OpenVPN Support Forum

Hi to all,

I have installer OpenVPN Access Server successfully on Docker.
I try to optimise ovpn configuration file with the error message displayed.

During connection, i see this error message :

Obsolete option --dhcp-release detected. This is now on by default
WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results

ovpn config file on client side :
Do you know how to fix it please ?

Best Regards,

EL

Out of curiousity, can you provide a link to the Docker Hub image you are working with?

As far as I know, none of the docker images are officially supported.

You should consider using one of the offical packages provided here:
https://openvpn.net/vpn-software-packages/

Also point of using OpenVPN AS is to trust in product to produce the best results for the OVPN files.

If you have questions about why specific configuration options are or are not used, you may want to contact OpenVPN AS support. They can either explain the reasoning behind the current confgiuration settings or apply your suggestions in a future release.

Image used is available here : image: ghcr.io/linuxserver/openvpn-as
Docker is very low consuming, ~1% cpu in charge, around 400mo of ram... very impressive.

Where can i get support ? could help me please ?
Best Regards.

I agree that Docker is powerful and has many uses. In this specific case I recommend that this is not one of those uses.

The issue is not the resource consumption of Docker as much as the sandbox established for the container environment. It is assumed for security reasons applications running in the Docker container should not have full control over the host network configuration.

Some features of OpenVPN AS may not work as intended inside the sandbox Docker establishes.

For example, fail-over support via the uCARP daemon assumes greater control over the host network interfaces.

Another example of a feature that may not work correctly is the option to enable NAT which assumes control over the host iptables/firewall rules.

There may be other things as well that can't function the same when run inside a Docker container.

If you want to use OpenVPN AS in a fully supported configuration, you should use one of the software packages they provide instead.

As to the types of tweaks you are trying to get working for the OVPN configuration, I would again recommend talking to OpenVPN AS support to get further advice.

If your primary goal is to have an easy to use web interface for using OpenVPN then OpenVPN AS running outside of Docker may fit your needs well.

If don't really need the web interface but desire to selectively tweak a OpenVPN server running inside Docker, then there are other OpenVPN/EasyRSA docker images for doing that.

I find it a bit pathetic that they don't want to answer to this question.
I think I'll live with it because it doesn't generate any running problems and I won't trade using docker for a VM to achieve the same result, make no sens.