Status log not updating...

[drewbertola]

Hi,

I'm brand new to the forum, but have run openvpn in the past. I'm now setting up a new instance. I have a few questions for the server side config. My server is a centos 6.2 box running openvpn-2.2.0.

My setup is intended to provide multiple mixed OS client boxes with access to 3 boxes local to the server on a 10.1.2.0/24 subnet. The clients are scattered across the internet.

My first question is probably pretty easy. I'm not seeing updates to openvpn-status.log. I'm expecting to see clients connect, and get some timestamps indicating the status is being updated.

Clients can connect (tested OSX w/ Tunnelblick, Win7 w/ OpenVPN GUI, and linux via NM).

My server.conf lives in /etc/openvpn/server.conf and looks like this:

Code: Select all

port 1194
proto udp
dev tun

ca certs/keys/ca.crt
cert certs/keys/vpn.foo.com.crt
key certs/keys/vpn.foo.com.key  # This file should be kept secret
dh certs/keys/dh1024.pem

server 10.10.2.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 10.1.2.0 255.255.255.0"

keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

Thanks!

(BTW, I'd like to post my second question separately, but it will relate to routing and reaching the other boxes on the VPN.)

[janjust]

how are you checking that the status file is updated? the status file is rewritten every time, so a simple 'tail' does not work.

[drewbertola]

Thanks, janjust, I think the problem was that I created the status log file by hand. I deleted it (and ipp.txt) and let the server re-create them, and then they worked. I believe the issue is selinux related.

To monitor the file, I realized tail wouldn't work, so I was doing "watch cat openvpn-status.log"

I see that it now holds client lines and the update line has a recent timestamp. I'll use this line to monitor via a nrpe nagios plugin.

Thanks again. More questions on the way!