Client OpenVPN assigned IP: 10.8.0.2
↓ TCP on 1194
Internet
↓
Router port-forwards 1194 to server- Public IP 104.162.67.198
↓
Server LAN IP: 10.8.0.1
I think the above is what I am trying to do (the 10.8.0.0/24 is the assigned IP).
I am trying to route multiple remote clients via TCP to my OpenVPN server (otherwise functioning as a samba file share) running Ubuntu 14.04.
As you can see, in my server.conf, I'm push "route … …"almost every option with my server assigned IP address, server internal IP address, an my network public IP address, because I am unsure which needs to be routed.
See the details and troubleshooting I have done below, and any suggestions would be much appreciated.
server.conf
port 1194
proto tcp
mode server
dev tun
ca ca.crt
cert sambasrv.crt
sambasrv.key
dh dh2048.pem
ifconfig-pool-persis ipp.txt
push "route 192.168.0.19 255.255.255.0"
push "route 10.8.0.1 255.255.255.0"
push "route 10.0.0.0 255.0.0.0"
push "route 104.173.62.178 255.255.0"
push "route 10.8.0.1/24 104.173.62.178"
client-config ccd
route 10.8.0.2 255.255.255.0
keepalive 10 20
max-clinets 100
user nobody
group nogroup
persist-key
persist-tun
log-append openvpn.log
verb 4
client.conf
client dev tun
remote 104.173.62.178 1194
resolv-retry infinite
nobind
user nobody
group no group
persist key
persist tun
;mute-replay-warnings
ca ca.crt
cert client1.crt
key client1.key
comp-lzo
verb 4
I am now getting the socket bind failed on local address[undef], though with different configurations throughout the day, I have had success in getting the OpenVPN server to initialize, but has gone back to it's fatal error state after reboot/ more trouble shooting.
/etc/openvpn server.conf
Tue Dec 11 17:36:18 2012 Socket Buffers: R=[87380->131072] S=[16384->131072]
Tue Dec 11 17:36:18 2012 TCP/UDP: Socket bind failed on local address [undef]: Address already in use
Tue Dec 11 17:36:18 2012 Exiting due to fatal error
The server is able to ping itself (10.8.0.1), but not the client.
client ping 10.8.0.1 (server) times out.
Here are some more results from test that have been recommended in previous posts:
telnet 10.8.0.1 1194
doesn't connect #which I read that means that OpenVPN is fine, but the network isn't
netstat -nlp | grep 1194
udp 0 0 0.0.0:1194 0.0.0.0:* 3593/openvpn
For the above netstat, I don't know why it's udp instead of tcp. Maybe there is an issue there?
Interface config
ifconfig tun0 connect
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
ip route show:
default via 192.168.1.1 dev em1
10.8.0.0/24 via 10.8.0.2 dev tun0
10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1
192.168.1.0/24 dev em1 proto kernel scope link src 192.168.1.34
I've tried:
$iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE
$iptables -A INPUT -i tun0 -j ACCEPT
Enable IP forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward
Also note that on the client side, I am trying to connect to the server with Tunnelblick, and have successfully added the client.conf, ca.crt, client1.ct, and clinet1.key. Upon trying to connect, there is activity with packets going out, but not in.
Best Answer
In the OPENVPN Logfile you find:
I solved this problem with "Double-Restart" the OpenVPN Server. It toggles the binding problem. One time it works, next time it works not.
Hope, it helps somebody
Lutz