OpenVPN not listening on port
Normally you need a router in-between two /24 networks.
In your VPN config you have server address configured as 10.8.0.0 255.255.255.0. that's the network, not an address.
"Fri Feb 16 15:47:29 2018 ROUTE: default_gateway=UNDEF" And additionally you need the default gateway defined for a layer-3 device to be able to communicate outside of it's subnet. (This is the address of the router that would connect you to the 192.168.1.0 /24 subnet)
Try changing your openvpn server address to your local subnet. 192.168.1.254 255.255.255.0
And put your default gateway pointing to the router you have connected.
Related videos on Youtube
Daniel
Updated on September 18, 2022Comments
-
Daniel over 1 year
I setup an OpenVPN server on my RaspberryPi (Raspbian). Started successfully, but it is not listening to the port, so connecting to it is not possible. I can't find the problem here? What do I do wrong?
-
cat /etc/openvpn/vpn-server.conf
port 11094
proto udp
dev tun
ca ca.crt
cert vpn-server.crt
key vpn-server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0
key-direction 0
cipher AES-128-CBC
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
verb 6 -
sudo netstat -vaun
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:11094 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 192.168.1.2:123 0.0.0.0:*
udp 0 0 10.8.0.1:123 0.0.0.0:*
udp 0 0 127.0.0.1:123 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
udp 0 0 0.0.0.0:43721 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp6 0 0 :::44058 :::*
udp6 0 0 fe80::6d3d:f08e:c6b:123 :::*
udp6 0 0 ::1:123 :::*
udp6 0 0 :::123 :::*
udp6 0 0 :::5353 :::* -
nmap -sU 10.8.0.1 -p 11094
Starting Nmap 6.47 ( http://nmap.org ) at 2018-02-16 17:04 UTC
Nmap scan report for 10.8.0.1
Host is up.
PORT STATE SERVICE
11094/udp open|filtered unknown -
cat /var/log/openvpn.log
Fri Feb 16 15:47:29 2018 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 27 2017
Fri Feb 16 15:47:29 2018 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08
Fri Feb 16 15:47:29 2018 Diffie-Hellman initialized with 2048 bit key
Fri Feb 16 15:47:29 2018 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Fri Feb 16 15:47:29 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Feb 16 15:47:29 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Feb 16 15:47:29 2018 Socket Buffers: R=[163840->131072] S=[163840->131072]
Fri Feb 16 15:47:29 2018 ROUTE: default_gateway=UNDEF
Fri Feb 16 15:47:29 2018 TUN/TAP device tun0 opened
Fri Feb 16 15:47:29 2018 TUN/TAP TX queue length set to 100
Fri Feb 16 15:47:29 2018 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Feb 16 15:47:29 2018 /sbin/ip link set dev tun0 up mtu 1500
Fri Feb 16 15:47:29 2018 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Fri Feb 16 15:47:29 2018 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Fri Feb 16 15:47:29 2018 GID set to nogroup
Fri Feb 16 15:47:29 2018 UID set to nobody
Fri Feb 16 15:47:29 2018 UDPv4 link local (bound): [undef]
Fri Feb 16 15:47:29 2018 UDPv4 link remote: [undef]
Fri Feb 16 15:47:29 2018 MULTI: multi_init called, r=256 v=256
Fri Feb 16 15:47:29 2018 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Fri Feb 16 15:47:29 2018 IFCONFIG POOL LIST
Fri Feb 16 15:47:29 2018 Initialization Sequence Completed -
sudo systemctl status openvpn@vpn-server
● [email protected] - OpenVPN connection to vpn-server
Loaded: loaded (/lib/systemd/system/[email protected]; enabled)
Active: active (running) since Fri 2018-02-16 15:47:29 UTC; 1h 10min ago
Process: 499 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf (code=exited, status=0/SUCCESS)
Main PID: 547 (openvpn)
CGroup: /system.slice/system-openvpn.slice/[email protected]
└─547 /usr/sbin/openvpn --daemon ovpn-vpn-server --status /run/openvpn/vpn-server.status 10 --cd /etc/openvpn --config /etc/openvpn/vpn-server.conf
Feb 16 15:47:28 raspberrypi systemd[1]: Starting OpenVPN connection to vpn-server...
Feb 16 15:47:29 raspberrypi systemd[1]: Started OpenVPN connection to vpn-server.
Feb 16 16:06:40 raspberrypi systemd[1]: Started OpenVPN connection to vpn-server.
-
Tim_Stewart about 6 yearsWhat is your local subnet? Is it 192.168.1.0 /24?
-
Daniel about 6 yearsyes, 192.168.1.0/24. Also now from the logs when trying to connect I get
Fri Feb 16 18:23:45 2018 us=599042 192.168.1.4:38630 Authenticate/Decrypt packet error: packet HMAC authentication failed
-