[Support] Linuxserver.io - OpenVPN AS


Recommended Posts

3 minutes ago, zin105 said:

I ssh into my unRAID box, type  docker exec -it openvpn-as passwd admin and change the password. It works to log into the webui, but if I restart the docker the change is lost.

 

I never tried this one, and I'm at work. I'll test it when I get the time. 

What is your run command? You find the info on how the get it in my sig. The want help with docker one. 

Link to comment

Trying to get this docker working. All looks good, but there are some things I'm not 100% sure about:

  1. Seen people mounting the config dir under appdata/ like -v "/mnt/cache/appdata/openvpn-as":"/config":rw
    Never seen this; shouldn't /mnt/user/appdata/openvpn-as work as well, given the /appdata share is marked cache-only, which it is by default?
  2. Haven't managed to get my head around the SSL certificates. I'm running nginx using letsencrypt certs, but using those really aren't feasible, as they expire every 3 months; also there's really no reason why self-signed cert couldn't be used for VPN purpose. Should we create our own cert using easy-rsa?
Link to comment
Trying to get this docker working. All looks good, but there are some things I'm not 100% sure about:
  1. Seen people mounting the config dir under appdata/ like -v "/mnt/cache/appdata/openvpn-as":"/config":rw
    Never seen this; shouldn't /mnt/user/appdata/openvpn-as work as well, given the /appdata share is marked cache-only, which it is by default?
  2. Haven't managed to get my head around the SSL certificates. I'm running nginx using letsencrypt certs, but using those really aren't feasible, as they expire every 3 months; also there's really no reason why self-signed cert couldn't be used for VPN purpose. Should we create our own cert using easy-rsa?

On the latest unraid stable you can use either mount point.

Openvpn container creates its own certs
Link to comment
  • 2 weeks later...

I test openvpn locally and everything works but when I try to do remote I have this error message :

Tue Mar 14 13:10:02 2017 Control Channel Authentication: tls-auth using INLINE static key file
Tue Mar 14 13:10:02 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar 14 13:10:02 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar 14 13:10:02 2017 Socket Buffers: R=[212992->200000] S=[212992->200000]
Tue Mar 14 13:10:02 2017 UDPv4 link local: [undef]
Tue Mar 14 13:10:02 2017 UDPv4 link remote: [AF_INET]80.15.197.70:1194
Tue Mar 14 13:10:06 2017 Server poll timeout, restarting
Tue Mar 14 13:10:06 2017 SIGUSR1[soft,server_poll] received, process restarting

 

Can you help me please

Link to comment
  • 2 weeks later...

I just installed the docker with host network type and privileged enabled on unraid 6.3.2. 

 

When I try the webui I get: This site can't be reached   "ERR_CONNECTION_REFUSED"

 

What I've tried: 

1. ssh into unraid machine created a password for admin (completed successfully)

2. trying chrome and firefox browsers. Also tried launching from the local machine (all same error)

3. forwarded port 943 to the local machine 

4. turning off the firewall in my router

 

Any advice is appreciated. 

Thanks. 

 

 

Link to comment
17 hours ago, CHBMB said:

Post your docker run command.

Sorry, I'm new to unraid and dockers, I'm not sure what that mean. 

 

I'm not running anything from the terminal, just from the docker section of unraid. 

 

Is there a log I can pull the command from? 

 

Edit: 

Here is the docker install log: 

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="openvpn-as" --net="host" --privileged="true" -e TZ="America/New_York" -e HOST_OS="unRAID" -e "TCP_PORT_943"="943" -e "PGID"="100" -e "PUID"="99" -v "/mnt/user/appdata/openvpn-as":"/config":rw linuxserver/openvpn-as
xxxxx36c41dxxxxxxx89d1112e53e8xxxxx63d5545xxxxxxx

The command finished successfully!

Edited by 1trkmind
Link to comment
9 hours ago, wgstarks said:

 

You have to be on a desktop machine also. Signatures aren't visible on mobile devices.

Run Command: 

root@localhost:# /usr/local/emhttp/plugins/dynamix.docker.manager/scripts/docker run -d --name="openvpn-as" --net="host" --privileged="true" -e TZ="America/New_York" -e HOST_OS="unRAID" -e "TCP_PORT_943"="943" -e "PGID"="100" -e "PUID"="99" -v "/mnt/user/appdata/openvpn-as":"/config":rw linuxserver/openvpn-as
391cfd36c41dc10bab165adf7b89d1112e53e87cb022564463d55459c05e4905

The command finished successfully!

 

OpenVPN-as Log: 

ErrorWarningSystemArrayLogin


[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 10-adduser: executing...

-------------------------------------
_ _ _
| |___| (_) ___
| / __| | |/ _ \
| \__ \ | | (_) |
|_|___/ |_|\___/
|_|

Brought to you by linuxserver.io
We gratefully accept donations at:
https://www.linuxserver.io/donations/
-------------------------------------
GID/UID
-------------------------------------
User uid: 99
User gid: 100
-------------------------------------

[cont-init.d] 10-adduser: exited 0.
[cont-init.d] 20-time: executing...

Current default time zone: 'America/New_York'
Local time is now: Fri Mar 31 06:19:27 EDT 2017.
Universal Time is now: Fri Mar 31 10:19:27 UTC 2017.

[cont-init.d] 20-time: exited 0.
[cont-init.d] 30-config: executing...
[cont-init.d] 30-config: exited 0.
[cont-init.d] 40-openvpn-init: executing...
[cont-init.d] 40-openvpn-init: exited 0.
[cont-init.d] 50-interface: executing...
MOD Default {} {}
MOD Default {} {}
MOD Default {} {}
MOD Default {} {}
[cont-init.d] 50-interface: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.

 

I hope this helps, thanks again. 

 

Link to comment

Hi, I've got some really dumb basic questions.  They may be more general in nature, but I'm not sure if they might be implementation specific to Linuxserver.io OpenVPN-AS so posting them here - but please tell me if I should ask elsewhere.  FYI, I'm familiar with router and Windows VPN implementations but not OpenVPN as a Docker.  I'm struggling a bit with what I can do with OpenVPN as a Docker, and whether I need other components.

 

So, I'll go ahead and install the Docker.  But, how do I "tell" other Dockers to use the VPN connection for outbound traffic?  Do I also need a proxy?  Or does this implementation "know" about other containers and allow me to configure which containers will use the VPN connection?  Or does it simply co-opt the entire docker0 network interface and route all containers configured for bridge mode?  I assume it doesn't co-opt the entire host network interface... 

 

Similarly, if I want to have other devices on my network use the VPN connection, do I need a proxy?  Or does OpenVPN-AS expose an interface that allows me to "point" traffic to it?  With the help, perhaps, of a VPN client on the device?

 

Feel free to send me to an appropriate resource to read, I've been googling without much success.

 

I'm obviously a bit confused, so thanks for any help!

 

 

Link to comment
6 minutes ago, tdallen said:

Hi, I've got some really dumb basic questions.  They may be more general in nature, but I'm not sure if they might be implementation specific to Linuxserver.io OpenVPN-AS so posting them here - but please tell me if I should ask elsewhere.  FYI, I'm familiar with router and Windows VPN implementations but not OpenVPN as a Docker.  I'm struggling a bit with what I can do with OpenVPN as a Docker, and whether I need other components.

 

So, I'll go ahead and install the Docker.  But, how do I "tell" other Dockers to use the VPN connection for outbound traffic?  Do I also need a proxy?  Or does this implementation "know" about other containers and allow me to configure which containers will use the VPN connection?  Or does it simply co-opt the entire docker0 network interface and route all containers configured for bridge mode?  I assume it doesn't co-opt the entire host network interface... 

 

Similarly, if I want to have other devices on my network use the VPN connection, do I need a proxy?  Or does OpenVPN-AS expose an interface that allows me to "point" traffic to it?  With the help, perhaps, of a VPN client on the device?

 

Feel free to send me to an appropriate resource to read, I've been googling without much success.

 

I'm obviously a bit confused, so thanks for any help!

 

 

 

You don't this is a VPN Server for connecting to your LAN from WAN.  Not for routing stuff from LAN over a VPN to WAN.

Link to comment
  • trurl pinned and unpinned this topic

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.