OpenVPN Support Forum

Hello
I have a problem with ma connection.
LOG:
Jul 15 00:00:19 ubuntuvpn systemd[1]: openvpn@login.service: Scheduled restart job, restart counter is at 403741.
Jul 15 00:00:19 ubuntuvpn systemd[1]: Stopped OpenVPN connection to login.
Jul 15 00:00:19 ubuntuvpn systemd[1]: Starting OpenVPN connection to login...
Jul 15 00:00:19 ubuntuvpn ovpn-login[1405333]: Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/login.conf:1: pdks11 (2.4.7)
Jul 15 00:00:19 ubuntuvpn ovpn-login[1405333]: Use --help for more information.
Jul 15 00:00:19 ubuntuvpn systemd[1]: openvpn@login.service: Main process exited, code=exited, status=1/FAILURE
Jul 15 00:00:19 ubuntuvpn systemd[1]: openvpn@login.service: Failed with result 'exit-code'.
Jul 15 00:00:19 ubuntuvpn systemd[1]: Failed to start OpenVPN connection to login.

Tunnel is active.

My user and password is save in login.conf

in Format:
username
password

In main conf for openvpn is line auth-user-pass login.conf

Thanks for answers

You need to provide more info:
viewtopic.php?t=22603

openvpn@ubuntuvpn:~$ ifconfig
as0t0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.27.224.1 netmask 255.255.254.0 destination 172.27.224.1
inet6 fe80::7a0c:64ce:6be3:9f6f prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 743 bytes 35664 (35.6 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

as0t1: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.27.226.1 netmask 255.255.254.0 destination 172.27.226.1
inet6 fe80::847f85b5:2fb9 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 741 bytes 35568 (35.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

as0t2: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.27.228.1 netmask 255.255.254.0 destination 172.27.228.1
inet6 fe80::ef255616:c94e prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 741 bytes 35568 (35.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

as0t3: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.27.230.1 netmask 255.255.254.0 destination 172.27.230.1
inet6 fe80::471c:cb89a16 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 741 bytes 35568 (35.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

as0t4: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.27.232.1 netmask 255.255.254.0 destination 172.27.232.1
inet6 fe80::f4b:16f:eca9:9975 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 741 bytes 35568 (35.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

as0t5: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.27.234.1 netmask 255.255.254.0 destination 172.27.234.1
inet6 fe80:3688:7b5e:1c51 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 200 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 745 bytes 35760 (35.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.1.1.14 netmask 255.255.255.0 broadcast 10.1.1.255
inet6 fe80::f9ec9242:ed61 prefixlen 64 scopeid 0x20<link>
ether 00:50:56:86:3f:d7 txqueuelen 1000 (Ethernet)
RX packets 498453812 bytes 550576922375 (550.5 GB)
RX errors 0 dropped 270 overruns 0 frame 0
TX packets 329523736 bytes 514595937466 (514.5 GB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 171748 bytes 15282275 (15.2 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 171748 bytes 15282275 (15.2 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 172.17.2.219 netmask 255.255.255.0 destination 172.17.2.219
inet6 fe80::cf0b:a33e:ddcf:26ba prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 13188621 bytes 13050254014 (13.0 GB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 10962623 bytes 6772722386 (6.7 GB)
TX errors 0 dropped 33323 overruns 0 carrier 0 collisions 0


OS:
Linux ubuntuvpn 5.13.0-51-generic #58~20.04.1-Ubuntu SMP Tue Jun 14 11:29:12 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux


client.conf:
client
dev tun
proto tcp
remote x.x.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca cert_export_CA-certificate.crt
cert cert_export_PGVPNUser.crt
key cert_export_PGVPNUser.key
remote-cert-tls server
cipher AES-256-CBC
auth SHA1
auth-user-pass login.conf
auth-nocache
route 172.17.2.0 255.255.255.0
verb 3

LOG:
Jul 20 00:00:09 ubuntuvpn systemd[1]: Starting OpenVPN connection to login...
Jul 20 00:00:09 ubuntuvpn ovpn-login[1681806]: Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/login.conf:1: pdks11 (2.4.7)
Jul 20 00:00:09 ubuntuvpn ovpn-login[1681806]: Use --help for more information.
Jul 20 00:00:09 ubuntuvpn systemd[1]: openvpn@login.service: Main process exited, code=exited, status=1/FAILURE
Jul 20 00:00:09 ubuntuvpn systemd[1]: openvpn@login.service: Failed with result 'exit-code'.
Jul 20 00:00:09 ubuntuvpn systemd[1]: Failed to start OpenVPN connection to login.
Jul 20 00:00:14 ubuntuvpn systemd[1]: openvpn@login.service: Scheduled restart job, restart counter is at 486029.
Jul 20 00:00:14 ubuntuvpn systemd[1]: Stopped OpenVPN connection to login.
Jul 20 00:00:14 ubuntuvpn systemd[1]: Starting OpenVPN connection to login...
Jul 20 00:00:14 ubuntuvpn ovpn-login[1681809]: Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/login.conf:1: pdks11 (2.4.7)
Jul 20 00:00:14 ubuntuvpn ovpn-login[1681809]: Use --help for more information.
Jul 20 00:00:14 ubuntuvpn systemd[1]: openvpn@login.service: Main process exited, code=exited, status=1/FAILURE
Jul 20 00:00:14 ubuntuvpn systemd[1]: openvpn@login.service: Failed with result 'exit-code'.
Jul 20 00:00:14 ubuntuvpn systemd[1]: Failed to start OpenVPN connection to login.
Jul 20 00:00:19 ubuntuvpn systemd[1]: openvpn@login.service: Scheduled restart job, restart counter is at 486030.
Jul 20 00:00:19 ubuntuvpn systemd[1]: Stopped OpenVPN connection to login.
Jul 20 00:00:19 ubuntuvpn systemd[1]: Starting OpenVPN connection to login...
Jul 20 00:00:19 ubuntuvpn ovpn-login[1681812]: Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/login.conf:1: pdks11 (2.4.7)
Jul 20 00:00:19 ubuntuvpn ovpn-login[1681812]: Use --help for more information.
Jul 20 00:00:19 ubuntuvpn systemd[1]: openvpn@login.service: Main process exited, code=exited, status=1/FAILURE
Jul 20 00:00:19 ubuntuvpn systemd[1]: openvpn@login.service: Failed with result 'exit-code'.
Jul 20 00:00:19 ubuntuvpn systemd[1]: Failed to start OpenVPN connection to login.
Jul 20 00:00:24 ubuntuvpn systemd[1]: openvpn@login.service: Scheduled restart job, restart counter is at 486031.
Jul 20 00:00:24 ubuntuvpn systemd[1]: Stopped OpenVPN connection to login.
Jul 20 00:00:24 ubuntuvpn systemd[1]: Starting OpenVPN connection to login...
Jul 20 00:00:24 ubuntuvpn ovpn-login[1681815]: Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/login.conf:1: pdks11 (2.4.7)
Jul 20 00:00:24 ubuntuvpn ovpn-login[1681815]: Use --help for more information.
Jul 20 00:00:24 ubuntuvpn systemd[1]: openvpn@login.service: Main process exited, code=exited, status=1/FAILURE
Jul 20 00:00:24 ubuntuvpn systemd[1]: openvpn@login.service: Failed with result 'exit-code'.
Jul 20 00:00:24 ubuntuvpn systemd[1]: Failed to start OpenVPN connection to login.
Jul 20 00:00:30 ubuntuvpn systemd[1]: openvpn@login.service: Scheduled restart job, restart counter is at 486032.
Jul 20 00:00:30 ubuntuvpn systemd[1]: Stopped OpenVPN connection to login.
Jul 20 00:00:30 ubuntuvpn systemd[1]: Starting OpenVPN connection to login...
Jul 20 00:00:30 ubuntuvpn ovpn-login[1681818]: Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/login.conf:1: pdks11 (2.4.7)
Jul 20 00:00:30 ubuntuvpn ovpn-login[1681818]: Use --help for more information.
Jul 20 00:00:30 ubuntuvpn systemd[1]: openvpn@login.service: Main process exited, code=exited, status=1/FAILURE
Jul 20 00:00:30 ubuntuvpn systemd[1]: openvpn@login.service: Failed with result 'exit-code'.

"pdks11" is username.

openvpn@ubuntuvpn:~$ openvpn --version
OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [ MH/PKTINFO] [AEAD] built on Mar 22 2022
library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependenc y_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_sel f_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute 2=yes enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mo de=no enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_ped antic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugi n_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enabl e_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_sile nt_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_opt ions=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt _username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes wi th_mem_check=no with_sysroot=no

I moved it to Access Server as I suspect (based on interface names) you are using that ...... ?

Rename to and try again.

This is a community version, moving it here .

Interesting, maybe it's both? There are as0t+ and tun0.

Oh, I get it, the site-to-site tunnel is Community openvpn, but there is also an Access Server on the same machine.

regards, rob0

dnw77 wrote: ↑

Thu Jul 21, 2022 11:02 am

client.conf:
client
dev tun
proto tcp
remote x.x.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca cert_export_CA-certificate.crt
cert cert_export_PGVPNUser.crt
key cert_export_PGVPNUser.key
remote-cert-tls server
cipher AES-256-CBC
auth SHA1
auth-user-pass login.conf
auth-nocache
route 172.17.2.0 255.255.255.0
verb 3

LOG:
Jul 20 00:00:09 ubuntuvpn systemd[1]: Starting OpenVPN connection to login...
Jul 20 00:00:09 ubuntuvpn ovpn-login[1681806]: Options error: Unrecognized option or missing or extra parameter(s) in /etc/openvpn/login.conf:1: pdks11 (2.4.7)

(snip)

"pdks11" is username.

It looks like systemd is loading this login.conf file as if it was an openvpn --config file, which of course it is not.

See your Ubuntu systemd(8) documentation and their documentation on how systemd loads "*.conf" files in the /etc/openvpn directory.

This is basically what Pippin was saying, but note also that you must change the --auth-user-pass filename in your client configuration.

regards, rob0

openvpn_inc wrote: ↑

Thu Jul 21, 2022 4:05 pm

note also that you must change the --auth-user-pass filename in your client configuration.

Important note I forgot to add.

--pdks11 is an unknown option ..