tcp doesn't work
gruz123 opened this issue · comments
Checklist
- I read the README
- I followed instructions to configure VPN clients
- I searched existing Issues
- This bug is about the VPN setup script, and not OpenVPN itself
Describe the issue
tpc dosn't work after installation nothing happends.
To Reproduce
Steps to reproduce the behavior:
- choose tcp
- ss -tulpn nothin here...
Expected behavior
I excpect it going to work :)
Logs
Sorry, maybe tomorrow.
Server (please complete the following information)
-
OS: Debian 10,11, Fedora 36
-
Hosting provider GCP, Libvirt, Localhost
-
Device: Android
Additional context
won't work, i tried change protocol after installation, it's start but doesn't work anyway (in this case it maybe firewall issue, i'm not shure).
p.s. thanks, it's really great work
@gruz123 Hello! This repo is based on the popular Nyr/openvpn-install script, used by lots of users per day. TCP should work without issues (I don't see a related open issue there).
Check your server's external firewall configuration (if any), and make sure the TCP port you selected is open.
Also, if you are installing OpenVPN inside a container, make sure that the host forwards the correct port to the container.
@gruz123 Hello! This repo is based on the popular Nyr/openvpn-install script, used by lots of users per day. TCP should work without issues (I don't see a related open issue there).
Check your server's external firewall configuration (if any), and make sure the TCP port you selected is open.
It just doesn't bring up service at all after installation with tcp protocol selected.
About firewall, i mean after installation If i changed port from udp to tcp. But anyway I double check this. Thank you for your quick reply.
@gruz123 I just tested the script on a Debian 11 system with TCP and port 1194 (default) selected. The service runs fine after install:
root@localhost:~# systemctl status openvpn-server@server.service
● openvpn-server@server.service - OpenVPN service for server
Loaded: loaded (/lib/systemd/system/openvpn-server@.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2022-11-07 XX:XX:XX UTC; Xmin Xs ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Main PID: XXX (openvpn)
Status: "Initialization Sequence Completed"
Tasks: 1 (limit: XXX)
Memory: 1.0M
CPU: 9ms
CGroup: /system.slice/system-openvpn\x2dserver.slice/openvpn-server@server.service
└─XXX /usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf
Nov 07 XX:XX:XX localhost openvpn[XXX]: TCPv4_SERVER link remote: [AF_UNSPEC]
Nov 07 XX:XX:XX localhost openvpn[XXX]: GID set to nogroup
Nov 07 XX:XX:XX localhost openvpn[XXX]: UID set to nobody
Nov 07 XX:XX:XX localhost openvpn[XXX]: MULTI: multi_init called, r=256 v=256
Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL IPv4: base=10.8.0.2 size=252
Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL IPv6: base=fddd:1194:1194:1194::1000 size=65536 netbits=64
Nov 07 XX:XX:XX localhost openvpn[XXX]: NOTE: IPv4 pool size is 252, IPv6 pool size is 65536. IPv4 pool size limits the number of clients that can be served from the pool
Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL LIST
Nov 07 XX:XX:XX localhost openvpn[XXX]: MULTI: TCP INIT maxclients=1024 maxevents=1028
Nov 07 XX:XX:XX localhost openvpn[XXX]: Initialization Sequence Completed
root@localhost:~# netstat -anput
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 X.X.X.X:1194 0.0.0.0:* LISTEN XXX/openvpn
... ...
Note that you should check using systemctl status openvpn-server@server.service
, NOT systemctl status openvpn
or service openvpn status
.
I suspect that the issue could be caused by your specific server configuration. I'm closing this issue but if you have additional information, feel free to reply here.
@gruz123 I just tested the script on a Debian 11 system with TCP and port 1194 (default) selected. The service runs fine after install:
root@localhost:~# systemctl status openvpn-server@server.service ● openvpn-server@server.service - OpenVPN service for server Loaded: loaded (/lib/systemd/system/openvpn-server@.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2022-11-07 XX:XX:XX UTC; Xmin Xs ago Docs: man:openvpn(8) https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage https://community.openvpn.net/openvpn/wiki/HOWTO Main PID: XXX (openvpn) Status: "Initialization Sequence Completed" Tasks: 1 (limit: XXX) Memory: 1.0M CPU: 9ms CGroup: /system.slice/system-openvpn\x2dserver.slice/openvpn-server@server.service └─XXX /usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf Nov 07 XX:XX:XX localhost openvpn[XXX]: TCPv4_SERVER link remote: [AF_UNSPEC] Nov 07 XX:XX:XX localhost openvpn[XXX]: GID set to nogroup Nov 07 XX:XX:XX localhost openvpn[XXX]: UID set to nobody Nov 07 XX:XX:XX localhost openvpn[XXX]: MULTI: multi_init called, r=256 v=256 Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL IPv4: base=10.8.0.2 size=252 Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL IPv6: base=fddd:1194:1194:1194::1000 size=65536 netbits=64 Nov 07 XX:XX:XX localhost openvpn[XXX]: NOTE: IPv4 pool size is 252, IPv6 pool size is 65536. IPv4 pool size limits the number of clients that can be served from the pool Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL LIST Nov 07 XX:XX:XX localhost openvpn[XXX]: MULTI: TCP INIT maxclients=1024 maxevents=1028 Nov 07 XX:XX:XX localhost openvpn[XXX]: Initialization Sequence Completed root@localhost:~# netstat -anput Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 X.X.X.X:1194 0.0.0.0:* LISTEN XXX/openvpn ... ...
Note that you should check using
systemctl status openvpn-server@server.service
, NOTsystemctl status openvpn
orservice openvpn status
.I suspect that the issue could be caused by your specific server configuration. I'm closing this issue but if you have additional information, feel free to reply here.
Sorry it's okay, my fault.
Thanks again.