Cant connect to OpenVpn

    • OMV 5.x (beta)

    This site uses cookies. By continuing to browse this site, you are agreeing to our Cookie Policy.

    • Cant connect to OpenVpn

      Hi

      I have built a Pi 4 with OMV 5.

      I cant get openvpn to connect dont know if i am doing it properly. I have port forwarded on my router 1194 to 10.8.0.0 the default address, is this correct? Or do i use the ip address of the raspberry pi. I have been using the open vpn cofig file with Openvpn from downloading the certs on my phone is this correct also.

      I have set up openvpn on another pi before with no problems but i cant get this one one to work.

      My settings are:

      Compression: Off
      PAM: On
      VPN address: 10.8.0.0
      DNS Srv: 192.168.0.1 (my router)
      Public Add: My ddns address

      Many thanks in advance for any help given
    • Hi, for making openvpn plugin work on OMV 5 you have to follow these steps (for me works):


      0) On your router open the UDP 1194 port pointing your server ip (e.g. 192.168.1.xxx)

      1) On the Control Panel in the Web GUI set the following :

      --------------------------------------------

      GENERAL

      Enable -> ON
      Port-> 1194
      Protocol -> UDP
      Use Compression -> ON
      PAM Authentication -> ON
      Extra Options -> NONE
      Logging level -> Normal Usage output

      VPN NETWORK

      Adress -> 10.8.0.0
      Mask -> 255.255.255.0
      Gateway -> Select Your Connection (e.g. eth0)
      Default gateway -> ON
      Client to client -> OFF

      DHCP options

      DNS Server(s) -> NONE
      DNS search domains -> NONE
      WINS Server -> NONE

      PUBLIC

      Public Adress: yourdomain.duckdns.org (or other ddns or your static ip if you have one)

      --------------------------------------------
      Then Save and Apply

      2) Generate the certificate for the users on the WebGUI ( you may also do that in a second moment)

      3) Then SSH into your server and cd /etc/openvpn/ and nano server.conf

      4) Remove from the server.conf file the following line --> ;push "route 192.168.1.0 255.255.255.0" then Ctrl+X ->Y->Enter to apply changes

      (You can also delete -> ;push " route client-to-client" and other commented settings to make the file more clean but it is not necessary to get the plugin work. I don't know the reason why deleting the line indicated in 4 must be done to get the plugin work even if it's a commented setting too)

      5) cd ~ and service openvpn restart


      After this mod in the server.conf file the vpn works. The server.conf remains updated (also after reboot the machine) until you change something in the web GUI control panel of the plugin, then the wrong line appear again and you have to reupdate the server.conf file by repeat 3) 4) 5) to make the plugin work again.

      The post was edited 3 times, last by CarlB ().

    • Do you mean this thread? OpenVPN-Renew CRL

      If I understand correctly the plugin stop work when the certificates are revoked and they have to be updated manually.

      I execute openssl crl -in /etc/openvpn/pki/crl.pem -text to check my expiration date and i get Next Update : Jul 20 14:54:17 2020 GMT.

      So before Jul20 i have to renew certificates by executing : /opt/EasyRSA-3.0.6/easyrsa gen-crl and the plugin continue work. It's correct?

      Finally, just for curiosity, have you modified the server.conf file too to get the plugin work?
    • Tried that too, but still failed.

      Source Code

      1. Thu Jan 23 19:33:32 2020 172.58.155.110:19421 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
      2. Thu Jan 23 19:33:32 2020 172.58.155.110:19421 TLS Error: TLS handshake failed
      3. Thu Jan 23 19:33:34 2020 172.58.155.110:47666 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
      4. Thu Jan 23 19:33:34 2020 172.58.155.110:47666 TLS Error: TLS handshake failed
      5. Thu Jan 23 19:33:37 2020 172.58.155.110:35339 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
      6. Thu Jan 23 19:33:37 2020 172.58.155.110:35339 TLS Error: TLS handshake failed
      7. Thu Jan 23 19:33:39 2020 172.58.155.110:21973 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
      8. Thu Jan 23 19:33:39 2020 172.58.155.110:21973 TLS Error: TLS handshake failed
      9. Thu Jan 23 19:33:42 2020 172.58.155.110:36970 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
      10. Thu Jan 23 19:33:42 2020 172.58.155.110:36970 TLS Error: TLS handshake failed
      11. Thu Jan 23 19:33:44 2020 172.58.155.110:49391 NOTE: --mute triggered...
      Display All
      OMV v5.0
      Asus Z97-A/3.1; i3-4370
      32GB RAM Corsair Vengeance Pro