Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 3rd May 2010, 17:49
oday oday is offline
Junior Member
 
Join Date: Apr 2010
Location: Golden, CO
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
Default OpenVPN Startup Not Working?

Hello Linux Community,

I am new to Linux and new to networking, so please be patient with me if I am posting the wrong way or not providing the correct information when posting.

I am setting up a bridged OpenVPN server on a Debian installation. After finishing the configuration and starting openvpn (using the "openvpn /etc/.../server.conf" option) the output pauses after the last line of the following output and the system does not proceed or return to the command prompt.

############################ Console Out Start ################################
a# openvpn /etc/openvpn/examples/server.conf&
[1] 2706
# Mon May 3 08:40:19 2010 OpenVPN 2.1_rc11 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Sep 18 2008
Mon May 3 08:40:19 2010 NOTE: when bridging your LAN adapter with the TAP adapter, note that the new bridge adapter will often take on its own IP address that is different from what the LAN adapter was previously set to
Mon May 3 08:40:19 2010 Diffie-Hellman initialized with 1024 bit key
Mon May 3 08:40:19 2010 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Mon May 3 08:40:21 2010 Control Channel Authentication: using '/etc/openvpn/examples/easy-rsa/ta.key' as a OpenVPN static key file
Mon May 3 08:40:21 2010 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 3 08:40:21 2010 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon May 3 08:40:21 2010 TLS-Auth MTU parms [ L:1590 D:166 EF:66 EB:0 ET:0 EL:0 ]
Mon May 3 08:40:21 2010 TUN/TAP device tap0 opened
Mon May 3 08:40:21 2010 TUN/TAP TX queue length set to 100
Mon May 3 08:40:21 2010 Data Channel MTU parms [ L:1590 D:1450 EF:58 EB:135 ET:32 EL:0 AF:3/1 ]
Mon May 3 08:40:21 2010 GID set to nogroup
Mon May 3 08:40:21 2010 UID set to nobody
Mon May 3 08:40:21 2010 Socket Buffers: R=[111616->131072] S=[111616->131072]
Mon May 3 08:40:21 2010 UDPv4 link local (bound): 192.168.3.137:1194
Mon May 3 08:40:21 2010 UDPv4 link remote: [undef]
Mon May 3 08:40:21 2010 MULTI: multi_init called, r=256 v=256
Mon May 3 08:40:21 2010 IFCONFIG POOL: base=192.168.3.200 size=55
Mon May 3 08:40:21 2010 IFCONFIG POOL LIST
Mon May 3 08:40:21 2010 Initialization Sequence Completed
############################ Console Out End ################################

Including the ampersand sign (&) to return to command does not change the response. Should I be expecting sume sort of succeeded statement or other output after this? Maybe there is a way that I can check the status of the connection or connection process? I cannot log in to the vpn remotely using the client confs, but who knows if there is another issue with them.

Thanks for the help!
Reply With Quote
Sponsored Links
  #2  
Old 3rd May 2010, 21:15
Ben Ben is offline
Moderator
 
Join Date: Jul 2006
Posts: 1,029
Thanks: 7
Thanked 62 Times in 56 Posts
Default

Why don't you start openvpn via the init-Script? Normally it check's for all .conf files and tries to start them.
Within this file you can also see that the binary has a parameter to daemonize the service....

But nevertheless, I do not see any bad things in your logoutput. Did you check the output of netstat -tap whether openvpn is listening on the configured port? If so everything should be fine...
Reply With Quote
The Following User Says Thank You to Ben For This Useful Post:
oday (4th May 2010)
  #3  
Old 4th May 2010, 00:29
oday oday is offline
Junior Member
 
Join Date: Apr 2010
Location: Golden, CO
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Thanks for your response.

I checked netstat -tap and could not find openvpn listening on the configured port (port 1194). It may be that I do not know what to look for, though. I found the output to list all protocols as tcp, while I dictated udp in the server configuration. So I checked for udp with netstat -a, and found an openvpn listing, but am not sure what to make of it. It appears that the port is in use, because when I attempt to initiate the connection again it tells me that the socket is already in use. Below is the output of the netstat requests. If all looks fine, then I will try checking other reasons why connecting with a client is not working. Thank you again. Your aid is sincerely appreciated.

############################## output start ###################################
Mercury:/home/la# netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:35947 *:* LISTEN 1666/rpc.statd
tcp 0 0 *:sunrpc *:* LISTEN 1655/portmap
tcp 0 0 localhost:ipp *:* LISTEN 2059/cupsd
tcp 0 0 localhost:smtp *:* LISTEN 2326/exim4
tcp6 0 0 localhost:ipp [::]:* LISTEN 2059/cupsd
Mercury:/home/la# netstat -a | grep udp
udp 0 0 *:33047 *:*
udp 0 0 Mercury.localpenvpn *:*
udp 0 0 *:48567 *:*
udp 0 0 *:ircs *:*
udp 0 0 *:mdns *:*
udp 0 0 *:sunrpc *:*
udp 0 0 *:ipp *:*
udp6 0 0 [::]:mdns [::]:*
udp6 0 0 [::]:40191 [::]:*
############################## output end ###################################
Reply With Quote
  #4  
Old 4th May 2010, 08:33
Ben Ben is offline
Moderator
 
Join Date: Jul 2006
Posts: 1,029
Thanks: 7
Thanked 62 Times in 56 Posts
Default

So if you see openvpn listening on the configured port, why don't you just do the next step and set up your client to connect to your server.
Or for which purpose did you install / configure the openvpn server?

To release the openvpn process to the port, you need to kill the process. Or just use the init-script
Reply With Quote
  #5  
Old 4th May 2010, 16:13
oday oday is offline
Junior Member
 
Join Date: Apr 2010
Location: Golden, CO
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
Default

As I mentioned, I am new to Linux and I am not sure what the netstat return is saying. No where does it indicate to me that openvpn is listening on port 1194. You suggested the 'netstat -tap' command to me, and it did not return any references to the configured port. Based on this, it looked to my inexperience self like openvpn may not be listening. If you think that it is, then I will move on to figuring out why my clients cannot connect. Thanks again.
Reply With Quote
  #6  
Old 4th May 2010, 16:56
oday oday is offline
Junior Member
 
Join Date: Apr 2010
Location: Golden, CO
Posts: 4
Thanks: 1
Thanked 0 Times in 0 Posts
 
Default

o.k. I found the '-n' option for netstat, and verified that openvpn is in fact listening on the the configured port. I am not sure why it says "LISTEN" under "State" for the tcp sockets (is that right, sockets?), but not the udp. Regardless, thank you for pointing me in the right direction.

~o
Reply With Quote
Reply

Bookmarks

Tags
bridge, openvpn, start, startup

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Add ons for ISPConfig 3 virtue Installation/Configuration 24 16th October 2009 17:30
libWand.so.10 error Taxick Installation/Configuration 8 3rd May 2009 01:27
how openVPN uses NDIS API on linux tarun@howtoforge Suggest HOWTO 0 3rd June 2008 09:22
High Availability Samba cluster - DRBD + Heartbeat djalex Server Operation 58 25th May 2007 19:38
Howto suggestion suse PhP ver 4 + Ver 5 wwparrish Suggest HOWTO 11 7th August 2006 13:29


All times are GMT +2. The time now is 04:04.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.