autostart OpenVPN server?

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Locked
icefire
OpenVpn Newbie
Posts: 9
Joined: Sun Dec 27, 2015 2:15 pm

autostart OpenVPN server?

Post by icefire » Sun May 15, 2016 8:28 pm

So I know this is a stupid question and believe me, I tried fixing this on my own.

I have a working OpenVPN server on a Raspberry Pi (running jessie). In order to start the server so that clients can connect, I have to do the following:

Code: Select all

sudo openvpn /etc/openvpn/server.conf
I wanted that the VPN Server starts automatically, so I edited /etc/default/openvpn like this:

Code: Select all

AUTOSTART="server"
However, nothing happens upon restart. Clients cannot connect. The OpenVPN service seems to be running though:

Code: Select all

pi@raspberrypi:~ $ service openvpn status
в—Џ openvpn.service - OpenVPN service
   Loaded: loaded (/lib/systemd/system/openvpn.service; enabled)
   Active: active (exited) since Sun 2016-05-15 20:15:44 UTC; 8min ago
  Process: 1148 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 1148 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/openvpn.service
In order to get it working, I need to restart the vpn service:

Code: Select all

sudo service openvpn restart
Once I do this, all clients can connect.

What am I missing? Why should I restart the openvpn service seconds after starting the Pi? How can I make server.conf fire up automatically on startup?
Top
User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: autostart OpenVPN server?

Post by Traffic » Sun May 15, 2016 9:17 pm

OpenVPN Server Log file .. :!:
Top
icefire
OpenVpn Newbie
Posts: 9
Joined: Sun Dec 27, 2015 2:15 pm

Re: autostart OpenVPN server?

Post by icefire » Mon May 16, 2016 7:39 am

Log file after fresh restart:

Code: Select all

Mon May 16 07:18:23 2016 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 23 2016
Mon May 16 07:18:23 2016 library versions: OpenSSL 1.0.1k 8 Jan 2015, LZO 2.08
Mon May 16 07:18:23 2016 Diffie-Hellman initialized with 2048 bit key
Mon May 16 07:18:23 2016 Control Channel Authentication: using '/etc/openvpn/easy-rsa/keys/ta.key' as a OpenVPN static key file
Mon May 16 07:18:23 2016 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 16 07:18:23 2016 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 16 07:18:23 2016 Socket Buffers: R=[163840->131072] S=[163840->131072]
Mon May 16 07:18:23 2016 TCP/UDP: Socket bind failed on local address [AF_INET]192.168.2.35:1593: Cannot assign requested address
Mon May 16 07:18:23 2016 Exiting due to fatal error
I checked if anything is using my port but this didn't seem to be the case:

Code: Select all

pi@raspberrypi:~ $ sudo netstat -pntua
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:5901            0.0.0.0:*               LISTEN      588/Xtightvnc   
tcp        0      0 0.0.0.0:6001            0.0.0.0:*               LISTEN      588/Xtightvnc   
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      486/sshd        
tcp        0      0 192.168.2.35:5901       192.168.2.33:56021      ESTABLISHED 588/Xtightvnc   
tcp6       0      0 :::22                   :::*                    LISTEN      486/sshd        
udp        0      0 0.0.0.0:68              0.0.0.0:*                           383/dhcpcd      
udp        0      0 0.0.0.0:37979           0.0.0.0:*                           518/weavedconnectd.
udp        0      0 192.168.2.35:123        0.0.0.0:*                           505/ntpd        
udp        0      0 127.0.0.1:123           0.0.0.0:*                           505/ntpd        
udp        0      0 0.0.0.0:123             0.0.0.0:*                           505/ntpd        
udp        0      0 0.0.0.0:57997           0.0.0.0:*                           361/avahi-daemon: r
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           361/avahi-daemon: r
udp        0      0 192.168.2.35:56300      192.168.2.1:5351        ESTABLISHED 518/weavedconnectd.
udp6       0      0 fe80::8701:d877:a52:123 :::*                                505/ntpd        
udp6       0      0 ::1:123                 :::*                                505/ntpd        
udp6       0      0 :::123                  :::*                                505/ntpd        
udp6       0      0 :::5353                 :::*                                361/avahi-daemon: r
udp6       0      0 :::48111                :::*                                361/avahi-daemon: r
Once again, here is the service status after a fresh restart:

Code: Select all

pi@raspberrypi:~ $ service openvpn status
   openvpn.service - OpenVPN service
   Loaded: loaded (/lib/systemd/system/openvpn.service; enabled)
   Active: active (exited) since Mon 2016-05-16 07:18:23 UTC; 10min ago
  Process: 484 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
 Main PID: 484 (code=exited, status=0/SUCCESS)
   CGroup: /system.slice/openvpn.service
In order to get it working, I should either restart the service or (as I just found out) start it, as if it weren't already running.

Code: Select all

pi@raspberrypi:~ $ service openvpn start
Top
icefire
OpenVpn Newbie
Posts: 9
Joined: Sun Dec 27, 2015 2:15 pm

Re: autostart OpenVPN server?

Post by icefire » Mon May 16, 2016 1:01 pm

Ok, I managed to solve it. The solution is quite simple actually - I just removed the line

Code: Select all

 local 192.168.2.33
from server.conf

What is actually the point of having such a line at all? The Pi has only one local static IP address, in this case 192.168.2.33 so the openvpn service cannot listen on any other IP address.
Top
User avatar
Traffic
OpenVPN Protagonist
Posts: 4066
Joined: Sat Aug 09, 2014 11:24 am

Re: autostart OpenVPN server?

Post by Traffic » Mon May 16, 2016 4:46 pm

--local specifies the address for openvpn to bind to and listen on ..

See --local in The Manual v23x

The real problem you have is that your network is not available when openvpn starts.
You need to change your startup procedure ..
Top
bick
OpenVpn Newbie
Posts: 1
Joined: Thu Mar 23, 2017 7:56 pm

Re: autostart OpenVPN server?

Post by bick » Thu Mar 23, 2017 8:08 pm

I came to the forums due to this same problem. I even created a script to restart openvpn w/ a cron job set to run at boot. This still did not work. I had to log in to the Pi and run the restart command myself.

Commenting out the local x.x.x.x line in server.conf did the trick for me as well. However, I would rather not have to comment out that line. Any tips though on how to change the startup procedure so that openvpn is not started until after networking? I am unsure how to go about figuring that out. If you could point me in the right direction, I would be happy to rtfm.
Top
TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: autostart OpenVPN server?

Post by TinCanTech » Thu Mar 23, 2017 8:34 pm

bick wrote:Any tips though on how to change the startup procedure
See the documentation for your operating system (which you also fail to mention) ..

HOWTO:
https://openvpn.net/index.php/open-sour ... html#start

Wiki:
https://community.openvpn.net/openvpn/wiki/HOWTO

Please see:
HOWTO: Request Help !
Top
Locked

Return to “Server Administration”