Not sure if this is a bug or just my lack of experience so I've raised in discussion first.
I have installed on a local Ubuntu 16.04.6 server. The server is on my local network but when prompted I chose my public IP address for the set-up. My internet router is configured to forward ports to my server.
Anyway, I can browse to my public IP and I get the welcome pages etc. But, I can't connect using OpenVPN. Looking at the logs I am getting cannot fork errors with OpenVPN restarting every 6 to 7 seconds.
eg
May 30 20:43:18 vpn-u-s systemd[1]: openvpn@server.service: Service hold-off time over, scheduling restart.
May 30 20:43:18 vpn-u-s systemd[1]: Stopped OpenVPN service for server.
May 30 20:43:18 vpn-u-s systemd[1]: Starting OpenVPN service for server...
May 30 20:43:18 vpn-u-s systemd[1]: Started OpenVPN service for server.
May 30 20:43:18 vpn-u-s openvpn[2082]: Thu May 30 20:43:18 2019 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
May 30 20:43:18 vpn-u-s openvpn[2082]: Thu May 30 20:43:18 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
May 30 20:43:18 vpn-u-s systemd-networkd[516]: tun0: Gained carrier
May 30 20:43:18 vpn-u-s systemd[1]: Starting Update resolvconf for networkd DNS...
May 30 20:43:18 vpn-u-s sh[2088]: sed: can't read /run/systemd/netif/leases/: No such file or directory
May 30 20:43:18 vpn-u-s openvpn[2082]: Thu May 30 20:43:18 2019 Could not determine IPv4/IPv6 protocol. Using AF_INET
May 30 20:43:19 vpn-u-s sh[2088]: sed: can't read /run/systemd/netif/leases/: No such file or directory
May 30 20:43:19 vpn-u-s ntpd[1570]: Listen normally on 12 tun0 10.8.0.1:123
May 30 20:43:19 vpn-u-s ntpd[1570]: new interface(s) found: waking up resolver
May 30 20:43:19 vpn-u-s openvpn[2082]: Thu May 30 20:43:19 2019 85.255.235.205:20342 openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11)
May 30 20:43:19 vpn-u-s openvpn[2082]: Thu May 30 20:43:19 2019 85.255.235.205:20342 openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11)
May 30 20:43:19 vpn-u-s systemd-networkd[516]: tun0: Lost carrier
May 30 20:43:19 vpn-u-s systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE
May 30 20:43:19 vpn-u-s systemd[1]: openvpn@server.service: Unit entered failed state.
May 30 20:43:19 vpn-u-s systemd[1]: openvpn@server.service: Failed with result 'exit-code'.
May 30 20:43:20 vpn-u-s sh[2088]: sed: can't read /run/systemd/netif/leases/*: No such file or directory
Has anybody come across this? By the way, I've tried the LimitNProc= fix but this hasn't worked for me.
thanks
chris.
UPDATE
I've installed again and noticed this in the install log
TASK [download-and-verify : Verify the OpenVPN Community download signatures with the Streisand GPG keyring] ***
changed: [192.168.0.111] => (item={u'sig': u'openvpn-latest-stable.tar.gz.asc', u'file': u'openvpn-latest-stable.tar.gz'})
changed: [192.168.0.111] => (item={u'sig': u'openvpn-install-latest-stable.exe.asc', u'file': u'openvpn-install-latest-stable.exe'})
TASK [download-and-verify : Verify the OpenVPN Community download signature checks all passed] *****
ok: [192.168.0.111] => (item=None)
ok: [192.168.0.111] => (item=None)
ok: [192.168.0.111]
TASK [download-and-verify : Verify the OpenVPN Community download signatures were from the correct keys] ***
failed: [192.168.0.111] (item=None) => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}
failed: [192.168.0.111] (item=None) => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}
fatal: [192.168.0.111]: FAILED! => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}
TASK [openvpn : One or more of the VPN clients could not be mirrored. Please file a bug report on GitHub so that the version number, checksum, or download location can be updated. Setup will now continue.] ***
Pausing for 20 seconds
(ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort)
ok: [192.168.0.111]
hi All
Not sure if this is a bug or just my lack of experience so I've raised in discussion first.
I have installed on a local Ubuntu 16.04.6 server. The server is on my local network but when prompted I chose my public IP address for the set-up. My internet router is configured to forward ports to my server.
Anyway, I can browse to my public IP and I get the welcome pages etc. But, I can't connect using OpenVPN. Looking at the logs I am getting cannot fork errors with OpenVPN restarting every 6 to 7 seconds. eg
May 30 20:43:18 vpn-u-s systemd[1]: openvpn@server.service: Service hold-off time over, scheduling restart. May 30 20:43:18 vpn-u-s systemd[1]: Stopped OpenVPN service for server. May 30 20:43:18 vpn-u-s systemd[1]: Starting OpenVPN service for server... May 30 20:43:18 vpn-u-s systemd[1]: Started OpenVPN service for server. May 30 20:43:18 vpn-u-s openvpn[2082]: Thu May 30 20:43:18 2019 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. May 30 20:43:18 vpn-u-s openvpn[2082]: Thu May 30 20:43:18 2019 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts May 30 20:43:18 vpn-u-s systemd-networkd[516]: tun0: Gained carrier May 30 20:43:18 vpn-u-s systemd[1]: Starting Update resolvconf for networkd DNS... May 30 20:43:18 vpn-u-s sh[2088]: sed: can't read /run/systemd/netif/leases/: No such file or directory May 30 20:43:18 vpn-u-s openvpn[2082]: Thu May 30 20:43:18 2019 Could not determine IPv4/IPv6 protocol. Using AF_INET May 30 20:43:19 vpn-u-s sh[2088]: sed: can't read /run/systemd/netif/leases/: No such file or directory May 30 20:43:19 vpn-u-s ntpd[1570]: Listen normally on 12 tun0 10.8.0.1:123 May 30 20:43:19 vpn-u-s ntpd[1570]: new interface(s) found: waking up resolver May 30 20:43:19 vpn-u-s openvpn[2082]: Thu May 30 20:43:19 2019 85.255.235.205:20342 openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11) May 30 20:43:19 vpn-u-s openvpn[2082]: Thu May 30 20:43:19 2019 85.255.235.205:20342 openvpn_execve: unable to fork: Resource temporarily unavailable (errno=11) May 30 20:43:19 vpn-u-s systemd-networkd[516]: tun0: Lost carrier May 30 20:43:19 vpn-u-s systemd[1]: openvpn@server.service: Main process exited, code=exited, status=1/FAILURE May 30 20:43:19 vpn-u-s systemd[1]: openvpn@server.service: Unit entered failed state. May 30 20:43:19 vpn-u-s systemd[1]: openvpn@server.service: Failed with result 'exit-code'. May 30 20:43:20 vpn-u-s sh[2088]: sed: can't read /run/systemd/netif/leases/*: No such file or directory
Has anybody come across this? By the way, I've tried the LimitNProc= fix but this hasn't worked for me.
thanks chris.
UPDATE
I've installed again and noticed this in the install log
TASK [download-and-verify : Download the OpenVPN Community files] ** changed: [192.168.0.111] => (item={u'sig': u'openvpn-latest-stable.tar.gz.asc', u'file': u'openvpn-latest-stable.tar.gz'}) changed: [192.168.0.111] => (item={u'sig': u'openvpn-install-latest-stable.exe.asc', u'file': u'openvpn-install-latest-stable.exe'})
TASK [download-and-verify : Download the OpenVPN Community signatures] ***** changed: [192.168.0.111] => (item={u'sig': u'openvpn-latest-stable.tar.gz.asc', u'file': u'openvpn-latest-stable.tar.gz'}) changed: [192.168.0.111] => (item={u'sig': u'openvpn-install-latest-stable.exe.asc', u'file': u'openvpn-install-latest-stable.exe'})
TASK [download-and-verify : Verify the OpenVPN Community download signatures with the Streisand GPG keyring] *** changed: [192.168.0.111] => (item={u'sig': u'openvpn-latest-stable.tar.gz.asc', u'file': u'openvpn-latest-stable.tar.gz'}) changed: [192.168.0.111] => (item={u'sig': u'openvpn-install-latest-stable.exe.asc', u'file': u'openvpn-install-latest-stable.exe'})
TASK [download-and-verify : Verify the OpenVPN Community download signature checks all passed] ***** ok: [192.168.0.111] => (item=None) ok: [192.168.0.111] => (item=None) ok: [192.168.0.111]
TASK [download-and-verify : Verify the OpenVPN Community download signatures were from the correct keys] *** failed: [192.168.0.111] (item=None) => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} failed: [192.168.0.111] (item=None) => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false} fatal: [192.168.0.111]: FAILED! => {"censored": "the output has been hidden due to the fact that 'no_log: true' was specified for this result", "changed": false}
TASK [openvpn : One or more of the VPN clients could not be mirrored. Please file a bug report on GitHub so that the version number, checksum, or download location can be updated. Setup will now continue.] *** Pausing for 20 seconds (ctrl+C then 'C' = continue early, ctrl+C then 'A' = abort) ok: [192.168.0.111]