help danioj, all working perfect now!  8)

 

As for Host mode, not sure why it doesn't work, only other Docker/Plugin I have is MariaDB. It doesn't matter as it is now all working fine in Bridge mode  :)

 

No worries, glad you're up and running.

Link to comment
  • 2 weeks later...

Note that the Docker is set to run in Host mode. Please see this from the docker hub page linked to in the first post of this thread:

 

I think that might be my problem, I can't access the Web GUI at all in Host mode, so had to set to Bridge mode to access.

What do I need to do/change to setup in Bridge mode? I'm want to use UDP 1194.

 

Note: I setup a quick Debian Wheezy VM and installed OpenVPN AS, that works fine, but would prefer to use Docker for this service.

 

That could be because you have some port conflicts but without more information I don't know. Anyway, if the goal is to get you running quickly the fact that your setup is like you explain, well, thats good, that means your setup is just like mine is on my Main Server. Setup like this and I promise it works great:

 

Admin and Connect URL (assuming your unRAID Server is called Tower OR has an IP of 192.168.1.2):

 

http://Tower:943 OR http://192.168.1.2:943

 

External Open VPN Port (assuming your domain name is www.example.com OR Dynamic DNS is my_sample_name.dyndns.org OR IP Address is 111.222.333.444 ):

 

example.com:1194 [uDP] OR my_sample_name.dyndns.org:1194 [uDP] OR 111.222.333.444:1194 [uDP]

 

Screen_Shot_2016_03_31_at_7_02_56_AM.png

 

Screen_Shot_2016_03_31_at_7_03_37_AM.png

 

Screen_Shot_2016_03_31_at_7_04_50_AM.png

 

And don't forget your router config:

 

Screen_Shot_2016_03_31_at_7_15_28_AM.png

 

I have followed everything in this guide and still can't get it to work. Triple checked settings. Verified that my router has 1194/udp open, and it still fails with this:

 

PvbtFbD.png

 

I tried using port 1000/udp, to see if it was a port problem with my ISP blocking but that still fails.

 

Oddly, if I do a port scan outside of my network, my router shows packets going through.

 

But if I initiative the connectivity test within the OpenVPN-AS webUI, my router doesn't show any packets.

 

Wondering if there's some setup mistake I'm making?

 

Link to comment

Note that the Docker is set to run in Host mode. Please see this from the docker hub page linked to in the first post of this thread:

 

I think that might be my problem, I can't access the Web GUI at all in Host mode, so had to set to Bridge mode to access.

What do I need to do/change to setup in Bridge mode? I'm want to use UDP 1194.

 

Note: I setup a quick Debian Wheezy VM and installed OpenVPN AS, that works fine, but would prefer to use Docker for this service.

 

That could be because you have some port conflicts but without more information I don't know. Anyway, if the goal is to get you running quickly the fact that your setup is like you explain, well, thats good, that means your setup is just like mine is on my Main Server. Setup like this and I promise it works great:

 

Admin and Connect URL (assuming your unRAID Server is called Tower OR has an IP of 192.168.1.2):

 

http://Tower:943 OR http://192.168.1.2:943

 

External Open VPN Port (assuming your domain name is www.example.com OR Dynamic DNS is my_sample_name.dyndns.org OR IP Address is 111.222.333.444 ):

 

example.com:1194 [uDP] OR my_sample_name.dyndns.org:1194 [uDP] OR 111.222.333.444:1194 [uDP]

 

Screen_Shot_2016_03_31_at_7_02_56_AM.png

 

Screen_Shot_2016_03_31_at_7_03_37_AM.png

 

Screen_Shot_2016_03_31_at_7_04_50_AM.png

 

And don't forget your router config:

 

Screen_Shot_2016_03_31_at_7_15_28_AM.png

 

I have followed everything in this guide and still can't get it to work. Triple checked settings. Verified that my router has 1194/udp open, and it still fails with this:

 

PvbtFbD.png

 

I tried using port 1000/udp, to see if it was a port problem with my ISP blocking but that still fails.

 

Oddly, if I do a port scan outside of my network, my router shows packets going through.

 

But if I initiative the connectivity test within the OpenVPN-AS webUI, my router doesn't show any packets.

 

Wondering if there's some setup mistake I'm making?

 

I'm pretty sure the connectivity test doesn't work within the docker. I never had it working yet my OpenVPN-AS worked fine. Test connecting to your VPN via your mobile's data.

Link to comment

 

I'm pretty sure the connectivity test doesn't work within the docker. I never had it working yet my OpenVPN-AS worked fine. Test connecting to your VPN via your mobile's data.

 

Ok, good to know. Will try it when I'm back at home tonight.

 

When interim question though, is helping me understand users and how authentication works.

 

When I created another second user account (let's call it "bob"), it didn't prompt me for a password anywhere.  When i download the profile, and send to my device, how does it know who I want to auth as?

Link to comment

 

I'm pretty sure the connectivity test doesn't work within the docker. I never had it working yet my OpenVPN-AS worked fine. Test connecting to your VPN via your mobile's data.

 

Ok, good to know. Will try it when I'm back at home tonight.

 

When interim question though, is helping me understand users and how authentication works.

 

When I created another second user account (let's call it "bob"), it didn't prompt me for a password anywhere.  When i download the profile, and send to my device, how does it know who I want to auth as?

 

While you are making "bob" or have made it, in User Permissions on OPEN-AS webui, to the right you should see a show link, click on that, from that dialog box you can change/set user passwords for VPN client. If the server is running you'll have to go to the top of UI an push the changes to the server.

 

So now in your browser if you go to: https://foo_myIP.orDOMAIN:943/ you put in "bob" and password. This will get you DL's to OpenVPN client (if you don't have it already) and the client config files. Grab your config file and VPN client and go. If you already have your VPN client installed and configured, you can just open that put in bob and password. Unless it's the autorun profile which case your VPN client should autoconnect without username and password.

Link to comment

 

I'm pretty sure the connectivity test doesn't work within the docker. I never had it working yet my OpenVPN-AS worked fine. Test connecting to your VPN via your mobile's data.

 

Ok, good to know. Will try it when I'm back at home tonight.

 

When interim question though, is helping me understand users and how authentication works.

 

When I created another second user account (let's call it "bob"), it didn't prompt me for a password anywhere.  When i download the profile, and send to my device, how does it know who I want to auth as?

 

While you are making "bob" or have made it, in User Permissions on OPEN-AS webui, to the right you should see a show link, click on that, from that dialog box you can change/set user passwords for VPN client. If the server is running you'll have to go to the top of UI an push the changes to the server.

 

So now in your browser if you go to: https://foo_myIP.orDOMAIN:943/ you put in "bob" and password. This will get you DL's to OpenVPN client (if you don't have it already) and the client config files. Grab your config file and VPN client and go. If you already have your VPN client installed and configured, you can just open that put in bob and password. Unless it's the autorun profile which case your VPN client should autoconnect without username and password.

 

Sorry, I do not believe you are correct.

 

In its default configuration (if at all) there are no options for changing passwords at all in the web-gui of openvpn-as.

 

All user username / passwords are managed by the containers "system" passwords. This is why you have to access the container via the command line to create a user and a password (and also change the admin acc password).

 

Once done, you can enable auto login and then you can log onto the access server gui and download the certificate driven profile. Easy Peasy!

Link to comment

 

I'm pretty sure the connectivity test doesn't work within the docker. I never had it working yet my OpenVPN-AS worked fine. Test connecting to your VPN via your mobile's data.

 

Ok, good to know. Will try it when I'm back at home tonight.

 

When interim question though, is helping me understand users and how authentication works.

 

When I created another second user account (let's call it "bob"), it didn't prompt me for a password anywhere.  When i download the profile, and send to my device, how does it know who I want to auth as?

 

While you are making "bob" or have made it, in User Permissions on OPEN-AS webui, to the right you should see a show link, click on that, from that dialog box you can change/set user passwords for VPN client. If the server is running you'll have to go to the top of UI an push the changes to the server.

 

So now in your browser if you go to: https://foo_myIP.orDOMAIN:943/ you put in "bob" and password. This will get you DL's to OpenVPN client (if you don't have it already) and the client config files. Grab your config file and VPN client and go. If you already have your VPN client installed and configured, you can just open that put in bob and password. Unless it's the autorun profile which case your VPN client should autoconnect without username and password.

 

Sorry, I do not believe you are correct.

 

In its default configuration (if at all) there are no options for changing passwords at all in the web-gui of openvpn-as.

 

All user username / passwords are managed by the containers "system" passwords. This is why you have to access the container via the command line to create a user and a password (and also change the admin acc password).

 

Once done, you can enable auto login and then you can log onto the access server gui and download the certificate driven profile. Easy Peasy!

 

Yep looks like you're right. Had to create user first then change password via command line.

 

Seems to be working! (And previous poster was correct that the connectivity test doesn't work)

Link to comment
  • 2 weeks later...

So I just installed this docker, and right now I'm having two issues:

 

1) I can't change my admin password, when I use the "docker exec -it openvpn-as xxxxxx admin" command, it returns "exec" "xxxxxx": executable file not found in $PATH"

2) I have my networking set up as a bond (bond0), how do I set my application to recognize this. Currently I can only access the webGUI if I set the Networking Type to Bridge (I want host, correct?)

Link to comment

What's the output of ifconfig from a terminal?

 

root@HYDRA:/mnt/disk1/DockerApps# ifconfig
bond0: flags=5443<UP,BROADCAST,RUNNING,PROMISC,MASTER,MULTICAST>  mtu 1500
        ether 10:c3:7b:6f:43:ae  txqueuelen 0  (Ethernet)
        RX packets 376918292  bytes 545599728025 (508.1 GiB)
        RX errors 0  dropped 213548  overruns 0  frame 0
        TX packets 35516033  bytes 6243595662 (5.8 GiB)
        TX errors 0  dropped 12 overruns 0  carrier 0  collisions 0

br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.101  netmask 255.255.255.0  broadcast 192.168.0.255
        ether 10:c3:7b:6f:43:ae  txqueuelen 0  (Ethernet)
        RX packets 85104066  bytes 554801007870 (516.6 GiB)
        RX errors 0  dropped 13916  overruns 0  frame 0
        TX packets 39609148  bytes 126332393253 (117.6 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.42.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 46:e0:a9:09:01:15  txqueuelen 0  (Ethernet)
        RX packets 52898  bytes 14164401 (13.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 53867  bytes 30521239 (29.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST>  mtu 1500
        ether 10:c3:7b:6f:43:ae  txqueuelen 1000  (Ethernet)
        RX packets 376704744  bytes 545585615783 (508.1 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 35516033  bytes 6243595662 (5.8 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST>  mtu 1500
        ether 10:c3:7b:6f:43:ae  txqueuelen 1000  (Ethernet)
        RX packets 213548  bytes 14112242 (13.4 MiB)
        RX errors 0  dropped 213548  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 18  memory 0xfbf00000-fbf20000

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 0  (Local Loopback)
        RX packets 137464  bytes 25960421 (24.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 137464  bytes 25960421 (24.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth17b05fb: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 8e:b6:70:ea:a8:35  txqueuelen 0  (Ethernet)
        RX packets 2115  bytes 859529 (839.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1924  bytes 1218400 (1.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth638c205: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether a6:2a:88:78:4c:66  txqueuelen 0  (Ethernet)
        RX packets 19556  bytes 2062340 (1.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 21441  bytes 9256959 (8.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vetha052b41: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 46:e0:a9:09:01:15  txqueuelen 0  (Ethernet)
        RX packets 699  bytes 548224 (535.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 897  bytes 705751 (689.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:fb:a4:f1  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether fe:54:00:7c:e6:b8  txqueuelen 500  (Ethernet)
        RX packets 12455171  bytes 31394587093 (29.2 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 89716902  bytes 129283508307 (120.4 GiB)
        TX errors 0  dropped 5018 overruns 0  carrier 0  collisions 0

 

I'm a noob, but guessing from the ifconfig my docker needs to be pointed at br0 and not eth0 (default)? And if correct, I don't know how to go about doing that but I guess I can keep digging.

 

I suspect it's down to the fact you've got bonding enabled on your Unraid machine as that's the only difference I see between my setup and yours.

 

I went into webUI - edit page for docker; added a variable INTERFACE with a value of bond0 -- I can now access port 943. So I think my issue is resolved, but before I get too comfortable I just want to ask is this fix kosher? Also before this, I didn't realize I could do this. I.e. is there a technical reason it's mapped to eth0, or it's just default (you have to start somewhere)?

 

Again, thank you for your assistance and time (not to mention patience to deal with this noob).

 

Can I ask you how you added this interface? I'm also using a bond connection and cannot figure out how to set this up. I can currently only access the VPN web interface if I change the connection type to Bridge.

Link to comment

What's the output of ifconfig from a terminal?

 

root@HYDRA:/mnt/disk1/DockerApps# ifconfig
bond0: flags=5443<UP,BROADCAST,RUNNING,PROMISC,MASTER,MULTICAST>  mtu 1500
        ether 10:c3:7b:6f:43:ae  txqueuelen 0  (Ethernet)
        RX packets 376918292  bytes 545599728025 (508.1 GiB)
        RX errors 0  dropped 213548  overruns 0  frame 0
        TX packets 35516033  bytes 6243595662 (5.8 GiB)
        TX errors 0  dropped 12 overruns 0  carrier 0  collisions 0

br0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.101  netmask 255.255.255.0  broadcast 192.168.0.255
        ether 10:c3:7b:6f:43:ae  txqueuelen 0  (Ethernet)
        RX packets 85104066  bytes 554801007870 (516.6 GiB)
        RX errors 0  dropped 13916  overruns 0  frame 0
        TX packets 39609148  bytes 126332393253 (117.6 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.17.42.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 46:e0:a9:09:01:15  txqueuelen 0  (Ethernet)
        RX packets 52898  bytes 14164401 (13.5 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 53867  bytes 30521239 (29.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST>  mtu 1500
        ether 10:c3:7b:6f:43:ae  txqueuelen 1000  (Ethernet)
        RX packets 376704744  bytes 545585615783 (508.1 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 35516033  bytes 6243595662 (5.8 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth1: flags=6211<UP,BROADCAST,RUNNING,SLAVE,MULTICAST>  mtu 1500
        ether 10:c3:7b:6f:43:ae  txqueuelen 1000  (Ethernet)
        RX packets 213548  bytes 14112242 (13.4 MiB)
        RX errors 0  dropped 213548  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
        device interrupt 18  memory 0xfbf00000-fbf20000

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        loop  txqueuelen 0  (Local Loopback)
        RX packets 137464  bytes 25960421 (24.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 137464  bytes 25960421 (24.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth17b05fb: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 8e:b6:70:ea:a8:35  txqueuelen 0  (Ethernet)
        RX packets 2115  bytes 859529 (839.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1924  bytes 1218400 (1.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth638c205: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether a6:2a:88:78:4c:66  txqueuelen 0  (Ethernet)
        RX packets 19556  bytes 2062340 (1.9 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 21441  bytes 9256959 (8.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vetha052b41: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether 46:e0:a9:09:01:15  txqueuelen 0  (Ethernet)
        RX packets 699  bytes 548224 (535.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 897  bytes 705751 (689.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:fb:a4:f1  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vnet0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        ether fe:54:00:7c:e6:b8  txqueuelen 500  (Ethernet)
        RX packets 12455171  bytes 31394587093 (29.2 GiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 89716902  bytes 129283508307 (120.4 GiB)
        TX errors 0  dropped 5018 overruns 0  carrier 0  collisions 0

 

I'm a noob, but guessing from the ifconfig my docker needs to be pointed at br0 and not eth0 (default)? And if correct, I don't know how to go about doing that but I guess I can keep digging.

 

I suspect it's down to the fact you've got bonding enabled on your Unraid machine as that's the only difference I see between my setup and yours.

 

I went into webUI - edit page for docker; added a variable INTERFACE with a value of bond0 -- I can now access port 943. So I think my issue is resolved, but before I get too comfortable I just want to ask is this fix kosher? Also before this, I didn't realize I could do this. I.e. is there a technical reason it's mapped to eth0, or it's just default (you have to start somewhere)?

 

Again, thank you for your assistance and time (not to mention patience to deal with this noob).

 

Can I ask you how you added this interface? I'm also using a bond connection and cannot figure out how to set this up. I can currently only access the VPN web interface if I change the connection type to Bridge.

 

[*]Click "Add another Path, Port or Variable" in the container configuration.

[*]Name = Variable 3

[*]Target = INTERFACE

[*]Value = bond0

 

 

Save and it should work.

Link to comment

 

[*]Click "Add another Path, Port or Variable" in the container configuration.

[*]Name = Variable 3

[*]Target = INTERFACE

[*]Value = bond0

 

 

Save and it should work.

 

Thank you very much, that did the trick. Also the "advanced" option needs to be turned on in the upper right corner for any who find this in the future.

 

That fixed my once issue. Do you or anyone else know why I might be unable to change my administrator password? When I use the "docker exec -it openvpn-as xxxxxx admin" command, it returns "exec" "xxxxxx": executable file not found in $PATH"

 

my god I'm an idiot. I thought I had to put in the password I wanted in that string.

 

Right now my current hostname is my internal IP address. I assume I can't use this to connect to the VPN from outside my network. Can I just set my hostname to whatever i want? or do I use my ipadress from ifconfig?

 

Link to comment

Can anyone help me with this setup?

I am trying to setup openvpn-as and use btsync to sync/backup config so if i lose a host i can bring it up on another host. I am using Docker Cloud and the following stackfile but when the openvpn container comes up i can change the admin password as i get a message saying "System Error" after i confirm the new password.  Also i can access the website but i can't login because it says username or password is wrong using admin/password.

 

Is there a better way to auto backup/restore the /config folder over hosts?

 

OpenVpnAs:
  image: 'linuxserver/openvpn-as:latest'
  net: host
  ports:
    - '943:943'
    - '1194:1194/udp'
    - '9443:9443'
  privileged: true
  restart: on-failure
  tags:
    - Azure
  volumes_from:
    - btsync
btsync:
  image: 'tutum/btsync:latest'
  restart: on-failure
  roles:
    - global
  target_num_containers: 2
  volumes:
    - /config

 

 

Link to comment

ok this is really confusing me now.  I thought my issue was my syncing stuff so did a plan container on dockrcloud with the setup below and still got the same error trying to set the admin password

 

OpenVpnAs:
  image: 'linuxserver/openvpn-as:latest'
  net: host
  ports:
    - '943:943'
    - '1194:1194/udp'
    - '9443:9443'
  privileged: true
  restart: on-failure
  autoredeploy: true

 

what am i doing that would break the ability to change the admin password on the instance?

Link to comment

Anyone know how to get this docker to update the version of OpenVPN-AS?

 

I'm on 2.0.24 which is the original I got when i first downloaded the docker. I've edited and restarted the container several times (like plex and rutorrent) but it isn't grabbing the latest(2.0.26)

Link to comment

So I managed to make the password change without a problem, but then I made a few changes to my container settings and it updated the container. The admin password was then reset to the default and didn't remember the new password I had set

 

Is there a way to fix this? I don't want to have to change the admin password everytime the container receives an update

 

Also, @Nem ... did you ever figure this out? I had the same problem when I had jus tried to edit/restart the container to grab the most recent openvpn-as version

 

anyone?

My volume mapping is /config ==> /mnt/cache/appdata/vpn/ literally everything else in the docker setup is unchanged from default

Network Type:  Bridge

Privileged: checked

Bind Time: checked

Link to comment
  • trurl pinned and unpinned this topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.