[Support] Linuxserver.io - OpenVPN AS


1923 posts in this topic Last Reply

Recommended Posts

  • Replies 1.9k
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Popular Posts

I have made un updated video guide for setting up this great container. It covers setting up the container, port forwarding and setting up clients on Windows, macOS Linux (ubuntu Mate) and on cel

PSA. It seems openvpn pushed another broken bin, tagged 2.7.3 I get the same error with it as I did with the previously pulled 2.7.2   While they/us try to figure it out, you can change

Ok, I used to be able to connect to Host network with this before the update....that allowed me to be assigned an IP on my WiFi subnet, which then allowed me to access the UnRAID GUI interface.  

Posted Images

12 hours ago, Andreas76 said:

You can access it via IP address.  I do not know how to get the DNS to resolve. Im hoping there is a way

Unfortunately, I cannot.  The IP address of the existing network is 192.168.x.x.  Upon connecting via VPN, I get IP addess of 172.x.x.x (can't remember what exactly).  

Link to post
2 hours ago, jang430 said:

Unfortunately, I cannot.  The IP address of the existing network is 192.168.x.x.  Upon connecting via VPN, I get IP addess of 172.x.x.x (can't remember what exactly).  

That's correct. You need to enter your network subnet in the gui settings for it to nat

Link to post
On 4/2/2020 at 5:15 AM, SeaMax said:

Hello,

 

I have two problems with openvpn-as:

FIRST PROBLEM

i've also got the Error


SESSION ERROR: SESSION: Your session has expired, please reauthenticate (9007)

and I am at a loss of what exactly i have to do to fix it.

 

My setup:

(1) I've installed the openvpn-as container in bridge mode - i set up another user name (also with admin access), then login as said user and delete the standard admin user.

(2) I switch the network mode in the container to a custom proxynet (nginx setup from spaceinvader video)  so that i can reach my openvpn user and admin login from anywhere

(3) i edit the as.config file entry "boot_pam_users.0=" and put random characters in, so that my admin acc is not accesible if it was reset during switching of dhe network mode

(4) i go to my web interface login of openvpn: openvpn.***.* -> it opens to the user login page

-> i can login as my created user

(5) i go to openvpn.***.*/admin it opens to the admin login page

-> i get said error on login attempt with my created admin user

 

Now, people linked to this POST a couple of posts back.

There it says, regarding error solution:

"

1. iptables issues on host (either not installed or missing kernel modules)

2. you didn’t add cap-add NET_ADMIN

3. you’re using an unsupported networking method (host or macvlan)

"

1) i do not know what this means or what i have to check and possible fix

2) i've checked in advanced view, docker container is still created with "cap-add NET_ADMIN"

3) i do not know exactly what this means, is it possible that you cannot run openvpn on a custom setup unraid network (in my case "proxynet" and letsencrypt) - does it only run on "bridge" mode?

 

SECOND PROBLEM

Maybe related to first problem.

 

With my setup (as explained above) i can go on my mobile, go to my openvpn domain and download the access file for the mobile openvpn client.

BUT when i try to connect to my openvpn server the connection times out.

Openvpn is configured on UDP 1194 and i've forwarded this port to my unraid server (as per spaceinvaders video).

Any idea what could prevent it from getting a connection?

 

Thanks for the people reading this and in general developing this container.

 

 

 

 

I got it to work there, is a weird bug. I changed the network to the host when you first setup the docker. So you have to delete all the files on the share before you start over, after you start the server let it start compiling the files then edit the docker and change the network type back to Bridge mode. Then do all the normal setup and when you get to user management it should not error out. There is a bug with then network info. because when I did the host first it gave me a different ip of the docker and then put my Ip rang into the host. that's how I realized it changed. I hope this helped.

 

Edited by MyCaptainMyKing
Link to post
On 12/29/2015 at 6:41 AM, CHBMB said:

 

Try


docker exec -it openvpn-as passwd admin
 

  obviously change passwd to whatever you want the password to be.

Hi.  I'm trying to change password for admin.  I have never executed any commands such as the line above "docker exec -it openvpn-as passwd admin"

 

Where do I execute this command?  

Link to post
  • 2 weeks later...
On 2/27/2020 at 2:20 PM, saarg said:

What do you mean by usb pass through the vpn?

Do you mean that you want to pass through a usb network adapter to the container?

Sorry for the delayed response.  Fairly new to unraid/Linux. I was trying to get the following set up:

Server A hosts OpenVPN, separately runs Windows VM and can connect remotely with client B. With Remote Desktop when I plug in usb/keyboard to client B I want it to appear on windows VM. Anyway to do that with OpenVPN? Or is this an Remote Desktop issue.

Link to post
9 hours ago, Kesp said:

Sorry for the delayed response.  Fairly new to unraid/Linux. I was trying to get the following set up:

Server A hosts OpenVPN, separately runs Windows VM and can connect remotely with client B. With Remote Desktop when I plug in usb/keyboard to client B I want it to appear on windows VM. Anyway to do that with OpenVPN? Or is this an Remote Desktop issue.

That has nothing to do with a VPN.

Of you connect using remote desktop to another Windows computer, you use the mouse/keyboard on the client. But this you should ask for in the VM sub forum.

Link to post
On 11/23/2020 at 9:51 AM, saarg said:

That has nothing to do with a VPN.

Of you connect using remote desktop to another Windows computer, you use the mouse/keyboard on the client. But this you should ask for in the VM sub forum.

It’s more about port forwarding. The program virtualhere that works when in network but not over OpenVPN, anyway to adjust settings/anyone know alternatives to get this to work.

Link to post
  • 2 weeks later...
On 10/6/2015 at 1:36 PM, linuxserver.io said:

 

 

If you are not using Unraid (and you should be!) then please do not post here, instead head to linuxserver.io to see how to get support.

Sorry to bother, but I'm running this docker and on every update it resets everything. Originally on every update it was only resetting the password to the admin account, which was annoying...  but now if I update I have to completely redo everything and since I haven't memorized my config settings it's pretty annoying. Do you have any suggestions? 

Link to post
9 hours ago, Hikakiller said:

Do you have any suggestions? 

Yes, I suggest you read the Github or Dockerhub documentation linked in the first post of this thread.  In the Application Setup section it tells you specifically what to do to prevent the admin account from resetting every time the container is updated. 😁

Link to post

I have been struggling with a fresh installation of this... Everything seems to work fine but when i try to access the 'User Permissions' or 'Group Permissions' with my admin account i got:
 

Sorry, a session error has occurred

It is possible that your session has expired or your login credentials do not allow access to this resource. See error text below for further details:

SESSION ERROR: '__DEFAULT__': internet/defer:151,admin/auserperm:1528,admin/auserperm:1488,admin/auserperm:1009 (exceptions.KeyError)

image.thumb.png.fe7dcf9646b0e6493da2424f5e1a7165.png

 

Any ideas? Thank you all,

Link to post

I installed about 5 months ago with no issues.  Due to some unrelated issues, I needed to uninstall the docker container.  When trying to reinstall, I am not able to get any connections to the server.  I used https://www.yougetsignal.com/tools/open-ports/ to see if the port was exposed, it returned as closed.  I have port forwarding set up and other ports are being forwarded correctly.  I have verified that I am pointing the application to the right port, it just seems that the application isn't reading/responding to the packets.  I suspect there could be issues due to lingering files from my prior install (I did remove the directory that is mapped to /config).  If anyone has experience with this, or any ideas, please let me know.

Link to post

So this was working just fine earlier this month, then I noticed my plex transcodeing stopped working so I updated to the latest unraid version so I could use nvidia driver.  now I notice my openvpn isnt working anymore.  I tried uninstalling the reinstalling (since the docker returned to default settings anyhow... which is weird) and I still cannot connect.  all the other services seem to work just fine and I am using pfsense as my router and yes I forwarded 1194, and 9443.

Link to post
9 hours ago, Electrohacker said:

So this was working just fine earlier this month, then I noticed my plex transcodeing stopped working so I updated to the latest unraid version so I could use nvidia driver.  now I notice my openvpn isnt working anymore.  I tried uninstalling the reinstalling (since the docker returned to default settings anyhow... which is weird) and I still cannot connect.  all the other services seem to work just fine and I am using pfsense as my router and yes I forwarded 1194, and 9443.

This seems to be similar to my issue, see prior post.  I have recently updated plex as well, and now can no longer get openvpn to work.  At what step in the connection process do your clients get hung up on?

Link to post
11 hours ago, Roosta078 said:

This seems to be similar to my issue, see prior post.  I have recently updated plex as well, and now can no longer get openvpn to work.  At what step in the connection process do your clients get hung up on?

"A non-recoverable error occurred during a database lookup." I assume that is a blocked port like you are stating.
 

Right now I am somewhat bypassing the issue by using apache guacamole to get into my win10VM on the server, in fact this post is from that VM.

Link to post
  • 3 weeks later...

I neither can't see the port even being open. I think that the docker is not really running the openvpn server.

 

Docker logs: https://pastebin.com/Tw87t1F1

 

Shouldn't the port 1194 be listed in here?

sudo lsof -i -P -n | grep LISTEN
rpcbind    2091    rpc    8u  IPv4  16702      0t0  TCP *:111 (LISTEN)
rpcbind    2091    rpc   11u  IPv6  16705      0t0  TCP *:111 (LISTEN)
rpc.statd  2096    rpc    9u  IPv4   9798      0t0  TCP *:59245 (LISTEN)
rpc.statd  2096    rpc   11u  IPv6   9802      0t0  TCP *:55001 (LISTEN)
docker-pr  4424   root    4u  IPv6 119630      0t0  TCP *:1443 (LISTEN)
docker-pr  4436   root    4u  IPv6 124152      0t0  TCP *:180 (LISTEN)
smbd       7518   root   31u  IPv6  52665      0t0  TCP *:445 (LISTEN)
smbd       7518   root   32u  IPv6  52666      0t0  TCP *:139 (LISTEN)
smbd       7518   root   33u  IPv4  52667      0t0  TCP *:445 (LISTEN)
smbd       7518   root   34u  IPv4  52668      0t0  TCP *:139 (LISTEN)
wsdd       7530   root    4u  IPv6  59485      0t0  TCP *:3702 (LISTEN)
Plex\x20M  8919 nobody   60u  IPv4  64577      0t0  TCP *:32400 (LISTEN)
Plex\x20M  8919 nobody   61u  IPv4  64579      0t0  TCP 127.0.0.1:32401 (LISTEN)
Plex\x20S  9377 nobody    8u  IPv4  65639      0t0  TCP 127.0.0.1:41925 (LISTEN)
Plex\x20T 11137 nobody   13u  IPv4  61812      0t0  TCP 127.0.0.1:32600 (LISTEN)
Plex\x20S 11206 nobody    7u  IPv4  56056      0t0  TCP 127.0.0.1:44049 (LISTEN)
Plex\x20S 11206 nobody    8u  IPv4  53041      0t0  TCP *:33400 (LISTEN)
Plex\x20S 11206 nobody   10u  IPv4  53042      0t0  TCP *:33443 (LISTEN)
docker-pr 15245   root    4u  IPv6  74902      0t0  TCP *:3579 (LISTEN)
docker-pr 17076   root    4u  IPv6  73157      0t0  TCP *:8181 (LISTEN)
sshd      19410   root    3u  IPv4  21983      0t0  TCP *:22 (LISTEN)
sshd      19410   root    4u  IPv6  21985      0t0  TCP *:22 (LISTEN)
inetd     19420   root    5u  IPv4  23894      0t0  TCP *:21 (LISTEN)
apcupsd   19452   root    5u  IPv4  11232      0t0  TCP *:3551 (LISTEN)
libvirtd  21117   root   14u  IPv4  30883      0t0  TCP 127.0.0.1:16509 (LISTEN)
dnsmasq   21223 nobody    6u  IPv4  34493      0t0  TCP 192.168.122.1:53 (LISTEN)
unbalance 21804   root    6u  IPv6  34583      0t0  TCP *:6237 (LISTEN)
unbalance 21804   root    7u  IPv6  31025      0t0  TCP *:6238 (LISTEN)
nginx     21842   root    9u  IPv4  27022      0t0  TCP *:80 (LISTEN)
nginx     21842   root   10u  IPv6  27023      0t0  TCP *:80 (LISTEN)
nginx     21843   root    9u  IPv4  27022      0t0  TCP *:80 (LISTEN)
nginx     21843   root   10u  IPv6  27023      0t0  TCP *:80 (LISTEN)
docker-pr 25847   root    4u  IPv6 700670      0t0  TCP *:9443 (LISTEN)
docker-pr 25874   root    4u  IPv6 695698      0t0  TCP *:943 (LISTEN)

 

Link to post

I have a reverse proxy run through swag (perviously known as letsencrypt) for my own domain name. Currently lets-encrypt and most of the containers I access through that domain are on the reverse proxy BUT my openvpn container is not on the reverse proxy network. It is on the bridge network. Is there any way to direct all traffic to my openvpn subdomain to the normal bridge network instead of the proxy network? I know the easiest solution would be to just put my openvpn container on the reverse proxy network but I don't want it on the reverse proxy for security reasons. Maybe this is the wrong thread for this; If so, it would be great if you could direct me to the appropriate thread.

 

Thank You.

Link to post

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.