OpenVPN not listening on port
Normally you need a router in-between two /24 networks.
In your VPN config you have server address configured as 10.8.0.0 255.255.255.0. that's the network, not an address.
"Fri Feb 16 15:47:29 2018 ROUTE: default_gateway=UNDEF" And additionally you need the default gateway defined for a layer-3 device to be able to communicate outside of it's subnet. (This is the address of the router that would connect you to the 192.168.1.0 /24 subnet)
Try changing your openvpn server address to your local subnet. 192.168.1.254 255.255.255.0
And put your default gateway pointing to the router you have connected.
Related videos on Youtube
10 : 35
![OpenVPN Server behind NAT or Firewall !! [ASUS RT-AC68U Wireless Router]](https://i.ytimg.com/vi/g8YrptDDwVk/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLDc3fdyI-0gKjS7sotUvVcG5ZgVtA)
04 : 58
04 : 53
05 : 09
02 : 13
Daniel
Updated on September 18, 2022Comments
-
Daniel over 1 year
I setup an OpenVPN server on my RaspberryPi (Raspbian). Started successfully, but it is not listening to the port, so connecting to it is not possible. I can't find the problem here? What do I do wrong?
-
cat /etc/openvpn/vpn-server.confport 11094
proto udp
dev tun
ca ca.crt
cert vpn-server.crt
key vpn-server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0
key-direction 0
cipher AES-128-CBC
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
log /var/log/openvpn.log
verb 6 -
sudo netstat -vaunActive Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
udp 0 0 0.0.0.0:11094 0.0.0.0:*
udp 0 0 0.0.0.0:68 0.0.0.0:*
udp 0 0 192.168.1.2:123 0.0.0.0:*
udp 0 0 10.8.0.1:123 0.0.0.0:*
udp 0 0 127.0.0.1:123 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
udp 0 0 0.0.0.0:43721 0.0.0.0:*
udp 0 0 0.0.0.0:5353 0.0.0.0:*
udp6 0 0 :::44058 :::*
udp6 0 0 fe80::6d3d:f08e:c6b:123 :::*
udp6 0 0 ::1:123 :::*
udp6 0 0 :::123 :::*
udp6 0 0 :::5353 :::* -
nmap -sU 10.8.0.1 -p 11094Starting Nmap 6.47 ( http://nmap.org ) at 2018-02-16 17:04 UTC
Nmap scan report for 10.8.0.1
Host is up.
PORT STATE SERVICE
11094/udp open|filtered unknown -
cat /var/log/openvpn.logFri Feb 16 15:47:29 2018 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 27 2017
Fri Feb 16 15:47:29 2018 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08
Fri Feb 16 15:47:29 2018 Diffie-Hellman initialized with 2048 bit key
Fri Feb 16 15:47:29 2018 Control Channel Authentication: using 'ta.key' as a OpenVPN static key file
Fri Feb 16 15:47:29 2018 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Feb 16 15:47:29 2018 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Fri Feb 16 15:47:29 2018 Socket Buffers: R=[163840->131072] S=[163840->131072]
Fri Feb 16 15:47:29 2018 ROUTE: default_gateway=UNDEF
Fri Feb 16 15:47:29 2018 TUN/TAP device tun0 opened
Fri Feb 16 15:47:29 2018 TUN/TAP TX queue length set to 100
Fri Feb 16 15:47:29 2018 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Feb 16 15:47:29 2018 /sbin/ip link set dev tun0 up mtu 1500
Fri Feb 16 15:47:29 2018 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Fri Feb 16 15:47:29 2018 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Fri Feb 16 15:47:29 2018 GID set to nogroup
Fri Feb 16 15:47:29 2018 UID set to nobody
Fri Feb 16 15:47:29 2018 UDPv4 link local (bound): [undef]
Fri Feb 16 15:47:29 2018 UDPv4 link remote: [undef]
Fri Feb 16 15:47:29 2018 MULTI: multi_init called, r=256 v=256
Fri Feb 16 15:47:29 2018 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Fri Feb 16 15:47:29 2018 IFCONFIG POOL LIST
Fri Feb 16 15:47:29 2018 Initialization Sequence Completed -
sudo systemctl status openvpn@vpn-server● [email protected] - OpenVPN connection to vpn-server
Loaded: loaded (/lib/systemd/system/[email protected]; enabled)
Active: active (running) since Fri 2018-02-16 15:47:29 UTC; 1h 10min ago
Process: 499 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf (code=exited, status=0/SUCCESS)
Main PID: 547 (openvpn)
CGroup: /system.slice/system-openvpn.slice/[email protected]
└─547 /usr/sbin/openvpn --daemon ovpn-vpn-server --status /run/openvpn/vpn-server.status 10 --cd /etc/openvpn --config /etc/openvpn/vpn-server.conf
Feb 16 15:47:28 raspberrypi systemd[1]: Starting OpenVPN connection to vpn-server...
Feb 16 15:47:29 raspberrypi systemd[1]: Started OpenVPN connection to vpn-server.
Feb 16 16:06:40 raspberrypi systemd[1]: Started OpenVPN connection to vpn-server.
-
Tim_Stewart about 6 yearsWhat is your local subnet? Is it 192.168.1.0 /24?
-
Daniel about 6 yearsyes, 192.168.1.0/24. Also now from the logs when trying to connect I get
Fri Feb 16 18:23:45 2018 us=599042 192.168.1.4:38630 Authenticate/Decrypt packet error: packet HMAC authentication failed
-
