OVPN not working

Hello,

This is my situation, ovpn show as running (green) on services>openvpn screen but when i check in status>services screen it show as stopped (red), this situation didn’t start on the latest upgrade but a few months ago and I was hoping that the previous upgrades will fix it but that is a negative, any ideas of what can be the reason of this issue or where i can start looking to try to fix it.

Thank you for your help.

Hi @klauss214659

As a first step let’s find out if the OpenVPN server is actually running or not. With the OpenVPN Global Settings page showing the green RUNNING message then run the following command from the console command line

ps auxww | grep openvpn

If the server is running you should get two lines similar to the following

nobody   20731  0.0  0.1   7492  5772 ?        Ss   23:10   0:00 /usr/sbin/openvpn --config /var/ipfire/ovpn/server.conf
root     20790  0.0  0.0   6408  1896 pts/0    S+   23:10   0:00 grep openvpn

The first line is the OpenVPN server running and the second line is the grep openvpn command

If the OpenVPN server is not running then there will only be the grep openvpn line

Once we know the answer to the above check then we can figure out where to look next.

1 Like

Adolf,

Thank you for your help and yes only the line “grep openvpn” is present on the output of the grep command.

ovpn-grep

Hi Claudio,

OK, so the problem is that OpenVPN is not starting, even though it shows up as green and RUNNING on the OpenVPN page.

We need to look at the OpenVPN logs. Press the “Stop OpenVPN Server” button and confirm that the status changes to red and STOPPED. Then press the “Start OpenVPN Server” button and confirm that it goes green and RUNNING.

Then use the following command to filter the log for OpenVPN.

less /var/log/messages | grep openvpn

Near the end you should find the commands and messages related to the stopping and then starting of the OpenVPN server that you did above. You can use the timestamp of the log entries to select the right portion of the logs. If you can paste those messages (redacting any public IP’s or other sensitive items that you don’t want to disclose) then we can see what clues it gives as to why the server is not starting.

Adolf,

Attached is the screenshot of the log

Thank you for your help

Hi Claudio,

The line about IPv4 pool size is too small (1), must be at least 2 followed by the line Exiting due to fatal error is not normal. This looks like it might be related to your problem.

For your OpenVPN Network are you using a dynamic or static ip address pool?

What have you entered in the OpenVPN subnet: box on the Global Settings page?

If you have set up a Static IP Address Pool what did you define for the Network?

Adolf,

  1. an /29 should give me 6 ip address, I can change it to a higher number that is no problem.
  2. dynamic.
  3. 255.255.255.248, have been using this netmask for a few years.
  4. no static ip addresses.

Hope I responded to your questions correctly.

Thanks again

Claudio,

Unfortunately network numbers and cidr’s etc are not my strong point.

Yes, I looked up /29 and it should give enough. I have /24 in my setup. Maybe just try changing it to /24 (ie netmask of 255.255.255.0 and see if it then starts, although I understand your point about it having worked in the past so it won’t surprise me if it doesn’t help.

We are reaching the limits of my knowledge and capability to help here. Hopefully there are other people more experienced in OpenVPN who can help further.

Adolf,

No worries, I’m at the same point also that is why I posted here looking for help, it is just weird, locally I have a backup ovpn server (pivpn) and I’m using that one right now.

I really thank you for your time and effort trying to help me with this situation.

Adolf,

You wont believe me but yes changing the netmask to 255.255.255.0 brought the server back online, weird and I wont question why lol but it is working.

Thanks again, have a wonderful Friday wherever are you located, be safe.

Well I am glad you got it working again, even if we don’t fully understand why.

Best wishes for your weekend.