I thought I'd give OpenVPN Access Server a try and see if I could use it to replace our Microsoft L2TP/IPsec server.
1.) I installed Ubuntu 18.04.4 and the installed OpenVPN Access Server using the scripts.
2.) I opened ports 443 and 1194 on our router and pointed them to the IP address of the OpenVPN Access Sever.
I can successfully log into the Admin UI and the User UI from outside our network using the openvpn admin username and password..
Next, I log into the User UI and click the "OpenVPN Connect Recommended for your device" to download and install the OpenVPN Connect Setup Wizard. So far so good.
When I launch OpenVPN connect, I click on the "OpenVPN Profile" that was created by the installation wizard and enter my username and password. (NOTE: I'm using the openvpn admin username and password since I know that account works.)
After about a minute, it times out with the following error message. "There was an error attempting to connect to the selected server" With the option to, "Cancel" or "Retry"
When I click on the log file icon it states, "You don't have any logs yet."
What am I missing? What step did I miss?
Cannot attach to Access Server
-
chuckhager
- OpenVpn Newbie
- Posts: 3
- Joined: Fri May 22, 2020 1:54 am
-
chuckhager
- OpenVpn Newbie
- Posts: 3
- Joined: Fri May 22, 2020 1:54 am
Re: Cannot attach to Access Server
I got it working, and this is what I had to do. (There must be an easier way!)
1.) I went back into the User UI and clicked on, "Yourself (user-locked profile)" under the section titled, "Available Connection Profiles:"
This downloaded a file named "client.ovpn"
2.) Then I had to edit two lines in this file.
a. The first place was the line, "#OVPN_ACCESS_SERVER_WSHOST=192.168.1.22:443"
I changed the 192.168.1.22 to our public IP address.
b. The second place was the line, "remote 192.168.1.22 443 tcp"
I changed the 192.168.1.22 to our public IP address.
Once I imported this modified profile, I was able to connect.
My question now is, is there something I can change on the OpenVPN Access Server so I don't have to edit this file for every user? I would love for all the users to use the User UI to download the OpenVPN-Connect along with their client.ovpn profile and have it work like it's suppose to.
1.) I went back into the User UI and clicked on, "Yourself (user-locked profile)" under the section titled, "Available Connection Profiles:"
This downloaded a file named "client.ovpn"
2.) Then I had to edit two lines in this file.
a. The first place was the line, "#OVPN_ACCESS_SERVER_WSHOST=192.168.1.22:443"
I changed the 192.168.1.22 to our public IP address.
b. The second place was the line, "remote 192.168.1.22 443 tcp"
I changed the 192.168.1.22 to our public IP address.
Once I imported this modified profile, I was able to connect.
My question now is, is there something I can change on the OpenVPN Access Server so I don't have to edit this file for every user? I would love for all the users to use the User UI to download the OpenVPN-Connect along with their client.ovpn profile and have it work like it's suppose to.