tcp doesn't work

Question

tcp doesn't work

gruz123 opened this issue 2 years ago · comments

ArtemK commented 2 years ago

Checklist

I read the README
I followed instructions to configure VPN clients
I searched existing Issues
This bug is about the VPN setup script, and not OpenVPN itself

Describe the issue

tpc dosn't work after installation nothing happends.

To Reproduce
Steps to reproduce the behavior:

choose tcp
ss -tulpn nothin here...

Expected behavior

I excpect it going to work :)

Logs
Sorry, maybe tomorrow.

Server (please complete the following information)

OS: Debian 10,11, Fedora 36
Hosting provider GCP, Libvirt, Localhost
Device: Android

Additional context
won't work, i tried change protocol after installation, it's start but doesn't work anyway (in this case it maybe firewall issue, i'm not shure).
p.s. thanks, it's really great work

Lin Song · Answer 1 · Mon Nov 07 2022 10:07:06 GMT+0800 (China Standard Time)

@gruz123 Hello! This repo is based on the popular Nyr/openvpn-install script, used by lots of users per day. TCP should work without issues (I don't see a related open issue there).

Check your server's external firewall configuration (if any), and make sure the TCP port you selected is open.

Lin Song · Answer 2 · Mon Nov 07 2022 10:11:44 GMT+0800 (China Standard Time)

Also, if you are installing OpenVPN inside a container, make sure that the host forwards the correct port to the container.

ArtemK · Answer 3 · Mon Nov 07 2022 10:15:33 GMT+0800 (China Standard Time)

@gruz123 Hello! This repo is based on the popular Nyr/openvpn-install script, used by lots of users per day. TCP should work without issues (I don't see a related open issue there).

Check your server's external firewall configuration (if any), and make sure the TCP port you selected is open.

It just doesn't bring up service at all after installation with tcp protocol selected.

About firewall, i mean after installation If i changed port from udp to tcp. But anyway I double check this. Thank you for your quick reply.

Lin Song · Answer 4 · Mon Nov 07 2022 13:24:39 GMT+0800 (China Standard Time)

@gruz123 I just tested the script on a Debian 11 system with TCP and port 1194 (default) selected. The service runs fine after install:

root@localhost:~# systemctl status openvpn-server@server.service
● openvpn-server@server.service - OpenVPN service for server
     Loaded: loaded (/lib/systemd/system/openvpn-server@.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2022-11-07 XX:XX:XX UTC; Xmin Xs ago
       Docs: man:openvpn(8)
             https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
             https://community.openvpn.net/openvpn/wiki/HOWTO
   Main PID: XXX (openvpn)
     Status: "Initialization Sequence Completed"
      Tasks: 1 (limit: XXX)
     Memory: 1.0M
        CPU: 9ms
     CGroup: /system.slice/system-openvpn\x2dserver.slice/openvpn-server@server.service
             └─XXX /usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf

Nov 07 XX:XX:XX localhost openvpn[XXX]: TCPv4_SERVER link remote: [AF_UNSPEC]
Nov 07 XX:XX:XX localhost openvpn[XXX]: GID set to nogroup
Nov 07 XX:XX:XX localhost openvpn[XXX]: UID set to nobody
Nov 07 XX:XX:XX localhost openvpn[XXX]: MULTI: multi_init called, r=256 v=256
Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL IPv4: base=10.8.0.2 size=252
Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL IPv6: base=fddd:1194:1194:1194::1000 size=65536 netbits=64
Nov 07 XX:XX:XX localhost openvpn[XXX]: NOTE: IPv4 pool size is 252, IPv6 pool size is 65536. IPv4 pool size limits the number of clients that can be served from the pool
Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL LIST
Nov 07 XX:XX:XX localhost openvpn[XXX]: MULTI: TCP INIT maxclients=1024 maxevents=1028
Nov 07 XX:XX:XX localhost openvpn[XXX]: Initialization Sequence Completed

root@localhost:~# netstat -anput
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 X.X.X.X:1194      0.0.0.0:*               LISTEN      XXX/openvpn
... ...

Note that you should check using systemctl status openvpn-server@server.service, NOT systemctl status openvpn or service openvpn status.

I suspect that the issue could be caused by your specific server configuration. I'm closing this issue but if you have additional information, feel free to reply here.

ArtemK · Answer 5 · Mon Nov 07 2022 23:47:06 GMT+0800 (China Standard Time)

@gruz123 I just tested the script on a Debian 11 system with TCP and port 1194 (default) selected. The service runs fine after install:

root@localhost:~# systemctl status openvpn-server@server.service
● openvpn-server@server.service - OpenVPN service for server
     Loaded: loaded (/lib/systemd/system/openvpn-server@.service; enabled; vendor preset: enabled)
     Active: active (running) since Mon 2022-11-07 XX:XX:XX UTC; Xmin Xs ago
       Docs: man:openvpn(8)
             https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
             https://community.openvpn.net/openvpn/wiki/HOWTO
   Main PID: XXX (openvpn)
     Status: "Initialization Sequence Completed"
      Tasks: 1 (limit: XXX)
     Memory: 1.0M
        CPU: 9ms
     CGroup: /system.slice/system-openvpn\x2dserver.slice/openvpn-server@server.service
             └─XXX /usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf

Nov 07 XX:XX:XX localhost openvpn[XXX]: TCPv4_SERVER link remote: [AF_UNSPEC]
Nov 07 XX:XX:XX localhost openvpn[XXX]: GID set to nogroup
Nov 07 XX:XX:XX localhost openvpn[XXX]: UID set to nobody
Nov 07 XX:XX:XX localhost openvpn[XXX]: MULTI: multi_init called, r=256 v=256
Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL IPv4: base=10.8.0.2 size=252
Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL IPv6: base=fddd:1194:1194:1194::1000 size=65536 netbits=64
Nov 07 XX:XX:XX localhost openvpn[XXX]: NOTE: IPv4 pool size is 252, IPv6 pool size is 65536. IPv4 pool size limits the number of clients that can be served from the pool
Nov 07 XX:XX:XX localhost openvpn[XXX]: IFCONFIG POOL LIST
Nov 07 XX:XX:XX localhost openvpn[XXX]: MULTI: TCP INIT maxclients=1024 maxevents=1028
Nov 07 XX:XX:XX localhost openvpn[XXX]: Initialization Sequence Completed

root@localhost:~# netstat -anput
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 X.X.X.X:1194      0.0.0.0:*               LISTEN      XXX/openvpn
... ...

Note that you should check using systemctl status openvpn-server@server.service, NOT systemctl status openvpn or service openvpn status.

I suspect that the issue could be caused by your specific server configuration. I'm closing this issue but if you have additional information, feel free to reply here.

Sorry it's okay, my fault.
Thanks again.