Posts by Birdybird

    pcmag.biz i beliefe. I googled openvpn on omv5 with portainer. There is a complete manual online. But problem is i have no access to local files. Also i have a sdcard with

    Raspian buster with desktop with minidlna

    And pivpn where i can access the local files.

    So i hoped that omv5 with openvpn has also access to local files.

    /var/log/openvpn.log

    Sat Nov 21 21:43:55 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019

    Sat Nov 21 21:43:55 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10

    Sat Nov 21 21:43:55 2020 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the V$

    Sat Nov 21 21:43:55 2020 OpenSSL: error:0909006C:PEM routines:get_name:no start line

    Sat Nov 21 21:43:55 2020 Cannot load DH parameters from /etc/openvpn/pki/dh.pem

    Sat Nov 21 21:43:55 2020 Exiting due to fatal error

    thsis is what /var/log/openvpn.log says


    Sat Nov 21 21:08:40 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSS$

    Sat Nov 21 21:08:40 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10

    Sat Nov 21 21:08:40 2020 NOTE: your local LAN uses the extremely common subnet $

    Sat Nov 21 21:08:40 2020 OpenSSL: error:0909006C:PEM routines:get_name:no start$

    Sat Nov 21 21:08:40 2020 Cannot load DH parameters from /etc/openvpn/pki/dh.pem

    Sat Nov 21 21:08:40 2020 Exiting due to fatal error



    This is longer (i dont know how to copy this file)


    Sat Nov 21 21:08:40 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019

    Sat Nov 21 21:08:40 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10

    Sat Nov 21 21:08:40 2020 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as interne$

    Sat Nov 21 21:08:40 2020 OpenSSL: error:0909006C:PEM routines:get_name:no start line

    Sat Nov 21 21:08:40 2020 Cannot load DH parameters from /etc/openvpn/pki/dh.pem

    Sat Nov 21 21:08:40 2020 Exiting due to fatal error

    I removed the openvpn plugin installes it. No error message but the syslog says:


    Nov 21 21:05:52 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 37.

    Nov 21 21:05:52 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

    Nov 21 21:05:52 raspberrypi systemd[1]: Starting OpenVPN connection to server...

    Nov 21 21:05:52 raspberrypi systemd[1]: Started OpenVPN connection to server.

    Nov 21 21:05:52 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

    Nov 21 21:05:52 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

    root@raspberrypi:~# cd /etc/openvpn

    root@raspberrypi:/etc/openvpn# ls -l -R

    .:

    total 20

    drwxr-xr-x 2 root root 4096 Feb 20 2019 client

    -rw------- 1 root root 0 Nov 21 09:52 ipp.txt

    drwx------ 8 root root 4096 Nov 21 09:17 pki

    drwxr-xr-x 2 root root 4096 Feb 20 2019 server

    -rw-rw-rw- 1 root root 682 Nov 21 09:52 server.conf

    -rwxr-xr-x 1 root root 1468 Feb 20 2019 update-resolv-conf


    ./client:

    total 0


    ./pki:

    total 76

    -rw------- 1 root root 1192 Nov 13 15:37 ca.crt

    drwx------ 2 root root 4096 Nov 21 09:17 certs_by_serial

    -rw------- 1 root root 934 Nov 20 20:09 crl.pem

    -rw------- 1 root root 0 Nov 13 15:37 dh.pem

    -rw------- 1 root root 492 Nov 21 09:17 extensions.temp

    -rw------- 1 root root 686 Nov 21 09:17 index.txt

    -rw------- 1 root root 20 Nov 21 09:17 index.txt.attr

    -rw------- 1 root root 20 Nov 20 20:09 index.txt.attr.old

    -rw------- 1 root root 619 Nov 20 20:09 index.txt.old

    drwx------ 2 root root 4096 Nov 21 09:17 issued

    -rw------- 1 root root 4651 Nov 13 15:37 openssl-easyrsa.cnf

    drwx------ 2 root root 4096 Nov 21 09:17 private

    drwx------ 5 root root 4096 Nov 13 15:37 renewed

    drwx------ 2 root root 4096 Nov 21 09:17 reqs

    drwx------ 5 root root 4096 Nov 13 15:37 revoked

    -rw------- 1 root root 4577 Nov 21 09:17 safessl-easyrsa.cnf

    -rw------- 1 root root 33 Nov 21 09:17 serial

    -rw------- 1 root root 33 Nov 21 09:17 serial.old


    ./pki/certs_by_serial:

    total 24

    -rw------- 1 root root 4471 Nov 20 20:09 607D8826DBF52EC6B593F3FBEB303918.pem

    -rw------- 1 root root 4472 Nov 21 09:17 747E668491A2BBB34A26F90BCFC827FD.pem

    -rw------- 1 root root 4620 Nov 13 15:37 C69981A4C73125E38765058A4D30602E.pem


    ./pki/issued:

    total 24

    -rw------- 1 root root 4471 Nov 20 20:09 new.crt

    -rw------- 1 root root 4472 Nov 21 09:17 omv5.crt

    -rw------- 1 root root 4620 Nov 13 15:37 raspberrypi.crt


    ./pki/private:

    total 16

    -rw------- 1 root root 1675 Nov 13 15:37 ca.key

    -rw------- 1 root root 1704 Nov 20 20:09 new.key

    -rw------- 1 root root 1708 Nov 21 09:17 omv5.key

    -rw------- 1 root root 1704 Nov 13 15:37 raspberrypi.key


    ./pki/renewed:

    total 12

    drwx------ 2 root root 4096 Nov 13 15:37 certs_by_serial

    drwx------ 2 root root 4096 Nov 13 15:37 private_by_serial

    drwx------ 2 root root 4096 Nov 13 15:37 reqs_by_serial


    ./pki/renewed/certs_by_serial:

    total 0


    ./pki/renewed/private_by_serial:

    total 0


    ./pki/renewed/reqs_by_serial:

    total 0


    ./pki/reqs:

    total 12

    -rw------- 1 root root 883 Nov 20 20:09 new.req

    -rw------- 1 root root 883 Nov 21 09:17 omv5.req

    -rw------- 1 root root 895 Nov 13 15:37 raspberrypi.req


    ./pki/revoked:

    total 12

    drwx------ 2 root root 4096 Nov 20 20:09 certs_by_serial

    drwx------ 2 root root 4096 Nov 20 20:09 private_by_serial

    drwx------ 2 root root 4096 Nov 20 20:09 reqs_by_serial


    ./pki/revoked/certs_by_serial:

    total 48

    -rw------- 1 root root 4472 Nov 14 10:13 0720C59FF300607C26801C8812486ECD.crt

    -rw------- 1 root root 4471 Nov 13 15:47 1957C164DBC3F62F84D5333A0804B66B.crt

    -rw------- 1 root root 4472 Nov 13 16:22 77FDA90A046752754CCFB6DD7852DEFD.crt

    -rw------- 1 root root 4477 Nov 20 19:57 8E29E5B409ADEB15F75807176CBAC54B.crt

    -rw------- 1 root root 4472 Nov 13 16:03 D6E9CC02C308D399613329F54BF9B62B.crt

    -rw------- 1 root root 4471 Nov 20 20:01 DE49178F4CC6BF2DAA2CF15810CD6878.crt


    ./pki/revoked/private_by_serial:

    total 24

    -rw------- 1 root root 1704 Nov 14 10:13 0720C59FF300607C26801C8812486ECD.key

    -rw------- 1 root root 1704 Nov 13 15:47 1957C164DBC3F62F84D5333A0804B66B.key

    -rw------- 1 root root 1704 Nov 13 16:22 77FDA90A046752754CCFB6DD7852DEFD.key

    -rw------- 1 root root 1704 Nov 20 19:57 8E29E5B409ADEB15F75807176CBAC54B.key

    -rw------- 1 root root 1704 Nov 13 16:03 D6E9CC02C308D399613329F54BF9B62B.key

    -rw------- 1 root root 1704 Nov 20 20:01 DE49178F4CC6BF2DAA2CF15810CD6878.key


    ./pki/revoked/reqs_by_serial:

    total 24

    -rw------- 1 root root 883 Nov 14 10:13 0720C59FF300607C26801C8812486ECD.req

    -rw------- 1 root root 883 Nov 13 15:47 1957C164DBC3F62F84D5333A0804B66B.req

    -rw------- 1 root root 883 Nov 13 16:22 77FDA90A046752754CCFB6DD7852DEFD.req

    -rw------- 1 root root 887 Nov 20 19:57 8E29E5B409ADEB15F75807176CBAC54B.req

    -rw------- 1 root root 883 Nov 13 16:03 D6E9CC02C308D399613329F54BF9B62B.req

    -rw------- 1 root root 883 Nov 20 20:01 DE49178F4CC6BF2DAA2CF15810CD6878.req


    ./server:

    total 0

    root@raspberrypi:/etc/openvpn#

    Here is my output:


    ls

    OMV5.ovpn pi-tool-install.sh pi-tool-remove.sh

    root@raspberrypi:~#


    ls

    ca.crt index.txt openssl-easyrsa.cnf safessl-easyrsa.cnf

    certs_by_serial index.txt.attr private serial

    crl.pem index.txt.attr.old renewed serial.old

    dh.pem index.txt.old reqs

    extensions.temp issued revoked

    I must say i have openvpn stopped on portainer not deleted, i really want to use openvpn via plugin.


    This is var/log/openvpn.log:


    Sat Nov 21 09:56:37 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [$

    Sat Nov 21 09:56:37 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10

    Sat Nov 21 09:56:37 2020 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware t$

    Sat Nov 21 09:56:37 2020 OpenSSL: error:0909006C:PEM routines:get_name:no start line

    Sat Nov 21 09:56:37 2020 Cannot load DH parameters from /etc/openvpn/pki/dh.pem

    Sat Nov 21 09:56:37 2020 Exiting due to fatal error

    When i uninstall plugin and reinstall it i get this error:

    Updating locale files ...


    >>> *************** Error ***************

    Failed to read from socket: Connection reset by peer

    <<< *************************************

    Updating file permissions ...

    Purging internal cache ...

    Restarting engine daemon ...

    Done ...


    This is output from your command:


    openvpn --config /etc/openvpn/openvpn.conf --client-config-dir /etc/openvpn/ccd --crl-verify /etc/openvpn/crl.pem

    Options error: In [CMD-LINE]:1: Error opening configuration file: /etc/openvpn/openvpn.conf

    this is the syslog from omv5:


    openvpn@server.service: Service RestartSec=5s expired, scheduling restart.

    Nov 21 09:18:49 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 52.

    Nov 21 09:18:49 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

    Nov 21 09:18:49 raspberrypi systemd[1]: Starting OpenVPN connection to server...

    Nov 21 09:18:49 raspberrypi systemd[1]: Started OpenVPN connection to server.

    Nov 21 09:18:49 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

    Nov 21 09:18:49 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

    Nov 21 09:18:54 raspberrypi systemd[1]: openvpn@server.service: Service RestartSec=5s expired, scheduling restart.

    Nov 21 09:18:54 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 53.

    Nov 21 09:18:54 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

    Nov 21 09:18:54 raspberrypi systemd[1]: Starting OpenVPN connection to server...

    Nov 21 09:18:54 raspberrypi systemd[1]: Started OpenVPN connection to server.

    Nov 21 09:18:54 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

    Nov 21 09:18:54 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

    Nov 21 09:18:59 raspberrypi systemd[1]: openvpn@server.service: Service RestartSec=5s expired, scheduling restart.

    Nov 21 09:18:59 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 54.

    Nov 21 09:18:59 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

    Nov 21 09:18:59 raspberrypi systemd[1]: Starting OpenVPN connection to server...

    Nov 21 09:18:59 raspberrypi systemd[1]: Started OpenVPN connection to server.

    Nov 21 09:18:59 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

    Nov 21 09:18:59 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

    root@raspberrypi:~# ps aufx | grep openvpn

    nobody 1378 0.0 0.0 4236 3612 ? Ss Nov20 0:00 \_ openvpn --config /etc/openvpn/openvpn.conf --client-config-dir /etc/openvpn/ccd --crl-verify /etc/openvpn/crl.pem

    root 30060 0.0 0.0 6536 560 pts/0 S+ 09:15 0:00 \_ grep openvpn

    root@raspberrypi:~#


    Is it running ?

    I cannot see it

    When i uninstalled openvpn from plugins and reinstalled it i get this error:


    >>> *************** Error ***************

    Failed to read from socket: Connection reset by peer

    <<< *************************************

    Updating file permissions ...

    Purging internal cache ...

    Restarting engine daemon ...

    Done ...

    This is the syslog from omv5


    Nov 20 20:21:35 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

    Nov 20 20:21:41 raspberrypi systemd[1]: openvpn@server.service: Service RestartSec=5s expired, scheduling restart.

    Nov 20 20:21:41 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 142.

    Nov 20 20:21:41 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

    Nov 20 20:21:41 raspberrypi systemd[1]: Starting OpenVPN connection to server...

    Nov 20 20:21:41 raspberrypi systemd[1]: Started OpenVPN connection to server.

    Nov 20 20:21:41 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

    Nov 20 20:21:41 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

    This is my log from w10 client.



    Fri Nov 20 20:18:16 2020 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.

    Fri Nov 20 20:18:16 2020 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.

    Fri Nov 20 20:18:16 2020 OpenVPN 2.5_rc1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 21 2020

    Fri Nov 20 20:18:16 2020 Windows version 10.0 (Windows 10 or greater) 64bit

    Fri Nov 20 20:18:16 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

    Fri Nov 20 20:18:16 2020 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341

    Fri Nov 20 20:18:16 2020 Need hold release from management interface, waiting...

    Fri Nov 20 20:18:17 2020 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341

    Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'state on'

    Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'log all on'

    Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'echo all on'

    Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'bytecount 5'

    Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'hold off'

    Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'hold release'

    Fri Nov 20 20:18:23 2020 MANAGEMENT: CMD 'username "Auth" "pi"'

    Fri Nov 20 20:18:23 2020 MANAGEMENT: CMD 'password [...]'

    Fri Nov 20 20:18:23 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]195.240.130.112:1194

    Fri Nov 20 20:18:23 2020 Socket Buffers: R=[65536->65536] S=[65536->65536]

    Fri Nov 20 20:18:23 2020 UDP link local: (not bound)

    Fri Nov 20 20:18:23 2020 UDP link remote: [AF_INET]195.240.130.112:1194

    Fri Nov 20 20:18:23 2020 MANAGEMENT: >STATE:1605899903,WAIT,,,,,,