OpenVPN Server & Client for unRAID 6.2+ (6.1 are still supported)


peter_sm

Recommended Posts

I try to run the system and I get an error. What am I doing wrong.

 

Options error: In [CMD-LINE]:1: Error opening configuration file: Chose
Use --help for more information.

 

I get same problem. How do we set up a config file? All I want to do is access another unRAID server and vice versa.

Please, need more info, is it server or client? what UnRAID version? anyway, both the 2 plugins install on a fresh system perfect (Beta 10 on a VM)

 

Syslog ?

 

Thanks

 

//Peter

 

 

 

Link to comment

I try to run the system and I get an error. What am I doing wrong.

 

Options error: In [CMD-LINE]:1: Error opening configuration file: Chose
Use --help for more information.

 

I get same problem. How do we set up a config file? All I want to do is access another unRAID server and vice versa.

Please, need more info, is it server or client? what UnRAID version? anyway, both the 2 plugins install on a fresh system perfect (Beta 10 on a VM)

 

Syslog ?

 

Thanks

 

//Peter

I've been running this in both beta 10 and 10a (client, not server) and it has consistently worked flawlessly for me.  I actually haven't had to touch OpenVPN in over a year because its so rock solid.  Peter is the man!!!

Link to comment

# openvpn client plugin configuration file
USER="xxxxxx"
PASS="xxxxxx"
START_ON_MOUNT="no"
PLG_EXT="no"
PLG_PASSWORD="no"
OVPNCHOOSE="/boot/openvpn/US Florida.ovpn"

 

xxxx being my user and password

 

 

Oct 4 08:15:11 UNRAID sudo: root : TTY=unknown ; PWD=/boot/openvpn ; USER=root ; COMMAND=/usr/sbin/openvpn --writepid /var/run/openvpn/openvpn.pid --script-security 3 --mute-replay-warnings --config /boot/openvpn/US Florida.ovpn /dev/null

 

The Unraid log when i try to start it.

Link to comment

I found the issue! Is the space in the file name. This was solved long time ago, but the bug is back again?  Will solve this later, please try to change file name and try.

 

EDIT

 

Client plugin are updated to handle space in file name.

//Peter

 

that seemed to fix it , THANKS!  ;D

Link to comment
  • 5 weeks later...
  • 4 weeks later...

can't get the client to start getting this error

 

Dec 3 09:00:38 HOMESERVER sudo: root : TTY=unknown ; PWD=/boot/openvpn ; USER=root ; COMMAND=/bin/bash -c nohup /tmp/openvpn/openvpn.sh > /tmp/openvpn/openvpn.out /dev/null 2>&1 &

Dec 3 09:01:07 HOMESERVER sudo: root : TTY=unknown ; PWD=/boot/openvpn ; USER=root ; COMMAND=/bin/bash -c nohup /tmp/openvpn/openvpn.sh >

Link to comment

I can't get the route specific IP through Vpn to work. The IP's do not show up in the route list after connecting.

I can however get it to work if I add the route manually or add the specific IP's to the .ovpn file like this:

route IP-to-route 255.255.255.255

 

Shouldn't the IP's that I want to route show up under Extended routing IP?

Wouldn't it make more sense to show the wan IP that the specific IP's are routed through instead of the IP my router have?

 

I have checked that every config file is using unix format. Here is my config and logs:

 

Log

Wed Dec  3 17:40:25 2014 DEPRECATED OPTION: --tls-remote, please update your configuration
Wed Dec  3 17:40:25 2014 OpenVPN 2.3.2 x86_64-slackware-linux-gnu [sSL (OpenSSL)] [LZO] [EPOLL] [eurephia] [MH] [iPv6] built on Oct 12 2013
Wed Dec  3 17:40:25 2014 WARNING: file '/boot/config/plugins/openvpnclient/password.txt' is group or others accessible
Wed Dec  3 17:40:25 2014 Socket Buffers: R=[212992->131072] S=[212992->131072]
Wed Dec  3 17:40:25 2014 UDPv4 link local: [undef]
Wed Dec  3 17:40:25 2014 UDPv4 link remote: [AF_INET]138.199.67.165:443
Wed Dec  3 17:40:25 2014 TLS: Initial packet from [AF_INET]138.199.67.165:443, sid=b3347730 0c085c97
Wed Dec  3 17:40:25 2014 VERIFY OK: depth=1, /C=KY/ST=GrandCayman/L=GeorgeTown/O=GoldenFrog-Inc/CN=GoldenFrog-Inc_CA/[email protected]
Wed Dec  3 17:40:25 2014 VERIFY X509NAME OK: /C=KY/ST=GrandCayman/L=GeorgeTown/O=GoldenFrog-Inc/CN=no1.vpn.giganews.com/[email protected]
Wed Dec  3 17:40:25 2014 VERIFY OK: depth=0, /C=KY/ST=GrandCayman/L=GeorgeTown/O=GoldenFrog-Inc/CN=no1.vpn.giganews.com/[email protected]
Wed Dec  3 17:40:26 2014 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Dec  3 17:40:26 2014 Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Dec  3 17:40:26 2014 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Wed Dec  3 17:40:26 2014 Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
Wed Dec  3 17:40:26 2014 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Wed Dec  3 17:40:26 2014 [no1.vpn.giganews.com] Peer Connection Initiated with [AF_INET]138.199.67.165:443
Wed Dec  3 17:40:28 2014 SENT CONTROL [no1.vpn.giganews.com]: 'PUSH_REQUEST' (status=1)
Wed Dec  3 17:40:28 2014 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 138.199.67.53,dhcp-option DNS 138.199.67.54,explicit-exit-notify 5,rcvbuf 262144,route-gateway 10.79.0.1,topology subnet,ping 10,ping-restart 60,ifconfig 10.79.0.117 255.255.0.0'
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: timers and/or timeouts modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: explicit notify parm(s) modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Wed Dec  3 17:40:28 2014 Socket Buffers: R=[131072->425984] S=[131072->131072]
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: --ifconfig/up options modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: route options modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: route-related options modified
Wed Dec  3 17:40:28 2014 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Dec  3 17:40:28 2014 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=br0 HWADDR=d0:50:99:26:ad:8a
Wed Dec  3 17:40:28 2014 TUN/TAP device tun5 opened
Wed Dec  3 17:40:28 2014 TUN/TAP TX queue length set to 100
Wed Dec  3 17:40:28 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Dec  3 17:40:28 2014 /usr/sbin/ip link set dev tun5 up mtu 1500
Wed Dec  3 17:40:28 2014 /usr/sbin/ip addr add dev tun5 10.79.0.117/16 broadcast 10.79.255.255
Wed Dec  3 17:40:28 2014 /usr/sbin/ip route add 138.199.67.165/32 via 192.168.1.1
Wed Dec  3 17:40:28 2014 /usr/sbin/ip route add 0.0.0.0/1 via 10.79.0.1
Wed Dec  3 17:40:28 2014 /usr/sbin/ip route add 128.0.0.0/1 via 10.79.0.1
Wed Dec  3 17:40:28 2014 Initialization Sequence Completed
Starting Routing...
216.196.109.144    >>>>>>>    news-europe.giganews.com
104.130.28.231    >>>>>>>    icanhazip.com
VPN Gateway: 
ip route add 216.196.109.0/24 via dev tun5
ip route add 104.130.28.0/24 via dev tun5

 

Route

default via 192.168.1.1 dev br0  metric 207 
10.79.0.0/16 dev tun5  proto kernel  scope link  src 10.79.0.117 
127.0.0.0/8 dev lo  scope link 
138.199.67.165 via 192.168.1.1 dev br0 
172.17.0.0/16 dev docker0  proto kernel  scope link  src 172.17.42.1 
192.168.1.0/24 dev br0  proto kernel  scope link  src 192.168.1.5 
192.168.1.0/24 dev br0  proto kernel  scope link  src 192.168.1.5  metric 207 
192.168.1.5 via 127.0.0.1 dev lo  metric 207 

 

Ovpn file

client
proto udp
dev tun5
remote no1.vpn.giganews.com 443
resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip
ca ca.vyprvpn.com.crt
tls-remote no1.vpn.giganews.com
comp-lzo
verb 3
auth SHA256
cipher AES-256-CBC
keysize 256
tls-cipher TLS-DHE-RSA-WITH-AES-256-CBC-SHA:TLS-DHE-DSS-WITH-AES-256-CBC-SHA:TLS-RSA-WITH-AES-256-CBC-SHA
auth-user-pass /boot/config/plugins/openvpnclient/password.txt
auth-nocache
status /tmp/openvpn/openvpn-status.log

 

webbadress.txt

news-europe.giganews.com
icanhazip.com

Link to comment

Hi,

 

First, I did this function with help from other resources that asked for this features, and If some one can highlight to me how to verify above issue and how to solve it I would be happy,  I'm far away an expert of routing.

 

Since I don't can't support these extra function to route traffic, I think to remove this from the plugin, and user hopefully can come up with a solution outside the plugin.

 

//Peter

 

 

Link to comment

Hi,

 

First, I did this function with help from other resources that asked for this features, and If some one can highlight to me how to verify above issue and how to solve it I would be happy,  I'm far away an expert of routing.

 

Since I don't can't support these extra function to route traffic, I think to remove this from the plugin, and user hopefully can come up with a solution outside the plugin.

 

//Peter

 

Is it possible to have a field for entering the web address or IP to route when selecting "Route only specific IP addresses"?

Then you only have to add this in the .ovpn config file for it to work:

route IP-to-route 255.255.255.255

It might also work to use the web address also, but I haven't tested that.

Link to comment

If that works , I can made your way instead, so much easier!

 

We can still have the web addresses in the file we have now.

 

Then get the IP from each address and loop trough them with command

 

route IP-to-route/24 255.255.255.255

 

 

Will these IP addresses going trough VPN or standard WAN IP ?

 

//Peter

 

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.