Page 1 of 1

OpenVPN works no more

Posted: Sun Mar 19, 2023 7:24 pm
by prassidice
I installed openVPN 2.5.1-3 on a debian 11 on summer 2022, it worked for several months without problems

yesterday it stopped working, I didn't update anything before it stopped and then I did
sudo apt update
and then
sudo apt upgrade

nothing changed

when I check the status of the server I got:

$ sudo systemctl status openvpn-server@server
‚óŹ openvpn-server@server.service - OpenVPN service for server
Loaded: loaded (/lib/systemd/system/openvpn-server@.service; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Sun 2023-03-19 19:14:54 CET; 632ms ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/w ... n24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 21238 ExecStart=/usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf (code=exited, status=1/FAILURE)
Main PID: 21238 (code=exited, status=1/FAILURE)
CPU: 47ms

my /var/log/syslog shows:
...
Mar 19 19:12:51 debianTV kernel: [26634.489002] [UFW BLOCK] IN=enp1s0 OUT= MAC= SRC=fe80:0000:0000:0000:8639:beff:fe68:667a DST=ff12:0000:0000:0000:0000:0000:0000:8384 LEN=447 TC=0 HOPLIMIT=1 FLOWLBL=290638 PROTO=UDP SPT=60483 DPT=21027 LEN=407
Mar 19 19:12:51 debianTV kernel: [26634.489386] [UFW BLOCK] IN=tun0 OUT= MAC= SRC=fe80:0000:0000:0000:3194:9f0d:76e2:cc22 DST=ff12:0000:0000:0000:0000:0000:0000:8384 LEN=447 TC=0 HOPLIMIT=1 FLOWLBL=120804 PROTO=UDP SPT=60483 DPT=21027 LEN=407
Mar 19 19:12:53 debianTV systemd[1]: openvpn-server@server.service: Scheduled restart job, restart counter is at 29.
Mar 19 19:12:53 debianTV systemd[1]: Stopped OpenVPN service for server.
Mar 19 19:12:54 debianTV systemd[1]: Starting OpenVPN service for server...
Mar 19 19:12:54 debianTV openvpn[21163]: Options error: In [CMD-LINE]:1: Error opening configuration file: server.conf
Mar 19 19:12:54 debianTV openvpn[21163]: Use --help for more information.
Mar 19 19:12:54 debianTV systemd[1]: openvpn-server@server.service: Main process exited, code=exited, status=1/FAILURE
Mar 19 19:12:54 debianTV systemd[1]: openvpn-server@server.service: Failed with result 'exit-code'.
Mar 19 19:12:54 debianTV systemd[1]: Failed to start OpenVPN service for server.
Mar 19 19:12:59 debianTV systemd[1]: openvpn-server@server.service: Scheduled restart job, restart counter is at 30.
Mar 19 19:12:59 debianTV systemd[1]: Stopped OpenVPN service for server.
Mar 19 19:12:59 debianTV systemd[1]: Starting OpenVPN service for server...
Mar 19 19:12:59 debianTV openvpn[21168]: Options error: In [CMD-LINE]:1: Error opening configuration file: server.conf
Mar 19 19:12:59 debianTV openvpn[21168]: Use --help for more information.
Mar 19 19:12:59 debianTV systemd[1]: openvpn-server@server.service: Main process exited, code=exited, status=1/FAILURE
Mar 19 19:12:59 debianTV systemd[1]: openvpn-server@server.service: Failed with result 'exit-code'.
Mar 19 19:12:59 debianTV systemd[1]: Failed to start OpenVPN service for server.

the server.conf is under the following:
/etc/openvpn$ ll
total 20
drwxr-xr-x 2 root root 4096 Aug 7 2022 client
drwxr-xr-x 4 root root 4096 Aug 6 2022 easy-rsa
drwxr-xr-x 2 root root 4096 Aug 6 2022 server
-rw-r--r-- 1 root root 793 Sep 4 2022 server.conf
-rwxr-xr-x 1 root root 1468 Apr 28 2021 update-resolv-conf


my /etc/openvpn/server.conf is the following:
##########################################
$ cat server.conf

port 1194
proto udp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/server.crt
key /etc/openvpn/server/server.key
dh /etc/openvpn/server/dh.pem
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
# push "dhcp-option DNS 208.67.222.222"
# push "dhcp-option DNS 208.67.220.220"
push "dhcp-option DNS 192.168.1.1"
#push "dhcp-option DNS 10.8.0.1"
push "dhcp-option WINS 192.168.1.1"



# duplicate-cn
cipher AES-256-GCM
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
auth SHA512
auth-nocache
keepalive 20 60
persist-key
persist-tun
compress lz4
push "compress lz4"
daemon
user nobody
group nogroup
log-append /var/log/openvpn.log
verb 3
##########################################

so, what is the "Error opening configuration file: server.conf"?
is there any evident cause for openVPN to stop working?

thank you for your help

Re: OpenVPN works no more

Posted: Wed Mar 22, 2023 3:46 pm
by never-stop-learning
hey, try to move the server.conf to /etc/openvpn/server folder.

Re: OpenVPN works no more

Posted: Sun Mar 26, 2023 5:22 pm
by prassidice
fixed, thank you

I wonder why it worked for all those months with the server.conf in wrong position and then stopped working, but now it works again
thank you very much!

Re: OpenVPN works no more

Posted: Fri Apr 07, 2023 10:28 am
by prassidice
the openvpn is working and the server.conf works even in /etc/openvpn/, that was not the problem

for some reason it stopped for a while to work and when I tryed to restart it through
sudo systemctl enable --now openvpn-server@server

the logfile shown

TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)

because the server was already working

to verify this I typed

ps -ef |grep openvpn
nobody 748 1 0 Mar19 ? 00:01:33 /usr/sbin/openvpn --daemon ovpn-server --status /run/openvpn/server.status 10 --cd /etc/openvpn --config /etc/openvpn/server.conf --writepid /run/openvpn/server.pid
user 3116784 3114975 0 19:44 pts/0 00:00:00 grep openvpn

then I killed it
$ sudo kill -9 748

and after a while I could see it again
$ ps -ef |grep openvpn
nobody 3116813 1 0 19:45 ? 00:00:00 /usr/sbin/openvpn --daemon ovpn-server --status /run/openvpn/server.status 10 --cd /etc/openvpn --config /etc/openvpn/server.conf --writepid /run/openvpn/server.pid
user 3116988 3114975 0 19:46 pts/0 00:00:00 grep openvpn

still I don't know what happened but the server is working without any modification