Multiple config with protocols/ports

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Tomtrom
OpenVpn Newbie
Posts: 1
Joined: Tue May 22, 2018 8:25 pm

Multiple config with protocols/ports

Post by Tomtrom » Tue May 22, 2018 8:29 pm

Hi folks,

I'm in school and so the network doesn't allow vpn connections, but I also require fast connects. I setup my OpenVPN using a script and I've been told to manually change server.conf back to %i.conf in /lib/systemd/system/openvpn@.service fixes support for multiple instance. As it seems the script restricts this as seen in "sed -i 's|%i.conf|server.conf|' /lib/systemd/system/openvpn\@.service. " My OpenVPN conf is tcp/443 I'm in school and so the network doesn't allow vpn connections, but I also require fast connects.

I'm sure the edit below is correct? --config /etc/openvpn/%i.conf is what is edited. But whenever I try to connect using proto udp along with port 443 or something similar I cannot connect.

Code: Select all

 [Unit]
Description=OpenVPN connection to %i
PartOf=openvpn.service
ReloadPropagatedFrom=openvpn.service
Before=systemd-user-sessions.service
Documentation=man:openvpn(8)
Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage
Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO

[Service]
PrivateTmp=true
KillMode=mixed
Type=forking
ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf --writepid /run/openvpn/%i.pid
PIDFile=/run/openvpn/%i.pid
ExecReload=/bin/kill -HUP $MAINPID
WorkingDirectory=/etc/openvpn
ProtectSystem=yes
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_AUDIT_WRITE
#LimitNPROC=10
DeviceAllow=/dev/null rw
DeviceAllow=/dev/net/tun rw

[Install]
WantedBy=multi-user.target

Post Reply