Posts by Birdybird

pcmag.biz i beliefe. I googled openvpn on omv5 with portainer. There is a complete manual online. But problem is i have no access to local files. Also i have a sdcard with

Raspian buster with desktop with minidlna

And pivpn where i can access the local files.

So i hoped that omv5 with openvpn has also access to local files.

no only i use now opvpn via portainer which i had stopped. I only installed minidlna and

And openvpn via plugins which doesnot work.

That is a pity. So the openvpn plugin is not working for the raspberry at this moment.

/var/log/openvpn.log

Sat Nov 21 21:43:55 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019

Sat Nov 21 21:43:55 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10

Sat Nov 21 21:43:55 2020 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the V$

Sat Nov 21 21:43:55 2020 OpenSSL: error:0909006C:PEM routines:get_name:no start line

Sat Nov 21 21:43:55 2020 Cannot load DH parameters from /etc/openvpn/pki/dh.pem

Sat Nov 21 21:43:55 2020 Exiting due to fatal error

Sorry i thought that this was good to do

thsis is what /var/log/openvpn.log says

Sat Nov 21 21:08:40 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSS$

Sat Nov 21 21:08:40 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10

Sat Nov 21 21:08:40 2020 NOTE: your local LAN uses the extremely common subnet $

Sat Nov 21 21:08:40 2020 OpenSSL: error:0909006C:PEM routines:get_name:no start$

Sat Nov 21 21:08:40 2020 Cannot load DH parameters from /etc/openvpn/pki/dh.pem

Sat Nov 21 21:08:40 2020 Exiting due to fatal error

This is longer (i dont know how to copy this file)

Sat Nov 21 21:08:40 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019

Sat Nov 21 21:08:40 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10

Sat Nov 21 21:08:40 2020 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as interne$

Sat Nov 21 21:08:40 2020 OpenSSL: error:0909006C:PEM routines:get_name:no start line

Sat Nov 21 21:08:40 2020 Cannot load DH parameters from /etc/openvpn/pki/dh.pem

Sat Nov 21 21:08:40 2020 Exiting due to fatal error

I removed the openvpn plugin installes it. No error message but the syslog says:

Nov 21 21:05:52 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 37.

Nov 21 21:05:52 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

Nov 21 21:05:52 raspberrypi systemd[1]: Starting OpenVPN connection to server...

Nov 21 21:05:52 raspberrypi systemd[1]: Started OpenVPN connection to server.

Nov 21 21:05:52 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

Nov 21 21:05:52 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

openvpn --config /etc/openvpn/server.conf --crl-verify /etc/openvpn/pki/crl.pem --log /var/log/openvpn.log

root@raspberrypi:~#

What next ?

root@raspberrypi:~# cd /etc/openvpn

root@raspberrypi:/etc/openvpn# ls -l -R

.:

total 20

drwxr-xr-x 2 root root 4096 Feb 20 2019 client

-rw------- 1 root root 0 Nov 21 09:52 ipp.txt

drwx------ 8 root root 4096 Nov 21 09:17 pki

drwxr-xr-x 2 root root 4096 Feb 20 2019 server

-rw-rw-rw- 1 root root 682 Nov 21 09:52 server.conf

-rwxr-xr-x 1 root root 1468 Feb 20 2019 update-resolv-conf

./client:

total 0

./pki:

total 76

-rw------- 1 root root 1192 Nov 13 15:37 ca.crt

drwx------ 2 root root 4096 Nov 21 09:17 certs_by_serial

-rw------- 1 root root 934 Nov 20 20:09 crl.pem

-rw------- 1 root root 0 Nov 13 15:37 dh.pem

-rw------- 1 root root 492 Nov 21 09:17 extensions.temp

-rw------- 1 root root 686 Nov 21 09:17 index.txt

-rw------- 1 root root 20 Nov 21 09:17 index.txt.attr

-rw------- 1 root root 20 Nov 20 20:09 index.txt.attr.old

-rw------- 1 root root 619 Nov 20 20:09 index.txt.old

drwx------ 2 root root 4096 Nov 21 09:17 issued

-rw------- 1 root root 4651 Nov 13 15:37 openssl-easyrsa.cnf

drwx------ 2 root root 4096 Nov 21 09:17 private

drwx------ 5 root root 4096 Nov 13 15:37 renewed

drwx------ 2 root root 4096 Nov 21 09:17 reqs

drwx------ 5 root root 4096 Nov 13 15:37 revoked

-rw------- 1 root root 4577 Nov 21 09:17 safessl-easyrsa.cnf

-rw------- 1 root root 33 Nov 21 09:17 serial

-rw------- 1 root root 33 Nov 21 09:17 serial.old

./pki/certs_by_serial:

total 24

-rw------- 1 root root 4471 Nov 20 20:09 607D8826DBF52EC6B593F3FBEB303918.pem

-rw------- 1 root root 4472 Nov 21 09:17 747E668491A2BBB34A26F90BCFC827FD.pem

-rw------- 1 root root 4620 Nov 13 15:37 C69981A4C73125E38765058A4D30602E.pem

./pki/issued:

total 24

-rw------- 1 root root 4471 Nov 20 20:09 new.crt

-rw------- 1 root root 4472 Nov 21 09:17 omv5.crt

-rw------- 1 root root 4620 Nov 13 15:37 raspberrypi.crt

./pki/private:

total 16

-rw------- 1 root root 1675 Nov 13 15:37 ca.key

-rw------- 1 root root 1704 Nov 20 20:09 new.key

-rw------- 1 root root 1708 Nov 21 09:17 omv5.key

-rw------- 1 root root 1704 Nov 13 15:37 raspberrypi.key

./pki/renewed:

total 12

drwx------ 2 root root 4096 Nov 13 15:37 certs_by_serial

drwx------ 2 root root 4096 Nov 13 15:37 private_by_serial

drwx------ 2 root root 4096 Nov 13 15:37 reqs_by_serial

./pki/renewed/certs_by_serial:

total 0

./pki/renewed/private_by_serial:

total 0

./pki/renewed/reqs_by_serial:

total 0

./pki/reqs:

total 12

-rw------- 1 root root 883 Nov 20 20:09 new.req

-rw------- 1 root root 883 Nov 21 09:17 omv5.req

-rw------- 1 root root 895 Nov 13 15:37 raspberrypi.req

./pki/revoked:

total 12

drwx------ 2 root root 4096 Nov 20 20:09 certs_by_serial

drwx------ 2 root root 4096 Nov 20 20:09 private_by_serial

drwx------ 2 root root 4096 Nov 20 20:09 reqs_by_serial

./pki/revoked/certs_by_serial:

total 48

-rw------- 1 root root 4472 Nov 14 10:13 0720C59FF300607C26801C8812486ECD.crt

-rw------- 1 root root 4471 Nov 13 15:47 1957C164DBC3F62F84D5333A0804B66B.crt

-rw------- 1 root root 4472 Nov 13 16:22 77FDA90A046752754CCFB6DD7852DEFD.crt

-rw------- 1 root root 4477 Nov 20 19:57 8E29E5B409ADEB15F75807176CBAC54B.crt

-rw------- 1 root root 4472 Nov 13 16:03 D6E9CC02C308D399613329F54BF9B62B.crt

-rw------- 1 root root 4471 Nov 20 20:01 DE49178F4CC6BF2DAA2CF15810CD6878.crt

./pki/revoked/private_by_serial:

total 24

-rw------- 1 root root 1704 Nov 14 10:13 0720C59FF300607C26801C8812486ECD.key

-rw------- 1 root root 1704 Nov 13 15:47 1957C164DBC3F62F84D5333A0804B66B.key

-rw------- 1 root root 1704 Nov 13 16:22 77FDA90A046752754CCFB6DD7852DEFD.key

-rw------- 1 root root 1704 Nov 20 19:57 8E29E5B409ADEB15F75807176CBAC54B.key

-rw------- 1 root root 1704 Nov 13 16:03 D6E9CC02C308D399613329F54BF9B62B.key

-rw------- 1 root root 1704 Nov 20 20:01 DE49178F4CC6BF2DAA2CF15810CD6878.key

./pki/revoked/reqs_by_serial:

total 24

-rw------- 1 root root 883 Nov 14 10:13 0720C59FF300607C26801C8812486ECD.req

-rw------- 1 root root 883 Nov 13 15:47 1957C164DBC3F62F84D5333A0804B66B.req

-rw------- 1 root root 883 Nov 13 16:22 77FDA90A046752754CCFB6DD7852DEFD.req

-rw------- 1 root root 887 Nov 20 19:57 8E29E5B409ADEB15F75807176CBAC54B.req

-rw------- 1 root root 883 Nov 13 16:03 D6E9CC02C308D399613329F54BF9B62B.req

-rw------- 1 root root 883 Nov 20 20:01 DE49178F4CC6BF2DAA2CF15810CD6878.req

./server:

total 0

root@raspberrypi:/etc/openvpn#

yes i login via root open then mc go to dir and then type ls if i go out of mc then it goes back to root dir

What is a better commando ?

You know where the error is ?

Here is my output:

ls

OMV5.ovpn pi-tool-install.sh pi-tool-remove.sh

root@raspberrypi:~#

ls

ca.crt index.txt openssl-easyrsa.cnf safessl-easyrsa.cnf

certs_by_serial index.txt.attr private serial

crl.pem index.txt.attr.old renewed serial.old

dh.pem index.txt.old reqs

extensions.temp issued revoked

I must say i have openvpn stopped on portainer not deleted, i really want to use openvpn via plugin.

This is var/log/openvpn.log:

Sat Nov 21 09:56:37 2020 OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [$

Sat Nov 21 09:56:37 2020 library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10

Sat Nov 21 09:56:37 2020 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware t$

Sat Nov 21 09:56:37 2020 OpenSSL: error:0909006C:PEM routines:get_name:no start line

Sat Nov 21 09:56:37 2020 Cannot load DH parameters from /etc/openvpn/pki/dh.pem

Sat Nov 21 09:56:37 2020 Exiting due to fatal error

When i uninstall plugin and reinstall it i get this error:

Updating locale files ...

>>> *************** Error ***************

Failed to read from socket: Connection reset by peer

<<< *************************************

Updating file permissions ...

Purging internal cache ...

Restarting engine daemon ...

Done ...

This is output from your command:

openvpn --config /etc/openvpn/openvpn.conf --client-config-dir /etc/openvpn/ccd --crl-verify /etc/openvpn/crl.pem

Options error: In [CMD-LINE]:1: Error opening configuration file: /etc/openvpn/openvpn.conf

this is the syslog from omv5:

openvpn@server.service: Service RestartSec=5s expired, scheduling restart.

Nov 21 09:18:49 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 52.

Nov 21 09:18:49 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

Nov 21 09:18:49 raspberrypi systemd[1]: Starting OpenVPN connection to server...

Nov 21 09:18:49 raspberrypi systemd[1]: Started OpenVPN connection to server.

Nov 21 09:18:49 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

Nov 21 09:18:49 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

Nov 21 09:18:54 raspberrypi systemd[1]: openvpn@server.service: Service RestartSec=5s expired, scheduling restart.

Nov 21 09:18:54 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 53.

Nov 21 09:18:54 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

Nov 21 09:18:54 raspberrypi systemd[1]: Starting OpenVPN connection to server...

Nov 21 09:18:54 raspberrypi systemd[1]: Started OpenVPN connection to server.

Nov 21 09:18:54 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

Nov 21 09:18:54 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

Nov 21 09:18:59 raspberrypi systemd[1]: openvpn@server.service: Service RestartSec=5s expired, scheduling restart.

Nov 21 09:18:59 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 54.

Nov 21 09:18:59 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

Nov 21 09:18:59 raspberrypi systemd[1]: Starting OpenVPN connection to server...

Nov 21 09:18:59 raspberrypi systemd[1]: Started OpenVPN connection to server.

Nov 21 09:18:59 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

Nov 21 09:18:59 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

root@raspberrypi:~# ps aufx | grep openvpn

nobody 1378 0.0 0.0 4236 3612 ? Ss Nov20 0:00 \_ openvpn --config /etc/openvpn/openvpn.conf --client-config-dir /etc/openvpn/ccd --crl-verify /etc/openvpn/crl.pem

root 30060 0.0 0.0 6536 560 pts/0 S+ 09:15 0:00 \_ grep openvpn

root@raspberrypi:~#

Is it running ?

I cannot see it

When i uninstalled openvpn from plugins and reinstalled it i get this error:

>>> *************** Error ***************

Failed to read from socket: Connection reset by peer

<<< *************************************

Updating file permissions ...

Purging internal cache ...

Restarting engine daemon ...

Done ...

This is the syslog from omv5

Nov 20 20:21:35 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

Nov 20 20:21:41 raspberrypi systemd[1]: openvpn@server.service: Service RestartSec=5s expired, scheduling restart.

Nov 20 20:21:41 raspberrypi systemd[1]: openvpn@server.service: Scheduled restart job, restart counter is at 142.

Nov 20 20:21:41 raspberrypi systemd[1]: Stopped OpenVPN connection to server.

Nov 20 20:21:41 raspberrypi systemd[1]: Starting OpenVPN connection to server...

Nov 20 20:21:41 raspberrypi systemd[1]: Started OpenVPN connection to server.

Nov 20 20:21:41 raspberrypi systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE

Nov 20 20:21:41 raspberrypi systemd[1]: openvpn@server.service: Failed with result 'exit-code'.

This is my log from w10 client.

Fri Nov 20 20:18:16 2020 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.

Fri Nov 20 20:18:16 2020 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.

Fri Nov 20 20:18:16 2020 OpenVPN 2.5_rc1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Sep 21 2020

Fri Nov 20 20:18:16 2020 Windows version 10.0 (Windows 10 or greater) 64bit

Fri Nov 20 20:18:16 2020 library versions: OpenSSL 1.1.1g 21 Apr 2020, LZO 2.10

Fri Nov 20 20:18:16 2020 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25341

Fri Nov 20 20:18:16 2020 Need hold release from management interface, waiting...

Fri Nov 20 20:18:17 2020 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25341

Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'state on'

Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'log all on'

Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'echo all on'

Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'bytecount 5'

Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'hold off'

Fri Nov 20 20:18:17 2020 MANAGEMENT: CMD 'hold release'

Fri Nov 20 20:18:23 2020 MANAGEMENT: CMD 'username "Auth" "pi"'

Fri Nov 20 20:18:23 2020 MANAGEMENT: CMD 'password [...]'

Fri Nov 20 20:18:23 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]195.240.130.112:1194

Fri Nov 20 20:18:23 2020 Socket Buffers: R=[65536->65536] S=[65536->65536]

Fri Nov 20 20:18:23 2020 UDP link local: (not bound)

Fri Nov 20 20:18:23 2020 UDP link remote: [AF_INET]195.240.130.112:1194

Fri Nov 20 20:18:23 2020 MANAGEMENT: >STATE:1605899903,WAIT,,,,,,

found it. Filled in everything. On my client says: server poll time-out trying next