OpenVPN failed to start – Ubuntu / LXD issue
Recently I noticed that one of my OpenVPN servers stopped working. It was just after the update on the Ubuntu 16.04.4 LTS. What I found was that the service failed on start:
user@host:~$ sudo systemctl start [email protected] Job for [email protected] failed because the control process exited with error code. See "systemctl status [email protected]" and "journalctl -xe" for details.
The status message was also not helpful:
user@host:~$ sudo systemctl status [email protected] ● [email protected] - OpenVPN connection to server Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled) Active: failed (Result: exit-code) since Thu 2018-12-13 14:52:59 CET; 7s ago Dec 13 14:52:59 vz15951 systemd[1]: Starting OpenVPN connection to server… Dec 13 14:52:59 vz15951 ovpn-server[1854]: OpenVPN 2.3.18 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Sep 26 2017 Dec 13 14:52:59 vz15951 ovpn-server[1854]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Dec 13 14:52:59 vz15951 ovpn-server[1854]: daemon() failed or unsupported: Resource temporarily unavailable (errno=11) Dec 13 14:52:59 vz15951 ovpn-server[1854]: Exiting due to fatal error Dec 13 14:52:59 vz15951 systemd[1]: [email protected]: Control process exited, code=exited status=1 Dec 13 14:52:59 vz15951 systemd[1]: Failed to start OpenVPN connection to server. Dec 13 14:52:59 vz15951 systemd[1]: [email protected]: Unit entered failed state. Dec 13 14:52:59 vz15951 systemd[1]: [email protected]: Failed with result 'exit-code'.
Anything in the logs?
Unfortunately, logs also don’t look good:
Dec 13 14:52:59 vz15951 systemd[1]: Starting OpenVPN connection to server... Dec 13 14:52:59 vz15951 ovpn-server[1854]: OpenVPN 2.3.18 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Sep 26 2017 Dec 13 14:52:59 vz15951 ovpn-server[1854]: library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08 Dec 13 14:52:59 vz15951 ovpn-server[1854]: daemon() failed or unsupported: Resource temporarily unavailable (errno=11) Dec 13 14:52:59 vz15951 ovpn-server[1854]: Exiting due to fatal error Dec 13 14:52:59 vz15951 systemd[1]: [email protected]: Control process exited, code=exited status=1 Dec 13 14:52:59 vz15951 systemd[1]: Failed to start OpenVPN connection to server. Dec 13 14:52:59 vz15951 systemd[1]: [email protected]: Unit entered failed state. Dec 13 14:52:59 vz15951 systemd[1]: [email protected]: Failed with result 'exit-code'.
There is no clear evidence what failed. I remember that my provider was changing something in the virtual machine configurations recently (the company was bought by the bigger one) and this led me to the simple but brilliant solution…
Service configuration update
There is a known issue with OpenVPN on LXD containers. It has the same symptoms. So I tried to adjust the service configuration file:
user@host:~$ sudo vi /lib/systemd/system/[email protected]
I found the line with the LimitNPROC=10 and commented it out:
#LimitNPROC=10
Once updated, I had to perform two more steps – first was the reload of systemctl daemon:
user@host:~$ sudo systemctl daemon-reload
Next, I turned the OpenVPN service on again:
user@host:~$ sudo systemctl start [email protected]
No error message, this looks much better. Let’s take a look at the status:
user@host:~$ sudo systemctl status [email protected] ● [email protected] - OpenVPN connection to server Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled) Active: active (running) since Thu 2018-12-13 15:15:17 CET; 39s ago Docs: man:openvpn(8) https://community.openvpn.net/openvpn/wiki/Openvpn23ManPage https://community.openvpn.net/openvpn/wiki/HOWTO Process: 3497 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/%i.conf --writepid /run/ Main PID: 3498 (openvpn) CGroup: /system.slice/system-openvpn.slice/[email protected] └─3498 /usr/sbin/openvpn --daemon ovpn-server --status /run/openvpn/server.status 10 --cd /etc/openvpn --script-security 2 --config /etc/openvpn/server.conf --writepid / Dec 13 15:15:17 vz15951 ovpn-server[3498]: succeeded -> ifconfig_pool_set() Dec 13 15:15:17 vz15951 ovpn-server[3498]: Initialization Sequence Completed
Wonderful. It is working now. Such a simple solution but it requires a little bit of luck to find it 🙂
vim is not allowing me to comment out #LimitNPROC=10, i went to the folder and tried to chane it from there it wouldnt allow me either since its protected
can you help me change it
Hello Ahmad,
I can see possible issues here:
1) you may not be familiar with
vieditor – in such case instead of vi, usenano– it should be easier. If you have to use vi, please remember that you have to do the following things:– find the place you want to edit
– enter “insert mode” by pressing “i” letter on the keyboard
– make your change
– exit from “insert mode” by pressing ESC on the keyboard
– enter the command “:wq” which means “I want to write and quit”, remember that the command starts with “:”
2) there is also a possibility that you skipped “sudo” before your vi command. This file is not editable for everyone so if you want to save it, you have to use “sudo vi [filename]”
3) there can be other issues not mentioned above, but I need more information to help 🙂
Dulare
sudo vi /lib/system/system/[email protected] when i am using this command it is showing nothing, once its showing the same as to mention above I comment the thing also , I am removing something else and I guess I remove that complete file, now what can I do?
Hi there 🙂
If the vi command shows nothing, most likely the file you tried to edit ([email protected]) was not there and it was created by the editor. You will have to find the proper file location in order to comment out the line mentioned in the post. On the other hand, if you removed the file completely, you can backup your VPN configuration, remove and install it again. Have you checked what is the service file? If it is really [email protected]?
Hi Dulare,
I’ve been stuck for several days and can’t start the VPN serever. I always have this error and can’t continue. Can you help me ?
I followed this web site : https://blog.vpscheap.net/running-a-vpn-server-on-your-vps-everything-you-need-to-know/
[root@server system]# systemctl status [email protected]
* [email protected] – OpenVPN Robust And Highly Flexible Tunneling Application On server
Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Tue 2020-04-07 14:37:32 UTC; 2min 15s ago
Process: 930 ExecStart=/usr/sbin/openvpn –cd /etc/openvpn/ –config %i.conf (code=exited, status=1/FAILURE)
Main PID: 930 (code=exited, status=1/FAILURE)
Status: “Pre-connection initialization successful”
Apr 07 14:37:32 server systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application On server…
Apr 07 14:37:32 server systemd[1]: Started OpenVPN Robust And Highly Flexible Tunneling Application On server.
Apr 07 14:37:32 server systemd[1]: [email protected]: main process exited, code=exited, status=1/FAILURE
Apr 07 14:37:32 server systemd[1]: Unit [email protected] entered failed state.
Apr 07 14:37:32 server systemd[1]: [email protected] failed.
[root@server system]#
—–
[root@server system]# sudo vi /lib/systemd/system/[email protected]
[Unit]
Description=OpenVPN Robust And Highly Flexible Tunneling Application On %I
After=network.target
[Service]
Type=notify
PrivateTmp=true
ExecStart=/usr/sbin/openvpn –cd /etc/openvpn/ –config %i.conf
[Install]
WantedBy=multi-user.target
————-
[root@server system]# sudo vi /lib/systemd/system/[email protected]
[Unit]
Description=OpenVPN service for %I
After=syslog.target network-online.target
Wants=network-online.target
Documentation=man:openvpn(8)
Documentation=https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
[Service]
Type=notify
PrivateTmp=true
WorkingDirectory=/etc/openvpn
ExecStart=/usr/sbin/openvpn –status %t/openvpn-server/status-%i.log –status-version 2 –suppress-timestamps –config %i.conf
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
#LimitNPROC=10
DeviceAllow=/dev/null rw
DeviceAllow=/dev/net/tun rw
ProtectSystem=true
ProtectHome=true
KillMode=process
RestartSec=5s
Restart=on-failure
[Install]
WantedBy=multi-user.target
—–
[root@server ~]# sudo vim /etc/openvpn/server.conf
port 1194
;proto tcp
proto udp
;dev tap
dev tun
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh.pem
topology subnet
server 10.8.0.0 255.255.255.0
;ifconfig-pool-persist ipp.txt
;ifconfig-push
push “redirect-gateway def1 bypass-dhcp”
push “dhcp-option DNS 8.8.8.8”
push “dhcp-option DNS 8.8.4.4”
duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
tls-crypt mykey.tls
remote-cert-eku “TLS Web Client Authentication”
cipher AES-256-CBC
compress lz4-v2
push “compress lz4-v2”
persist-key
persist-tun
daemon
status /var/log/openvpn/openvpn-status.log
;log openvpn.log
log-append /var/log/openvpn/openvpn.log
verb 4
explicit-exit-notify 1
Hello Diego,
You should do one of the things:
1) Execute OpenVPN server manually (not as a service) with verbose information turned on and review the messages
2) Review log files (/var/log/messages) to see what is reported
This should lead you to the root of the problem.
Hello Dulare,
thank for your answer. This is what I got from: (/var/log/messages)
Apr 7 14:37:19 server systemd: Reloading.
Apr 7 14:37:19 server systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Apr 7 14:37:19 server systemd: Binding to IPv6 address not available since kernel does not support IPv6.
Apr 7 14:37:19 server systemd: [/usr/lib/systemd/system/vzfifo.service:19] Support for option SysVStartPriority= has been removed and it is ignored
Apr 7 14:37:32 server systemd: Starting OpenVPN Robust And Highly Flexible Tunneling Application On server…
Apr 7 14:37:32 server systemd: Started OpenVPN Robust And Highly Flexible Tunneling Application On server.
Apr 7 14:37:32 server systemd: [email protected]: main process exited, code=exited, status=1/FAILURE
Apr 7 14:37:32 server systemd: Unit [email protected] entered failed state.
Apr 7 14:37:32 server systemd: [email protected] failed.
—————–
Regarding to execute OpenVPN server manually, do you mean with this command, or do you have a different one?
[root@server log]# openvpn –config /etc/openvpn/tun0.conf –verb 6 // verbose output
Options error: In [CMD-LINE]:1: Error opening configuration file: /etc/openvpn/tun0.conf
Use –help for more information.
Thanks
Hello Diego,
The log is not really helpful, so let’s take a look at the manual start.
Your config file is here /etc/openvpn/server.conf as far as I can tell from your previous comment. So try to execute OpenVPN the following way:
# openvpn –config /etc/openvpn/server.conf –verb 6This should do the trick 🙂
Hello Dulare.
Now it seems to work, so every time I restart the server can I just start it manually?
you say there is a way to solve the problem in “[email protected]?
Thanks again
———
[root@server ~]# openvpn –config /etc/openvpn/server.conf –verb 6
Options error: I’m trying to parse “–config” as an –option parameter but I don’t see a leading ‘–‘
Use –help for more information.
[root@server ~]# openvpn –config /etc/openvpn/server.conf –verb 6
[root@server ~]# systemctl status [email protected]
* [email protected] – OpenVPN Robust And Highly Flexible Tunneling Application On server
Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled; vendor preset: disabled)
Active: active (running) since Wed 2020-04-08 08:07:46 UTC; 4min 43s ago
Main PID: 392 (openvpn)
Status: “Initialization Sequence Completed”
CGroup: /system.slice/system-openvpn.slice/[email protected]
`-392 /usr/sbin/openvpn –cd /etc/openvpn/ –config server.conf
Apr 07 14:34:23 server systemd[1]: [email protected]: main process exited, code=exited, status=1/FAILURE
Apr 07 14:34:23 server systemd[1]: Unit [email protected] entered failed state.
Apr 07 14:34:23 server systemd[1]: [email protected] failed.
Apr 07 14:37:32 server systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application On server…
Apr 07 14:37:32 server systemd[1]: Started OpenVPN Robust And Highly Flexible Tunneling Application On server.
Apr 07 14:37:32 server systemd[1]: [email protected]: main process exited, code=exited, status=1/FAILURE
Apr 07 14:37:32 server systemd[1]: Unit [email protected] entered failed state.
Apr 07 14:37:32 server systemd[1]: [email protected] failed.
Apr 08 08:07:46 server systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application On server…
Apr 08 08:07:46 server systemd[1]: Started OpenVPN Robust And Highly Flexible Tunneling Application On server.
[root@server ~]#
It is good that it worked manually. Yes, you can start it manually if needed. However, it would be better to find the source of the issue, which is most likely related to the [email protected] configuration file.
You can try to edit this line in your /lib/systemd/system/[email protected] file:
ExecStart=/usr/sbin/openvpn –status %t/openvpn-server/status-%i.log –status-version 2 –suppress-timestamps –config %i.conf
Instead of %i.conf you can enter your configuration file location, so it should look like:
ExecStart=/usr/sbin/openvpn –status %t/openvpn-server/status-%i.log –status-version 2 –suppress-timestamps –config /etc/openvpn/server.conf
But this is only my guess, not the solution I’m sure will work
Hello Dulare.
I installed open vpn in Ubuntu 18.04 (DELL lap top and using Mobile hotspot), but not working, below are the steps I followed –
>sudo apt-get install openvpn
> sudo openvpn –config client.opvn
>sudo systemctl start [email protected]
>sudo systemctl status [email protected]
I got this error log from above status command –
>ERROR: Linux route add command failed: external program exited with error status: 2
May 29 17:06:48 ovpn-client[1309]: /sbin/ip route add 10.0.0.0/16 metric 101 via 172.27.232.1
May 29 17:06:48 openvpn[1309]: RTNETLINK answers: File exists
May 29 17:06:48 ovpn-client[1309]: ERROR: Linux route add command failed: external program exited with error status: 2
May 29 17:06:48 ovpn-client[1309]: Initialization Sequence Completed
May 29 17:49:02 ovpn-client[1309]: write UDP: Network is unreachable (code=101)
May 29 17:49:03 ovpn-client[1309]: write UDP: Network is unreachable (code=101)
May 29 17:49:04 ovpn-client[1309]: write UDP: Network is unreachable (code=101)
Thanks,
Hello Mahesh,
It looks like your issue is related to the same subnet used by your VPN server and your VPN client. The server is not able to add the route to the 10.0.0.0/16 subnet since this route already exists. It looks like your VPN client is already connected to the subnet with the same parameters.
Hello i am trying to openvpn service in my ubuntu but when i start it ends with this message job for [email protected] failed because the control process exited with error code.
Hello Krish,
There is also a second part of this message, please use “journalctl -xe” or “systemctl status [email protected]” in order to see what happened. You can also take a look at logs. There is no easy way to help you as long as we don’t know what happened. Try the above commands and let me know what you found 🙂
Hello,
i have a similar problem openvpn won’t start.
“jurnalctl -xe” gives:
journalctl -xe
— The job identifier is 126599.
Oct 03 21:35:31 Mainframe systemd[1]: Started OpenVPN connection to Mainframe.
— Subject: A start job for unit [email protected] has finished successfully
— Defined-By: systemd
— Support: http://www.ubuntu.com/support
—
— A start job for unit [email protected] has finished successfully.
—
— The job identifier is 126599.
Oct 03 21:35:31 Mainframe systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
— Subject: Unit process exited
— Defined-By: systemd
— Support: http://www.ubuntu.com/support
—
— An ExecStart= process belonging to unit [email protected] has exited.
—
— The process’ exit code is ‘exited’ and its exit status is 1.
Oct 03 21:35:31 Mainframe systemd[1]: [email protected]: Failed with result ‘exit-code’.
— Subject: Unit failed
— Defined-By: systemd
— Support: http://www.ubuntu.com/support
—
— The unit [email protected] has entered the ‘failed’ state with result ‘exit-code’.
lines 7154-7176/7176 (END)
— The job identifier is 126599.
Oct 03 21:35:31 Mainframe systemd[1]: Started OpenVPN connection to Mainframe.
— Subject: A start job for unit [email protected] has finished successfully
— Defined-By: systemd
— Support: http://www.ubuntu.com/support
—
— A start job for unit [email protected] has finished successfully.
—
— The job identifier is 126599.
Oct 03 21:35:31 Mainframe systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
— Subject: Unit process exited
— Defined-By: systemd
— Support: http://www.ubuntu.com/support
—
— An ExecStart= process belonging to unit [email protected] has exited.
—
— The process’ exit code is ‘exited’ and its exit status is 1.
Oct 03 21:35:31 Mainframe systemd[1]: [email protected]: Failed with result ‘exit-code’.
— Subject: Unit failed
— Defined-By: systemd
— Support: http://www.ubuntu.com/support
—
— The unit [email protected] has entered the ‘failed’ state with result ‘exit-code’.
and systemctl status [email protected] gives:
sudo systemctl status [email protected]
● [email protected] – OpenVPN connection to Mainframe
Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Sat 2020-10-03 21:39:07 UTC; 4s ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 25542 ExecStart=/usr/sbin/openvpn –daemon ovpn-Mainframe –status /run/openvpn/Mainframe.status 10 –c>
Main PID: 25542 (code=exited, status=1/FAILURE)
Status: “Pre-connection initialization successful”
Oct 03 21:39:07 Mainframe systemd[1]: [email protected]: Main process exited, code=exited, status=1/FAILURE
Oct 03 21:39:07 Mainframe systemd[1]: [email protected]: Failed with result ‘exit-code’.
Hello Jeroen,
Have you taken a look at the logs? It would be also good to know what system are you working on. You can start your OpenVPN server manually, not in the background, and see what it will display. To execute OpenVPN with the verbose output you can use:
# openvpn –config /etc/openvpn/server.conf –verb 6Assuming that your configuration is under /etc/openvpn/server.conf
Please let me know what you received.
Hello Dulare,
A yes my system is running ubuntu server 20.04 LTS.
openvpn –version gives:
OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2018 OpenVPN Inc
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto=yes enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=yes enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multihome=yes enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_server=yes enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no
The logs in /etc/openvpn/servers/Masinframe/logs are empty.
The log /var/log/messages has some errors about livepatch but none for openvpn.
When i start openvpn manually i get:
openvpn –config /etc/openvpn/Mainframe.conf –verb 6
Sun Oct 4 06:48:36 2020 Warning: Error redirecting stdout/stderr to –log file: servers/Mainframe/logs/openvpn.log: No such file or directory (errno=2)
Options error: –dh fails with ‘keys/mainframe/dh2048.pem’: No such file or directory (errno=2)
Options error: –ca fails with ‘keys/mainframe/ca.crt’: No such file or directory (errno=2)
Options error: –cert fails with ‘keys/mainframe/server_mainframe.crt’: No such file or directory (errno=2)
Sun Oct 4 06:48:36 2020 us=223357 WARNING: cannot stat file ‘keys/mainframe/server_mainframe.key’: No such file or directory (errno=2)
Options error: –key fails with ‘keys/mainframe/server_mainframe.key’: No such file or directory (errno=2)
Options error: –crl-verify fails with ‘keys/mainframe/crl.pem’: No such file or directory (errno=2)
Options error: –status fails with ‘servers/Mainframe/logs/openvpn-status.log’: No such file or directory (errno=2)
Options error: Please correct these errors.
Use –help for more information.
if i look in the folders openvpn gives errors on all the files are there.
so the .log and cert files are all in the right place like above.
Have you executed the:
openvpn –config /etc/openvpn/Mainframe.conf –verb 6
as the root? If you executed as a root or using sudo and the “No such file” error is still visible, you have to check the permissions to these files and directories. As the second step, you can adjust the paths in the config file to use the absolute path (starting from / directory).
Yes I executed the command with root (sudo) and get the same errors. The permissions are all root:
drwxr-xr-x 2 root root 4096 Oct 3 18:09 .
drwxr-xr-x 3 root root 4096 Oct 3 18:07 ..
-rw-r–r– 1 root root 5324 Oct 3 18:09 01.pem
-rw-r–r– 1 root root 5180 Oct 3 18:09 02.pem
-rw-r–r– 1 root root 273 Oct 3 18:07 ca.config
-rw-r–r– 1 root root 1541 Oct 3 18:07 ca.crt
-rw——- 1 root root 1704 Oct 3 18:07 ca.key
-rw——- 1 root root 3245 Oct 3 18:07 ca.pem
-rw-r–r– 1 root root 646 Oct 3 18:07 crl.pem
-rw-r–r– 1 root root 424 Oct 3 18:07 dh2048.pem
-rw-r–r– 1 root root 258 Oct 3 18:09 index.txt
-rw-r–r– 1 root root 21 Oct 3 18:09 index.txt.attr
-rw-r–r– 1 root root 21 Oct 3 18:09 index.txt.attr.old
-rw-r–r– 1 root root 134 Oct 3 18:09 index.txt.old
-rw-r–r– 1 root root 5180 Oct 3 18:09 jeroen.crt
-rw-r–r– 1 root root 1058 Oct 3 18:09 jeroen.csr
-rw——- 1 root root 1854 Oct 3 18:09 jeroen.key
-rw——- 1 root root 3941 Oct 3 18:09 jeroen.p12
-rw-r–r– 1 root root 3 Oct 3 18:09 serial
-rw-r–r– 1 root root 3 Oct 3 18:09 serial.old
-rw-r–r– 1 root root 5324 Oct 3 18:09 server_mainframe.crt
-rw-r–r– 1 root root 1074 Oct 3 18:09 server_mainframe.csr
-rw——- 1 root root 1704 Oct 3 18:09 server_mainframe.key
-rw——- 1 root root 3973 Oct 3 18:09 server_mainframe.p12
-rw-r–r– 1 root root 86 Oct 3 18:09 server_mainframe.server
I will try to use the absolute path in the config file.
I do not get any error if i use the absolute path with:
sudo openvpn –config /etc/openvpn/Mainframe.conf –verb 6
do i check the status for the above command with :
sudo systemctl status openvpn@Mainframe
or
sudo systemctl status [email protected]
because the first gives errors
[email protected] – OpenVPN connection to Mainframe
Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Sun 2020-10-04 08:37:36 UTC; 3s ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 122237 ExecStart=/usr/sbin/openvpn –daemon ovpn-Mainframe –status /run/openvpn/Mainframe.status 10 –cd /etc/ope>
Main PID: 122237 (code=exited, status=1/FAILURE)
The second gives:
● [email protected] – OpenVPN connection to Mainframe
Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Sun 2020-10-04 08:39:11 UTC; 5s ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 122451 ExecStart=/usr/sbin/openvpn –daemon ovpn-Mainframe –status /run/openvpn/Mainframe.status 10 –cd /etc/ope>
Main PID: 122451 (code=exited, status=1/FAILURE)
Oct 04 08:39:16 Mainframe systemd[1]: [email protected]: Scheduled restart job, restart counter is at 9352.
Oct 04 08:39:16 Mainframe systemd[1]: Stopped OpenVPN connection to Mainframe.
Oct 04 08:39:16 Mainframe systemd[1]: Starting OpenVPN connection to Mainframe…
The second one is how it should be i think.
If you have two services, the one that is named “openvpn@Mainframe” and the second that is named “[email protected]” you should know which one you want to run. Most likely it is “[email protected]” since this is the typical name for the OpenVPN service.
Looking at your comments, I’m not sure what is the current status. You were able to execute:
sudo openvpn –config /etc/openvpn/Mainframe.conf –verb 6and it was running without errors as far as I can tell. Am I correct?
Have you tried to connect to your OpenVPN server once it was running? This gives additional information about the state of the server.
Hello dulare,
I think it should be [email protected]. the other one is an old one that i tried before.
If i do sudo openvpn –config /etc/openvpn/Mainframe.conf -verb 6″ I get no errors.
If i do “sudo systemctl status [email protected]¨ i get:
● [email protected] – OpenVPN connection to Mainframe
Loaded: loaded (/lib/systemd/system/[email protected]; enabled; vendor preset: enabled)
Active: activating (auto-restart) (Result: exit-code) since Sun 2020-10-04 08:39:11 UTC; 5s ago
Docs: man:openvpn(8)
https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
https://community.openvpn.net/openvpn/wiki/HOWTO
Process: 122451 ExecStart=/usr/sbin/openvpn –daemon ovpn-Mainframe –status /run/openvpn/Mainframe.status 10 –cd /etc/ope>
Main PID: 122451 (code=exited, status=1/FAILURE)
Oct 04 08:39:16 Mainframe systemd[1]: [email protected]: Scheduled restart job, restart counter is at 9352.
Oct 04 08:39:16 Mainframe systemd[1]: Stopped OpenVPN connection to Mainframe.
Oct 04 08:39:16 Mainframe systemd[1]: Starting OpenVPN connection to Mainframe…
so that look ok.
I tried to connect via de command line in my ubuntu desktop 20.04 machine.
with: sudo openvpn –config /home/jeroen/Documenten/vpn/openvpn/2/jeroen/jeroen.conf –verb 6
Sun Oct 4 18:06:54 2020 us=188724 WARNING: Ignoring option ‘dh’ in tls-client mode, please only include this in your server configuration
Sun Oct 4 18:06:54 2020 us=188795 WARNING: file ‘/home/jeroen/Documenten/vpn/openvpn/2/jeroen/jeroen.key’ is group or others accessible
Sun Oct 4 18:06:54 2020 us=188809 Current Parameter Settings:
Sun Oct 4 18:06:54 2020 us=188820 config = ‘/home/jeroen/Documenten/vpn/openvpn/2/jeroen/jeroen.conf’
Sun Oct 4 18:06:54 2020 us=188830 mode = 0
Sun Oct 4 18:06:54 2020 us=188837 persist_config = DISABLED
Sun Oct 4 18:06:54 2020 us=188845 persist_mode = 1
Sun Oct 4 18:06:54 2020 us=188852 show_ciphers = DISABLED
Sun Oct 4 18:06:54 2020 us=188860 show_digests = DISABLED
Sun Oct 4 18:06:54 2020 us=188871 show_engines = DISABLED
Sun Oct 4 18:06:54 2020 us=188879 genkey = DISABLED
Sun Oct 4 18:06:54 2020 us=188885 key_pass_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=188893 show_tls_ciphers = DISABLED
Sun Oct 4 18:06:54 2020 us=188902 connect_retry_max = 0
Sun Oct 4 18:06:54 2020 us=188908 Connection profiles [0]:
Sun Oct 4 18:06:54 2020 us=188917 proto = udp
Sun Oct 4 18:06:54 2020 us=188923 local = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=188931 local_port = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=188938 remote = ‘www.yoloen.nl’
Sun Oct 4 18:06:54 2020 us=188946 remote_port = ‘1194’
Sun Oct 4 18:06:54 2020 us=188952 remote_float = ENABLED
Sun Oct 4 18:06:54 2020 us=188960 bind_defined = DISABLED
Sun Oct 4 18:06:54 2020 us=188968 bind_local = DISABLED
Sun Oct 4 18:06:54 2020 us=188976 bind_ipv6_only = DISABLED
Sun Oct 4 18:06:54 2020 us=188984 connect_retry_seconds = 5
Sun Oct 4 18:06:54 2020 us=188993 connect_timeout = 120
Sun Oct 4 18:06:54 2020 us=189002 socks_proxy_server = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189010 socks_proxy_port = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189019 tun_mtu = 1500
Sun Oct 4 18:06:54 2020 us=189028 tun_mtu_defined = ENABLED
Sun Oct 4 18:06:54 2020 us=189036 link_mtu = 1500
Sun Oct 4 18:06:54 2020 us=189044 link_mtu_defined = DISABLED
Sun Oct 4 18:06:54 2020 us=189052 tun_mtu_extra = 0
Sun Oct 4 18:06:54 2020 us=189061 tun_mtu_extra_defined = DISABLED
Sun Oct 4 18:06:54 2020 us=189069 mtu_discover_type = -1
Sun Oct 4 18:06:54 2020 us=189077 fragment = 0
Sun Oct 4 18:06:54 2020 us=189085 mssfix = 1450
Sun Oct 4 18:06:54 2020 us=189094 explicit_exit_notification = 0
Sun Oct 4 18:06:54 2020 us=189102 Connection profiles END
Sun Oct 4 18:06:54 2020 us=189110 remote_random = DISABLED
Sun Oct 4 18:06:54 2020 us=189118 ipchange = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189127 dev = ‘tun’
Sun Oct 4 18:06:54 2020 us=189135 dev_type = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189143 dev_node = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189151 lladdr = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189159 topology = 1
Sun Oct 4 18:06:54 2020 us=189167 ifconfig_local = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189175 ifconfig_remote_netmask = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189184 ifconfig_noexec = DISABLED
Sun Oct 4 18:06:54 2020 us=189192 ifconfig_nowarn = DISABLED
Sun Oct 4 18:06:54 2020 us=189200 ifconfig_ipv6_local = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189208 ifconfig_ipv6_netbits = 0
Sun Oct 4 18:06:54 2020 us=189216 ifconfig_ipv6_remote = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189224 shaper = 0
Sun Oct 4 18:06:54 2020 us=189232 mtu_test = 0
Sun Oct 4 18:06:54 2020 us=189240 mlock = DISABLED
Sun Oct 4 18:06:54 2020 us=189249 keepalive_ping = 10
Sun Oct 4 18:06:54 2020 us=189257 keepalive_timeout = 120
Sun Oct 4 18:06:54 2020 us=189265 inactivity_timeout = 0
Sun Oct 4 18:06:54 2020 us=189273 ping_send_timeout = 10
Sun Oct 4 18:06:54 2020 us=189281 ping_rec_timeout = 120
Sun Oct 4 18:06:54 2020 us=189289 ping_rec_timeout_action = 2
Sun Oct 4 18:06:54 2020 us=189297 ping_timer_remote = DISABLED
Sun Oct 4 18:06:54 2020 us=189305 remap_sigusr1 = 0
Sun Oct 4 18:06:54 2020 us=189314 persist_tun = ENABLED
Sun Oct 4 18:06:54 2020 us=189327 persist_local_ip = DISABLED
Sun Oct 4 18:06:54 2020 us=189339 persist_remote_ip = DISABLED
Sun Oct 4 18:06:54 2020 us=189351 persist_key = ENABLED
Sun Oct 4 18:06:54 2020 us=189363 passtos = DISABLED
Sun Oct 4 18:06:54 2020 us=189375 resolve_retry_seconds = 1000000000
Sun Oct 4 18:06:54 2020 us=189387 resolve_in_advance = DISABLED
Sun Oct 4 18:06:54 2020 us=189398 username = ‘nobody’
Sun Oct 4 18:06:54 2020 us=189409 groupname = ‘nogroup’
Sun Oct 4 18:06:54 2020 us=189421 chroot_dir = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189432 cd_dir = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189445 writepid = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189456 up_script = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189467 down_script = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189478 down_pre = DISABLED
Sun Oct 4 18:06:54 2020 us=189488 up_restart = DISABLED
Sun Oct 4 18:06:54 2020 us=189500 up_delay = DISABLED
Sun Oct 4 18:06:54 2020 us=189512 daemon = DISABLED
Sun Oct 4 18:06:54 2020 us=189524 inetd = 0
Sun Oct 4 18:06:54 2020 us=189535 log = DISABLED
Sun Oct 4 18:06:54 2020 us=189548 suppress_timestamps = DISABLED
Sun Oct 4 18:06:54 2020 us=189560 machine_readable_output = DISABLED
Sun Oct 4 18:06:54 2020 us=189573 nice = 0
Sun Oct 4 18:06:54 2020 us=189586 verbosity = 6
Sun Oct 4 18:06:54 2020 us=189600 mute = 0
Sun Oct 4 18:06:54 2020 us=189614 gremlin = 0
Sun Oct 4 18:06:54 2020 us=189626 status_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189638 status_file_version = 1
Sun Oct 4 18:06:54 2020 us=189652 status_file_update_freq = 60
Sun Oct 4 18:06:54 2020 us=189665 occ = ENABLED
Sun Oct 4 18:06:54 2020 us=189679 rcvbuf = 0
Sun Oct 4 18:06:54 2020 us=189692 sndbuf = 0
Sun Oct 4 18:06:54 2020 us=189706 mark = 0
Sun Oct 4 18:06:54 2020 us=189719 sockflags = 0
Sun Oct 4 18:06:54 2020 us=189733 fast_io = DISABLED
Sun Oct 4 18:06:54 2020 us=189746 comp.alg = 2
Sun Oct 4 18:06:54 2020 us=189761 comp.flags = 1
Sun Oct 4 18:06:54 2020 us=189774 route_script = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189788 route_default_gateway = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189802 route_default_metric = 0
Sun Oct 4 18:06:54 2020 us=189816 route_noexec = DISABLED
Sun Oct 4 18:06:54 2020 us=189830 route_delay = 0
Sun Oct 4 18:06:54 2020 us=189838 route_delay_window = 30
Sun Oct 4 18:06:54 2020 us=189846 route_delay_defined = DISABLED
Sun Oct 4 18:06:54 2020 us=189854 route_nopull = DISABLED
Sun Oct 4 18:06:54 2020 us=189862 route_gateway_via_dhcp = DISABLED
Sun Oct 4 18:06:54 2020 us=189871 allow_pull_fqdn = DISABLED
Sun Oct 4 18:06:54 2020 us=189879 management_addr = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189887 management_port = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189895 management_user_pass = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189904 management_log_history_cache = 250
Sun Oct 4 18:06:54 2020 us=189911 management_echo_buffer_size = 100
Sun Oct 4 18:06:54 2020 us=189920 management_write_peer_info_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189929 management_client_user = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189937 management_client_group = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189945 management_flags = 0
Sun Oct 4 18:06:54 2020 us=189953 shared_secret_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=189962 key_direction = not set
Sun Oct 4 18:06:54 2020 us=189970 ciphername = ‘AES-256-CBC’
Sun Oct 4 18:06:54 2020 us=189978 ncp_enabled = ENABLED
Sun Oct 4 18:06:54 2020 us=189987 ncp_ciphers = ‘AES-256-GCM:AES-128-GCM’
Sun Oct 4 18:06:54 2020 us=189995 authname = ‘SHA1’
Sun Oct 4 18:06:54 2020 us=190004 prng_hash = ‘SHA1’
Sun Oct 4 18:06:54 2020 us=190012 prng_nonce_secret_len = 16
Sun Oct 4 18:06:54 2020 us=190021 keysize = 0
Sun Oct 4 18:06:54 2020 us=190029 engine = DISABLED
Sun Oct 4 18:06:54 2020 us=190037 replay = ENABLED
Sun Oct 4 18:06:54 2020 us=190045 mute_replay_warnings = DISABLED
Sun Oct 4 18:06:54 2020 us=190054 replay_window = 64
Sun Oct 4 18:06:54 2020 us=190062 replay_time = 15
Sun Oct 4 18:06:54 2020 us=190070 packet_id_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190078 use_iv = ENABLED
Sun Oct 4 18:06:54 2020 us=190086 test_crypto = DISABLED
Sun Oct 4 18:06:54 2020 us=190094 tls_server = DISABLED
Sun Oct 4 18:06:54 2020 us=190103 tls_client = ENABLED
Sun Oct 4 18:06:54 2020 us=190111 key_method = 2
Sun Oct 4 18:06:54 2020 us=190120 ca_file = ‘/home/jeroen/Documenten/vpn/openvpn/2/jeroen/ca.crt’
Sun Oct 4 18:06:54 2020 us=190128 ca_path = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190136 dh_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190145 cert_file = ‘/home/jeroen/Documenten/vpn/openvpn/2/jeroen/jeroen.crt’
Sun Oct 4 18:06:54 2020 us=190153 extra_certs_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190162 priv_key_file = ‘/home/jeroen/Documenten/vpn/openvpn/2/jeroen/jeroen.key’
Sun Oct 4 18:06:54 2020 us=190171 pkcs12_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190179 cipher_list = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190187 cipher_list_tls13 = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190195 tls_cert_profile = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190203 tls_verify = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190210 tls_export_cert = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190219 verify_x509_type = 0
Sun Oct 4 18:06:54 2020 us=190227 verify_x509_name = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190235 crl_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190244 ns_cert_type = 0
Sun Oct 4 18:06:54 2020 us=190252 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190260 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190268 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190275 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190283 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190291 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190299 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190307 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190315 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190323 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190330 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190338 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190346 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190354 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190362 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190369 remote_cert_ku[i] = 0
Sun Oct 4 18:06:54 2020 us=190378 remote_cert_eku = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190386 ssl_flags = 0
Sun Oct 4 18:06:54 2020 us=190394 tls_timeout = 2
Sun Oct 4 18:06:54 2020 us=190402 renegotiate_bytes = -1
Sun Oct 4 18:06:54 2020 us=190411 renegotiate_packets = 0
Sun Oct 4 18:06:54 2020 us=190419 renegotiate_seconds = 3600
Sun Oct 4 18:06:54 2020 us=190427 handshake_window = 60
Sun Oct 4 18:06:54 2020 us=190435 transition_window = 3600
Sun Oct 4 18:06:54 2020 us=190444 single_session = DISABLED
Sun Oct 4 18:06:54 2020 us=190452 push_peer_info = DISABLED
Sun Oct 4 18:06:54 2020 us=190460 tls_exit = DISABLED
Sun Oct 4 18:06:54 2020 us=190468 tls_auth_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190476 tls_crypt_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190485 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190493 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190501 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190509 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190517 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190525 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190533 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190542 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190550 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190558 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190566 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190574 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190582 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190590 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190598 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190606 pkcs11_protected_authentication = DISABLED
Sun Oct 4 18:06:54 2020 us=190615 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190623 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190631 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190639 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190648 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190655 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190663 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190671 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190679 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190687 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190695 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190703 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190711 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190718 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190726 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190734 pkcs11_private_mode = 00000000
Sun Oct 4 18:06:54 2020 us=190742 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190750 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190758 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190766 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190774 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190781 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190789 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190798 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190805 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190813 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190821 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190829 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190837 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190845 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190853 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190861 pkcs11_cert_private = DISABLED
Sun Oct 4 18:06:54 2020 us=190869 pkcs11_pin_cache_period = -1
Sun Oct 4 18:06:54 2020 us=190877 pkcs11_id = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=190885 pkcs11_id_management = DISABLED
Sun Oct 4 18:06:54 2020 us=190895 server_network = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=190904 server_netmask = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=190921 server_network_ipv6 = ::
Sun Oct 4 18:06:54 2020 us=190930 server_netbits_ipv6 = 0
Sun Oct 4 18:06:54 2020 us=190939 server_bridge_ip = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=190948 server_bridge_netmask = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=190956 server_bridge_pool_start = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=190965 server_bridge_pool_end = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=190974 ifconfig_pool_defined = DISABLED
Sun Oct 4 18:06:54 2020 us=190983 ifconfig_pool_start = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=190996 ifconfig_pool_end = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=191005 ifconfig_pool_netmask = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=191013 ifconfig_pool_persist_filename = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=191022 ifconfig_pool_persist_refresh_freq = 600
Sun Oct 4 18:06:54 2020 us=191030 ifconfig_ipv6_pool_defined = DISABLED
Sun Oct 4 18:06:54 2020 us=191039 ifconfig_ipv6_pool_base = ::
Sun Oct 4 18:06:54 2020 us=191048 ifconfig_ipv6_pool_netbits = 0
Sun Oct 4 18:06:54 2020 us=191056 n_bcast_buf = 256
Sun Oct 4 18:06:54 2020 us=191064 tcp_queue_limit = 64
Sun Oct 4 18:06:54 2020 us=191073 real_hash_size = 256
Sun Oct 4 18:06:54 2020 us=191081 virtual_hash_size = 256
Sun Oct 4 18:06:54 2020 us=191089 client_connect_script = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=191097 learn_address_script = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=191105 client_disconnect_script = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=191114 client_config_dir = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=191122 ccd_exclusive = DISABLED
Sun Oct 4 18:06:54 2020 us=191130 tmp_dir = ‘/tmp’
Sun Oct 4 18:06:54 2020 us=191138 push_ifconfig_defined = DISABLED
Sun Oct 4 18:06:54 2020 us=191147 push_ifconfig_local = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=191159 push_ifconfig_remote_netmask = 0.0.0.0
Sun Oct 4 18:06:54 2020 us=191169 push_ifconfig_ipv6_defined = DISABLED
Sun Oct 4 18:06:54 2020 us=191178 push_ifconfig_ipv6_local = ::/0
Sun Oct 4 18:06:54 2020 us=191186 push_ifconfig_ipv6_remote = ::
Sun Oct 4 18:06:54 2020 us=191195 enable_c2c = DISABLED
Sun Oct 4 18:06:54 2020 us=191203 duplicate_cn = DISABLED
Sun Oct 4 18:06:54 2020 us=191223 cf_max = 0
Sun Oct 4 18:06:54 2020 us=191233 cf_per = 0
Sun Oct 4 18:06:54 2020 us=191241 max_clients = 1024
Sun Oct 4 18:06:54 2020 us=191250 max_routes_per_client = 256
Sun Oct 4 18:06:54 2020 us=191259 auth_user_pass_verify_script = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=191267 auth_user_pass_verify_script_via_file = DISABLED
Sun Oct 4 18:06:54 2020 us=191275 auth_token_generate = DISABLED
Sun Oct 4 18:06:54 2020 us=191284 auth_token_lifetime = 0
Sun Oct 4 18:06:54 2020 us=191291 port_share_host = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=191299 port_share_port = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=191307 client = ENABLED
Sun Oct 4 18:06:54 2020 us=191316 pull = ENABLED
Sun Oct 4 18:06:54 2020 us=191324 auth_user_pass_file = ‘[UNDEF]’
Sun Oct 4 18:06:54 2020 us=191333 OpenVPN 2.4.7 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 5 2019
Sun Oct 4 18:06:54 2020 us=191349 library versions: OpenSSL 1.1.1f 31 Mar 2020, LZO 2.10
Sun Oct 4 18:06:54 2020 us=191445 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sun Oct 4 18:06:54 2020 us=191872 OpenSSL: error:140AB18E:SSL routines:SSL_CTX_use_certificate:ca md too weak
Sun Oct 4 18:06:54 2020 us=191891 Cannot load certificate file /home/jeroen/Documenten/vpn/openvpn/2/jeroen/jeroen.crt
Sun Oct 4 18:06:54 2020 us=191900 Exiting due to fatal error
I edited the config file so the dirs to de certs are right.
I don’t know what is going on. All the logs are empty as well.
Hope you can help.
I will get back to you on your email. It will be easier than talking through comments 🙂