[Support] Linuxserver.io - OpenVPN AS


Recommended Posts

Some pointers to anyone installing this container (which I think should have been mentioned in the OP):

[*] If using anything other then eth0 for your unRAID server, you should add a variable named INTERFACE (use the container Advanced View for that), with the value of you server network connection (the default is eth0, but if you've set up Bonding, it would probably be bond0). You can check in the WebUI Dashboard...

[*] Once the container is up and running, access the admin webpage and under "Server Network Settings" make sure you enter your external IP (preferrbly - use a DDNS, but that's another story) and save the settings.

[*] As for users passwords - the container is set up by default to use PAM (I have no idea why). Change it to Local (under "Authentication"->"General") and you'll be able to setup the passwords using the ui.

Just my two (three) cents.

Link to comment

Some pointers to anyone installing this container (which I think should have been mentioned in the OP):

[*] As for users passwords - the container is set up by default to use PAM (I have no idea why). Change it to Local (under "Authentication"->"General") and you'll be able to setup the passwords using the ui.

Just my two (three) cents.

 

Hey thanks. Sounds like that will fix the password problem when the container is recreated.

 

Any thought on getting the latest version of OVPN-AS?

Link to comment

Some pointers to anyone installing this container (which I think should have been mentioned in the OP):

[*] If using anything other then eth0 for your unRAID server, you should add a variable named INTERFACE (use the container Advanced View for that), with the value of you server network connection (the default is eth0, but if you've set up Bonding, it would probably be bond0). You can check in the WebUI Dashboard...

[*] Once the container is up and running, access the admin webpage and under "Server Network Settings" make sure you enter your external IP (preferrbly - use a DDNS, but that's another story) and save the settings.

[*] As for users passwords - the container is set up by default to use PAM (I have no idea why). Change it to Local (under "Authentication"->"General") and you'll be able to setup the passwords using the ui.

Just my two (three) cents.

 

+1

 

Should be added in the first post. Especially the first part. Took me a few hours to figure out when i was setting this docker up.

Link to comment
  • 2 weeks later...

I've had this container set up and working for about a week now, but I have one question. Is there a downside to have it set up in bridge mode? I've seen several post about setting it up in host mode.. If I have it working in bridge mode why should I change to host?

Link to comment

I'd always run something in bridge mode as opposed to host mode personally.  But now I'm thinking about it, I'm not sure I can give you a good coherent answer as to why....  ???

 

Yeah, same here. I installed the container and got it working in bridge mode, but when I looked at the support thread I saw several post about it should be run in host mode. Even the usage instructions on github and docker hub says "--net=host IMPORTANT, will not operate unless in host mode." So now I'm wondering if I should change..(?) But I'm not sure why I need to if I have it working.. Hence my question if there is a downside to running in bridge mode with this container.(?) The only ports I mapped was 943 to get to the webui and 1194 to able to connect to the server.

Link to comment

Can anyone help, I have docker installed as host with privilege enabled, admin settings look fine, using my ddns, changed from PAM to local, created a new user, setup correct port forwarding but no matter what I do I can not connect either using laptop or android phone from another network.

 

If I stop the service and run connectivity test that fails too. Not quite sure what else to do, I have VPN built into my router but it is painfully slow.

 

I set this up last week with no issues following the instructions from this post, expect I changed from PAM to local and created new user from the web GUI:

http://lime-technology.com/forum/index.php?topic=43317.msg451171#msg451171

 

The connectivity test within the app doesn't work, it always fails for me too.

Link to comment

If you don't want to be emailing your config file around (considering it has your private keys) you could transfer it using any number of wifi explorer app.

 

I can't vouch for iOS (https://itunes.apple.com/us/app/wifi-explorer/id494803304?mt=12), but for Android I use https://play.google.com/store/apps/details?id=com.dooblou.WiFiFileExplorer&hl=en and am very happy with it.

 

Once you've imported it into the client app delete it from your phone of course; but at least there is no chance of it sitting on any server anywhere

Link to comment

Can anyone help, I have docker installed as host with privilege enabled, admin settings look fine, using my ddns, changed from PAM to local, created a new user, setup correct port forwarding but no matter what I do I can not connect either using laptop or android phone from another network.

 

If I stop the service and run connectivity test that fails too. Not quite sure what else to do, I have VPN built into my router but it is painfully slow.

 

I set this up last week with no issues following the instructions from this post, expect I changed from PAM to local and created new user from the web GUI:

http://lime-technology.com/forum/index.php?topic=43317.msg451171#msg451171

 

The connectivity test within the app doesn't work, it always fails for me too.

 

All sorted now, for some reason my router wasnt saving the port forward changes, did a firmware update. Changes saved. Connected straight away!

Link to comment

Hi all, I've had this docker set up and working well for a couple of months now, but due to a change in my network infrastructure I had to reinstall OpenVPN-AS. Now that I've done this I am able to connect to the VPN and it seems to be working - for example if I join the VPN on my iPad I am able to see my Plex Server in the Plex app and play media. However for some reason I am unable to connect to my server management webUI... When I go to my normal internal IP address it will never load. Any idea why this would happen? As I said, i am able to connect to the VPN and do other tasks, but not manage the server, which is one of the key reasons I wanted to install OpenVPN-AS to begin with.

Link to comment

This morning I ran the new permissions script. Unraid then modified all my permissions including all my docker files. Then I noticed that this OpenVPN docker was no longer starting. I copied my old config folder and ended up recreating this docker with a new config folder. I then

chmod --reference=newconfig_file oldconfig_file

every folder/file and then copied back the old config file to get it to work. It is working now but I wonder if this docker should check the folder permissions at start and change them back to the correct ones?

Link to comment

This morning I ran the new permissions script. Unraid then modified all my permissions including all my docker files. Then I noticed that this OpenVPN docker was no longer starting. I copied my old config folder and ended up recreating this docker with a new config folder. I then

chmod --reference=newconfig_file oldconfig_file

every folder/file and then copied back the old config file to get it to work. It is working now but I wonder if this docker should check the folder permissions at start and change them back to the correct ones?

I've made a feature req to have new perms not mess with appdata, and am considering creating a "docker safe" new perms tool in conjunction with fix common problems (but next on my plate is some changes to CA)
Link to comment

This morning I ran the new permissions script. Unraid then modified all my permissions including all my docker files. Then I noticed that this OpenVPN docker was no longer starting. I copied my old config folder and ended up recreating this docker with a new config folder. I then

chmod --reference=newconfig_file oldconfig_file

every folder/file and then copied back the old config file to get it to work. It is working now but I wonder if this docker should check the folder permissions at start and change them back to the correct ones?

I've made a feature req to have new perms not mess with appdata, and am considering creating a "docker safe" new perms tool in conjunction with fix common problems (but next on my plate is some changes to CA)

 

Not a bad idea. Pain in the butt to figure out  the permissions were messed up. I used to have all my dockers on an "UD" attached drive, I may consider moving my docker files back to it.

Link to comment

Hi all,

 

Is there an "easy" guide for this at all please? so far I have

 

installed the container openvpn-as

apt-get easy-rsa

 

but now stuck with this error?

 

root@UNRAIDSERVER:/usr/share/easy-rsa# ssh build-ca

ssh: connect to host build-ca port 22: Connection timed out

 

 

Many Thanks in advance!

 

 

Link to comment

Hi all,

 

Is there an "easy" guide for this at all please? so far I have

 

installed the container openvpn-as

apt-get easy-rsa

 

Yeah, you don't need to do any "apt-gets".

 

I set this up with no issues following the instructions from this post, expect I changed from PAM to local and created new user from the web GUI:

http://lime-technology.com/forum/index.php?topic=43317.msg451171#msg451171

 

Link to comment
  • 3 weeks later...

For some reason my openvpn-as instance stopped working but I can't figure out why.

 

I start the container and the log shows its trying to get the files and tells me that it may take awhile.

 

After awhile the container just stops but not sure why.

 

I recall reading something about the built in Unraid permissions fix causing havoc for openvpn-as but not sure if that's true, why, what the fix is.

 

 

Sent from my iPhone using Tapatalk

Link to comment

 

I recall reading something about the built in Unraid permissions fix causing havoc for openvpn-as but not sure if that's true, why, what the fix is.

 

That is true.  Why the fix common problems plugin has a "docker safe" new perms module which skips over appdata (and CA's backup of appdata)

 

The only fix if you've messed up the perms is to redo the appdata from scratch (or spend a ton of time figuring out what the permissions should be for each and every file/folder and manually changing them)

Link to comment
  • trurl pinned and unpinned this topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.