Page 1 of 1
OpenVPN not listening on port 1194
Posted: Fri Jul 27, 2012 6:33 pm
by Big Dave
Got OpenVPN installed on CentOS 6. Everything seems to be working except OpenVPN picks a random port to listen to. The server.conf file specifies
port 1194, but a random port number is selected on every start. This is regardless of calling it as a service or directly from the command line invoking the server.conf file in /etc/openvpn.
I can connect to the server if I use the port it's listening on, but obviously I'll need it to listen on the expected port.
Additionally, this was a compiled install. Being that I'm green on this, there may be something missing. The following files are in /etc/openvpn: ca.crt, dh1024.pem, firewall.sh, ipp.txt, openvpn-status.log, server.conf, server.crt, and server.key.
Config file:
Code: Select all
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
Thanks for the assistance, it's greatly appreciated.
Re: OpenVPN not listening on port 1194
Posted: Sun Jul 29, 2012 11:25 am
by maikcat
hi there,
i was reading about your problem and went..uuhhh????
openvpn chooses port at random???
can you start openvpn by using
openvpn --config pathtoyourconfigfile
and post the log here please?
also ,sestatus what reports back?
Michael.
Re: OpenVPN not listening on port 1194
Posted: Mon Jul 30, 2012 4:38 pm
by Big Dave
Thanks for getting back with me. As requested, here's the startup with my config file:
Code: Select all
# openvpn --config /etc/openvpn/server.conf
Mon Jul 30 03:11:30 2012 OpenVPN 2.2.2 x86_64-unknown-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] built on Jul 30 2012
Mon Jul 30 03:11:30 2012 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Jul 30 03:11:30 2012 Diffie-Hellman initialized with 1024 bit key
Mon Jul 30 03:11:30 2012 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Jul 30 03:11:30 2012 Socket Buffers: R=[124928->131072] S=[124928->131072]
Mon Jul 30 03:11:30 2012 ROUTE default_gateway=10.50.83.1
Mon Jul 30 03:11:30 2012 TUN/TAP device tun0 opened
Mon Jul 30 03:11:30 2012 TUN/TAP TX queue length set to 100
Mon Jul 30 03:11:30 2012 /sbin/ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Mon Jul 30 03:11:30 2012 /sbin/route add -net 10.8.0.0 netmask 255.255.255.0 gw 10.8.0.2
Mon Jul 30 03:11:30 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Jul 30 03:11:30 2012 UDPv4 link local (bound): [undef]:1194
Mon Jul 30 03:11:30 2012 UDPv4 link remote: [undef]
Mon Jul 30 03:11:30 2012 MULTI: multi_init called, r=256 v=256
Mon Jul 30 03:11:30 2012 IFCONFIG POOL: base=10.8.0.4 size=62
Mon Jul 30 03:11:30 2012 IFCONFIG POOL LIST
Mon Jul 30 03:11:30 2012 Initialization Sequence Completed
This morning I rebuilt the rpm and reinstalled. Same problem:
Code: Select all
# netstat -uap|grep openvpn
udp 0 0 *:openvpn *:* 26750/openvpn
Here's the sestatus:
Code: Select all
# sestatus
SELinux status: enabled
SELinuxfs mount: /selinux
Current mode: enforcing
Mode from config file: enforcing
Policy version: 24
Policy from config file: targeted
Thanks again,
Re: OpenVPN not listening on port 1194
Posted: Tue Jul 31, 2012 7:59 am
by maikcat
hi there,
problem?
# netstat -uap|grep openvpn
udp 0 0 *:openvpn *:* 26750/openvpn
the 26750 is the PID...
try netstat -uapn | grep openvpn
if you see inside /etc/services there should be port 1194 registered to openvpn...
Michael.
Re: OpenVPN not listening on port 1194
Posted: Tue Jul 31, 2012 4:12 pm
by Big Dave
Argh, at the top of the netstat is the "PID/Program Name"...
Wish I'd been paying more attention.
Your suggestion shows it is indeed listening on 1194. You, sir, are the man. I'll try it from here.
Thanks so much.
Re: OpenVPN not listening on port 1194
Posted: Wed Aug 01, 2012 8:14 am
by maikcat
glad to helped you out.
Closing topic
Michael.