Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

[Support] Linuxserver.io - OpenVPN AS

Featured Replies

3 minutes ago, EDalcin said:

Thank you. Uninstaled.

Personally, I am now using WireGuard for VPN access as it is included in unRAID and managed via plugin.   I keep OpenVPN and ZeroTier installed and configured as backup access methods.  They all work, its just a matter of your preference and what you need to do with remote access.

  • Replies 2k
  • Views 462.8k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • SpaceInvaderOne
    SpaceInvaderOne

    I have made un updated video guide for setting up this great container. It covers setting up the container, port forwarding and setting up clients on Windows, macOS Linux (ubuntu Mate) and on cel

  • PSA. It seems openvpn pushed another broken bin, tagged 2.7.3 I get the same error with it as I did with the previously pulled 2.7.2   While they/us try to figure it out, you can change

  • Stupifier
    Stupifier

    Ok, I used to be able to connect to Host network with this before the update....that allowed me to be assigned an IP on my WiFi subnet, which then allowed me to access the UnRAID GUI interface.  

Posted Images

3 hours ago, Hoopster said:

Personally, I am now using WireGuard for VPN access as it is included in unRAID and managed via plugin.   I keep OpenVPN and ZeroTier installed and configured as backup access methods.  They all work, its just a matter of your preference and what you need to do with remote access.

Thank you for your feedback. This is what I expect from this community!

I am admittedly new to unraid and using all of the plugins/dockers (upgraded from FreeNAS). My main goal for my unraid server is to manage media (radarr/sonarr/NZBGetVPN). I added the openvpn as in an attempt to be able to manage my movie ques remotely. I have been able to work my way to successfully connecting to the openvpn as client via port forwarding and DDNS server (thanks to SpaceInvader one). My issue is that now that i am connected to my home network remotely, i have not been able to open any web clients through the web interface. 

 

Maybe this is something simple that i am just completely ignorant of, but what do i have to use to actually look at my unraid server? Example DDNS.DDNSprovider.com/Tower:6789 or am i going about this all wrong?

3 hours ago, kurt698939 said:

I am admittedly new to unraid and using all of the plugins/dockers (upgraded from FreeNAS). My main goal for my unraid server is to manage media (radarr/sonarr/NZBGetVPN). I added the openvpn as in an attempt to be able to manage my movie ques remotely. I have been able to work my way to successfully connecting to the openvpn as client via port forwarding and DDNS server (thanks to SpaceInvader one). My issue is that now that i am connected to my home network remotely, i have not been able to open any web clients through the web interface. 

 

Maybe this is something simple that i am just completely ignorant of, but what do i have to use to actually look at my unraid server? Example DDNS.DDNSprovider.com/Tower:6789 or am i going about this all wrong?

Once you connect to the vpn, just browse to your server ip address and put in the port for the relevant gui.

 

If you want to do it with reverse proxy (properly), then you can use our letsencrypt image.

 

Here's a guide for that: https://blog.linuxserver.io/2019/04/25/letsencrypt-nginx-starter-guide/

2 hours ago, aptalca said:

Once you connect to the vpn, just browse to your server ip address and put in the port for the relevant gui.

 

If you want to do it with reverse proxy (properly), then you can use our letsencrypt image.

 

Here's a guide for that: https://blog.linuxserver.io/2019/04/25/letsencrypt-nginx-starter-guide/

Thank you very much for your response. It let me know i was attempting to use the remote access correctly. I went back over my openvpn as settings and realized i had not entered private subnet properly. I got that fixed up and everything worked like a charm. 

HI i am having issues with a 10 user licence. I activated it before the latest update of the docker and i noticed that the hostname changed for the  docker machine and the license is locked attached to a previous hostname.

 

How can i change the hostname back?

 

 

15 hours ago, sneak2k said:

HI i am having issues with a 10 user licence. I activated it before the latest update of the docker and i noticed that the hostname changed for the  docker machine and the license is locked attached to a previous hostname.

 

How can i change the hostname back?

 

 

In container settings, additional arguments, enter "--hostname blah"

I'm looking for a docker container to connect to my PIA VPN and then route traffic from other docker containers through it using the new functionality in Unraid 6.8.3. Can I do that with this docker? Is there any guide to setting it up? If not, is there a different docker I should be using? Thanks!

8 hours ago, aptalca said:

In container settings, additional arguments, enter "--hostname blah"

Perfect worked for me thanks.

2 hours ago, cbc02009 said:

I'm looking for a docker container to connect to my PIA VPN and then route traffic from other docker containers through it using the new functionality in Unraid 6.8.3. Can I do that with this docker? Is there any guide to setting it up? If not, is there a different docker I should be using? Thanks!

No, this is a server. What you need is a client

1 hour ago, sneak2k said:

Perfect worked for me thanks.

Can you confirm that the license remains valid through container recreation? We had a couple people ask in the past but they never confirmed. No one on the team has a paid license so we can't test.

 

Thanks

8 hours ago, aptalca said:

Can you confirm that the license remains valid through container recreation? We had a couple people ask in the past but they never confirmed. No one on the team has a paid license so we can't test.

 

Thanks

Hi, unfortunately the licence did not, they use a few reference points to authenticate the server, including mac addresses etc...

 

 I was able to force the previous hostname successfully, which is what i asked for in the thread, but since the other information has changed across the containers, they replced the key.

 

One of the key point is the Mac address of the main network adapter.

 

What i suggest is if you need to reinstall the container, backup your container config files to try and keep the new version as close to the original as possible.

 

I had uninstalled, choosing to clear the appdata with it, which is most likely why i could not activate as the new container was created from scratch and the hostname, mac address, etc... all changed because of it.

 

Would you happen to have the parameter to pass a MAC address to the container config?

 

1 hour ago, sneak2k said:

Hi, unfortunately the licence did not, they use a few reference points to authenticate the server, including mac addresses etc...

 

 I was able to force the previous hostname successfully, which is what i asked for in the thread, but since the other information has changed across the containers, they replced the key.

 

One of the key point is the Mac address of the main network adapter.

 

What i suggest is if you need to reinstall the container, backup your container config files to try and keep the new version as close to the original as possible.

 

I had uninstalled, choosing to clear the appdata with it, which is most likely why i could not activate as the new container was created from scratch and the hostname, mac address, etc... all changed because of it.

 

Would you happen to have the parameter to pass a MAC address to the container config?

 

Yeah, if you nuke the appdata, the license won't be valid anymore. What we need tested is, recreating the container with the same appdata.

 

Openvpn-as won't tell us what parameters they use to check. I'm not sure if mac address is one of them. But you can indeed set a custom one for your docker container: https://stackoverflow.com/questions/42946453/how-does-the-docker-assign-mac-addresses-to-containers

Do: 

"During first login, make sure that the "Authentication" in the webui is set to "Local" instead of "PAM". Then set up the user accounts with their passwords (user accounts created under PAM do not survive container update or recreation)"

 

mean that "admin" should be removed in the url logon?:

 

https://XX.XX.XX.XX:943/admin/

 

If so I arrive here:

534663038_Screenshot2020-03-13at18_23_30.thumb.png.4c7c09c7755beed668e524c6a37b3838.png

 

 

Going to "Admin" I get this url:

 

https://XX.XX.XX.XX:943/admin/

 

Loggin in with default PAM I get this annoying guy:

1204226653_Screenshot2020-03-13at18_27_47.thumb.png.3e1870baedd70666dab87da0f19e7a3c.png

 

I have a feeling I am doing something wrong (after 2 hours)...........

 

Can it be port forwarding? 1194 to 943 on server ip. 

 

 

Anyone?

 

 

//Frode

 

 

 

 

 

 

 

logfile.rtf

33 minutes ago, frodr said:

Do: 

"During first login, make sure that the "Authentication" in the webui is set to "Local" instead of "PAM". Then set up the user accounts with their passwords (user accounts created under PAM do not survive container update or recreation)"

 

mean that "admin" should be removed in the url logon?:

 

https://XX.XX.XX.XX:943/admin/

 

If so I arrive here:

534663038_Screenshot2020-03-13at18_23_30.thumb.png.4c7c09c7755beed668e524c6a37b3838.png

 

 

Going to "Admin" I get this url:

 

https://XX.XX.XX.XX:943/admin/

 

Loggin in with default PAM I get this annoying guy:

1204226653_Screenshot2020-03-13at18_27_47.thumb.png.3e1870baedd70666dab87da0f19e7a3c.png

 

I have a feeling I am doing something wrong (after 2 hours)...........

 

Can it be port forwarding? 1194 to 943 on server ip. 

 

 

Anyone?

 

 

//Frode

 

 

 

 

 

 

 

logfile.rtf 1.95 kB · 0 downloads

This seems to be a common problem now, multiple people have this issue lately. I've switched to WireGuard and it's 1000x easier to setup and use 

On 3/13/2020 at 2:16 PM, kayjay010101 said:

This seems to be a common problem now, multiple people have this issue lately. I've switched to WireGuard and it's 1000x easier to setup and use 

Recommending a completely different protocol is not very productive in a thread dedicated to openvpn-as. Plus, wireguard is more of an alternative to vanilla openvpn, not openvpn-as as it requires manual config via cli.

 

Also, I happen to use wireguard and openvpn side by side as one acts as a backup to the other.

On 3/13/2020 at 1:41 PM, frodr said:

Do: 

"During first login, make sure that the "Authentication" in the webui is set to "Local" instead of "PAM". Then set up the user accounts with their passwords (user accounts created under PAM do not survive container update or recreation)"

 

mean that "admin" should be removed in the url logon?:

 

https://XX.XX.XX.XX:943/admin/

 

If so I arrive here:

534663038_Screenshot2020-03-13at18_23_30.thumb.png.4c7c09c7755beed668e524c6a37b3838.png

 

 

Going to "Admin" I get this url:

 

https://XX.XX.XX.XX:943/admin/

 

Loggin in with default PAM I get this annoying guy:

1204226653_Screenshot2020-03-13at18_27_47.thumb.png.3e1870baedd70666dab87da0f19e7a3c.png

 

I have a feeling I am doing something wrong (after 2 hours)...........

 

Can it be port forwarding? 1194 to 943 on server ip. 

 

 

Anyone?

 

 

//Frode

 

 

 

 

 

 

 

logfile.rtf 1.95 kB · 0 downloads

See here: https://discourse.linuxserver.io/t/just-installed-openvpn-as-cant-login-as-admin/1162/5

  • 2 weeks later...

Has anybody figured out the SESSION ERROR problem? I am another of those affected by this.

 

I can log in the initial front end page, but only if I use my external domain name. It won't work if I refer to the site using the IP address. It also fails when I try to connect to the admin page, either using IP address or domain name.

 

I think that it is probably related to my LetsEncrypt proxy configuration, but I don't understand why it broke at the last update. It worked fine until then.

 

I looked at the link kindly provided by aptalca, but none of the suggested issues seem to belong to my configuration. I already had default and admin locations in my proxy configuration.

2 hours ago, jjthacker said:

but I don't understand why it broke at the last update. It worked fine until then.

Because openvpn-as got an update and they changed some things

 

Check the openvpn logs in the config folder

19 hours ago, jjthacker said:

Has anybody figured out the SESSION ERROR problem? I am another of those affected by this.

 

I can log in the initial front end page, but only if I use my external domain name. It won't work if I refer to the site using the IP address. It also fails when I try to connect to the admin page, either using IP address or domain name.

 

I think that it is probably related to my LetsEncrypt proxy configuration, but I don't understand why it broke at the last update. It worked fine until then.

 

I looked at the link kindly provided by aptalca, but none of the suggested issues seem to belong to my configuration. I already had default and admin locations in my proxy configuration.

I'm getting this on a fresh install. Fresh because the update wiped out my config folder: https://github.com/linuxserver/docker-openvpn-as/issues/108

 

Getting this in container log

 

Unpacking openvpn-as (2.8.3-f28d2eae-Ubuntu18) ...
Setting up openvpn-as-bundled-clients (7) ...
Setting up openvpn-as (2.8.3-f28d2eae-Ubuntu18) ...
Automatic configuration failed, see /usr/local/openvpn_as/init.log
You can configure manually using the /usr/local/openvpn_as/bin/ovpn-init tool.
/var/lib/dpkg/info/openvpn-as.postinst: line 68: systemctl: command not found
Stopping openvpn-as now; will start again later after configuring
cat: /var/run/openvpnas.pid: No such file or directory
kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec]

Edited by d2dyno

3 hours ago, d2dyno said:

I'm getting this on a fresh install. Fresh because the update wiped out my config folder: https://github.com/linuxserver/docker-openvpn-as/issues/108

 

Getting this in container log

 

Unpacking openvpn-as (2.8.3-f28d2eae-Ubuntu18) ...
Setting up openvpn-as-bundled-clients (7) ...
Setting up openvpn-as (2.8.3-f28d2eae-Ubuntu18) ...
Automatic configuration failed, see /usr/local/openvpn_as/init.log
You can configure manually using the /usr/local/openvpn_as/bin/ovpn-init tool.
/var/lib/dpkg/info/openvpn-as.postinst: line 68: systemctl: command not found
Stopping openvpn-as now; will start again later after configuring
cat: /var/run/openvpnas.pid: No such file or directory
kill: usage: kill [-s sigspec | -n signum | -sigspec] pid | jobspec ... or kill -l [sigspec]

Did you read my linked thread above?

Post a full log, post your docker run and check the openvpn log in the config folder

6 hours ago, aptalca said:

Did you read my linked thread above?

Post a full log, post your docker run and check the openvpn log in the config folder

Yes I did. Using bridge as always, tried adding NET_ADMIN via extra arguments, did not change any behaviour.

 

/usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name='openvpn-as' --net='bridge' --cpuset-cpus='5,6,37,38' --privileged=true -e TZ="America/Chicago" -e HOST_OS="Unraid" -e 'INTERFACE'='eth0' -e 'PGID'='100' -e 'PUID'='99' -p '943:943/tcp' -p '11194:11194/udp' -v '/mnt/disks/nvmepool/appdata/openvpn-as':'/config':'rw,slave' --cap-add=NET_ADMIN --label="traefik.protocol=https" --label="traefik.enable=true" --label="traefik.port=943" --label="traefik.frontend.rule=Host:ovpn.example.nl" --restart unless-stopped 'linuxserver/openvpn-as:latest' 

 

log-docker.txt openvpn.log

On 2/11/2020 at 12:12 PM, uaborne said:

I just resolved my issue. From the dockers console I ran the following commands which allowed me to login. 


/usr/local/openvpn_as/scripts/sacli --key "vpn.server.daemon.enable" --value "false" ConfigPut
/usr/local/openvpn_as/scripts/sacli --key "vpn.daemon.0.listen.protocol" --value "tcp" ConfigPut
/usr/local/openvpn_as/scripts/sacli --key "vpn.server.port_share.enable" --value "true" ConfigPut
/usr/local/openvpn_as/scripts/sacli start

 

i love you smart person this worked for me

On 2/11/2020 at 9:12 AM, uaborne said:

I just resolved my issue. From the dockers console I ran the following commands which allowed me to login. 


/usr/local/openvpn_as/scripts/sacli --key "vpn.server.daemon.enable" --value "false" ConfigPut
/usr/local/openvpn_as/scripts/sacli --key "vpn.daemon.0.listen.protocol" --value "tcp" ConfigPut
/usr/local/openvpn_as/scripts/sacli --key "vpn.server.port_share.enable" --value "true" ConfigPut
/usr/local/openvpn_as/scripts/sacli start

 

Bless you kind sir. I was pulling my hair out trying to find out what I had screwed up on a docker that had been working fine for months.

 

6 minutes ago, CombatMedic said:

Bless you kind sir. I was pulling my hair out trying to find out what I had screwed up on a docker that had been working fine for months.

Same. This should be on the front page / on the github

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.