openvpn newb question

1. offizieller Beitrag

    Hi!


    I just installed OMV yesterday. I have little to no idea what I am doing.
    I do have Plex server, sickbeard, sabnzbd, couchpotato etc installed and mostly working properly.


    I am trying to use openvpn to connect to my vpn provider. i did get their vpn configs into the *.conf file.


    It does say starting VPN daemon an no errors are generated.


    However, if i try to access anyting such as plex media server or even curl google.com from shell it does not work.


    It seems I am still missing a step.


    I want to be able to run all network traffic generated from the linux box through my vpn provider.


    Thanks very much for your help!

    Agree ! I don't think i am talking about the server side of openvpn:


    Here is the log of when i launch it. Can you advise if you see any issues?


    root@OMV:/etc/openvpn# openvpn vpn.conf
    Sun Jul 17 15:09:38 2016 OpenVPN 2.2.1 x86_64-linux-gnu [SSL] [LZO2] [EPOLL] [PK CS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
    Sun Jul 17 15:09:38 2016 WARNING: file 'login.txt' is group or others accessible
    Sun Jul 17 15:09:38 2016 NOTE: OpenVPN 2.1 requires '--script-security 2' or hig her to call user-defined scripts or executables
    Sun Jul 17 15:09:38 2016 LZO compression initialized
    Sun Jul 17 15:09:38 2016 UDPv4 link local: [undef]
    Sun Jul 17 15:09:38 2016 UDPv4 link remote: [AF_INET]86.56.156.189:443
    Sun Jul 17 15:09:38 2016 WARNING: this configuration may cache passwords in memo ry -- use the auth-nocache option to prevent this
    Sun Jul 17 15:09:38 2016 WARNING: 'link-mtu' is used inconsistently, local='link -mtu 1542', remote='link-mtu 1574'
    Sun Jul 17 15:09:38 2016 WARNING: 'tun-mtu' is used inconsistently, local='tun-m tu 1500', remote='tun-mtu 1532'
    Sun Jul 17 15:09:38 2016 [TG-OVPN-CA] Peer Connection Initiated with [AF_INET]86 .56.156.189:443
    Sun Jul 17 15:09:40 2016 TUN/TAP device tun0 opened
    Sun Jul 17 15:09:40 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Sun Jul 17 15:09:40 2016 /sbin/ifconfig tun0 10.9.0.18 pointopoint 10.9.0.17 mtu 1500
    Sun Jul 17 15:09:40 2016 Initialization Sequence Completed


    There are several warning generated, is it ok? When SSH in, and do curl http://www.google.com it cannot connect. My Roku cannot connect to Plex anymore etc.
    If I kill openvpn service, everything is working again.


    Also a secondary issue, is that the SSH session is not freed up after Initialization Sequence Completed, it just stays on that line. I have to ctrx/c to get kill it and get control of ssh window / cli back.


    I also see this same issue when running sabnzbd as well.


    Thanks again!


    Thanks in advance for any help!

    Ok so here is the ovpn/conf that my vpn provider had linked on their website:
    It was for openvpn for all OS, standard UDP configs.


    There is nothing about MTUs specified here.
    I did change remote servername to be SERVERNAME.


    lient
    dev tun
    proto udp
    remote SERVERNAME 443
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ca.crt
    remote-cert-tls server
    auth-user-pass login.txt
    comp-lzo
    verb 1
    reneg-sec 0
    fast-io
    push "redirect-gateway def1"
    # Uncomment these directives if you have speed issues
    ;sndbuf 393216
    ;rcvbuf 393216
    ;push "sndbuf 393216"
    ;push "rcvbuf 393216"


    I actually did ask their chat for support, but the guy I was talking to said I should install their linux client which is gui based.


    At that point, I figured I would post here for some expert help!


    If there is nothing wrong here that you can see, or no other recommendations on what to check or do, I can ask the the chat support again.


    Thanks again for your help!!

    this is our example working vpn conf:
    client
    proto tcp
    resolv-retry infinite
    keepalive 10 120
    nobind
    mute-replay-warnings
    cipher DES-EDE3-CBC
    comp-lzo
    verb 2
    persist-key
    persist-tun
    verb 1
    ;tls-exit
    dev tun0


    I dont know if this helps for your problem.


    Ok so good call on the verb 4.


    Tue Jul 19 17:27:39 2016 us=783401 write to TUN/TAP : Invalid argument (code=22)
    Tue Jul 19 17:27:45 2016 us=448814 write to TUN/TAP : Invalid argument (code=22)
    Tue Jul 19 17:27:50 2016 us=434691 write to TUN/TAP : Invalid argument (code=22)
    Tue Jul 19 17:27:56 2016 us=361560 write to TUN/TAP : Invalid argument (code=22)


    It repeats the above until it times out due to inactivity and tries to reconnect, which it cannot. It can't access the vpn server at this point.


    Tue Jul 19 17:29:01 2016 us=110225 [TG-OVPN-CA] Inactivity timeout (--ping-restart), restarting
    Tue Jul 19 17:29:01 2016 us=110563 TCP/UDP: Closing socket
    Tue Jul 19 17:29:01 2016 us=110637 SIGUSR1[soft,ping-restart] received, process restarting
    Tue Jul 19 17:29:01 2016 us=110667 Restart pause, 2 second(s)
    Tue Jul 19 17:29:03 2016 us=110816 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
    Tue Jul 19 17:29:03 2016 us=110897 Re-using SSL/TLS context
    Tue Jul 19 17:29:03 2016 us=111014 Control Channel MTU parms [ L:1541 D:138 EF:38 EB:0 ET:0 EL:0 ]
    Tue Jul 19 17:29:03 2016 us=111065 Socket Buffers: R=[229376->131072] S=[229376->131072]
    Tue Jul 19 17:30:23 2016 us=187594 RESOLVE: Cannot resolve host address: XXX.com: [HOST_NOT_FOUND] The specified host is unknown.
    Tue Jul 19 17:30:23 2016 us=187648 Data Channel MTU parms [ L:1541 D:1450 EF:41 EB:4 ET:0 EL:0 ]
    Tue Jul 19 17:30:23 2016 us=187696 Local Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
    Tue Jul 19 17:30:23 2016 us=187714 Expected Remote Options String: 'V4,dev-type tun,link-mtu 1541,tun-mtu 1500,proto UDPv4,cipher BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
    Tue Jul 19 17:30:23 2016 us=187748 Local Options hash (VER=V4): '3514370b'



    I masked out some of the IP info.


    root@OMV:~# ip r s
    0.0.0.0/1 via 10.9.0.21 dev tun0
    default via 192.168.0.1 dev eth0
    10.9.0.1 via 10.9.0.21 dev tun0
    10.9.0.21 dev tun0 proto kernel scope link src 10.9.0.22
    96.44.144.66 via XXX.XXX.0.1 dev eth0
    128.0.0.0/1 via 10.9.0.21 dev tun0
    XXX.XXX.0.0/24 dev eth0 proto kernel scope link src XXX.XXX.0.10



    root@OMV:~# cat /etc/resolv.conf
    search localOMV
    nameserver 75.75.76.76
    nameserver 75.75.75.75



    root@OMV:~# ip addr show
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
    valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 18:66:da:0b:e9:89 brd ff:ff:ff:ff:ff:ff
    inet XXX.XXX.0.10/24 brd XXX.XXX.0.255 scope global eth0
    14: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
    link/none
    inet 10.9.0.22 peer 10.9.0.21/32 scope global tun0

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden