How to propably start OVPN(-Client) on latest Raspberry Buster

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Kreiszahler
OpenVpn Newbie
Posts: 3
Joined: Wed Jun 10, 2020 5:51 am

How to propably start OVPN(-Client) on latest Raspberry Buster

Post by Kreiszahler » Wed Jun 10, 2020 5:57 am

Hey there,

I've been digging this Forum for some time - as other sources, but just can't fix my problem, nor really found THE (working) best pratice solution for my issue.

Lets assume:

Code: Select all

Clean install latest Raspian Buster
apt update & apt upgrade (and if needed rpi-update).
sudo apt-get install openvpn openssl openresolv
sudo cp CG_XX.conf /etc/openvpn/
sudo cp ca.crt /etc/openvpn/
sudo cp client.crt /etc/openvpn/
sudo cp client.key /etc/openvpn/
added user.txt (creds) to CG_XX
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
sudo nano /etc/default/openvpn = AUTOSTART="CG_XX"  
sudo update-rc.d openvpn enable
sudo service openvpn start
Starts, works, fails after some time.
No double use, no mss etc... Any idea?

TinCanTech
OpenVPN Protagonist
Posts: 11139
Joined: Fri Jun 03, 2016 1:17 pm

Re: How to propably start OVPN(-Client) on latest Raspberry Buster

Post by TinCanTech » Wed Jun 10, 2020 12:04 pm

systemctl start openvpn-client@{$config_name}.service

viewtopic.php?f=30&t=22603#p68963

Kreiszahler
OpenVpn Newbie
Posts: 3
Joined: Wed Jun 10, 2020 5:51 am

Re: How to propably start OVPN(-Client) on latest Raspberry Buster

Post by Kreiszahler » Thu Jun 11, 2020 9:43 am

Hey!

Thanks. How can I revert:

Code: Select all

sudo update-rc.d openvpn enable
sudo service openvpn start
or don't I have to?

I'll give

Code: Select all

sudo update-rc.d openvpn disable
I got the feeling, there are services fighting for the auth, which leads me to disconnects:

After booting:

Code: Select all

***@*********:~/dnsleaktest $ ./dnsleaktest.py
Your IP:
89.187.***.*** [Austria, AS60068 CDN77]
You use 1 DNS servers:
89.187.***.*** [Austria, AS60068 CDN77]
Conclusion:
DNS is not leaking.
A short itme later:
***@**********:~/dnsleaktest $ ./dnsleaktest.py

Code: Select all

Your IP:
**9.*5*.2**.*4 [Germany, AS8881 Versatel]
You use 5 DNS servers:
**2.1*5.**9.*** [Germany, AS8881 Versatel]
**2.1*5.**9.**4 [Germany, AS8881 Versatel]
**2.1*5.**9.**5 [Germany, AS8881 Versatel]
**2.1*5.**9.**7 [Germany, AS8881 Versatel]
**2.1*5.**9.**9 [Germany, AS8881 Versatel]
Conclusion:
DNS is not leaking.
sudo systemctl restart openvpn.service

Code: Select all

***@*********:~/dnsleaktest $ ./dnsleaktest.py
Your IP:
89.187.***.*** [Austria, AS60068 CDN77]
You use 1 DNS servers:
89.187.***.*** [Austria, AS60068 CDN77]
Conclusion:
DNS is not leaking.
A short itme later:

Code: Select all

***@**********:~/dnsleaktest $ ./dnsleaktest.py
Your IP:
**9.*5*.2**.*4 [Germany, AS8881 Versatel]
You use 5 DNS servers:
**2.1*5.**9.**2 [Germany, AS8881 Versatel]
**2.1*5.**9.**4 [Germany, AS8881 Versatel]
**2.1*5.**9.**5 [Germany, AS8881 Versatel]
**2.1*5.**9.**6 [Germany, AS8881 Versatel]
**2.1*5.**9.**0 [Germany, AS8881 Versatel]
Conclusion:
DNS is not leaking.

Kreiszahler
OpenVpn Newbie
Posts: 3
Joined: Wed Jun 10, 2020 5:51 am

Re: How to propably start OVPN(-Client) on latest Raspberry Buster

Post by Kreiszahler » Thu Jun 11, 2020 9:55 am

Code: Select all

pi@BLACKhole:~ $ sudo systemctl start openvpn-client@CG_AT.service
Job for openvpn-client@CG_AT.service failed because the control process exited with error code.
See "systemctl status openvpn-client@CG_AT.service" and "journalctl -xe" for details.
No matter if sudo update-rc.d openvpn enable or disable. :/

Post Reply