search

angristan / openvpn-install

Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux.
https://stanislas.blog
MIT License
13.76k stars 2.98k forks source link

aws #1232

Open Vazza202 opened 4 months ago

Vazza202 commented 4 months ago

Not working to good on aws

log

2024-07-08 20:36:53 OpenVPN 2.6.11 [git:v2.6.11/ddf6bf6d2a135835] Windows [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Jun 26 2024 2024-07-08 20:36:53 Windows version 10.0 (Windows 10 or greater), amd64 executable 2024-07-08 20:36:53 library versions: OpenSSL 3.3.1 4 Jun 2024, LZO 2.10 2024-07-08 20:36:53 DCO version: 1.2.1 2024-07-08 20:36:53 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340 2024-07-08 20:36:53 Need hold release from management interface, waiting... 2024-07-08 20:36:53 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:54489 2024-07-08 20:36:54 MANAGEMENT: CMD 'state on' 2024-07-08 20:36:54 MANAGEMENT: CMD 'log on all' 2024-07-08 20:36:54 MANAGEMENT: CMD 'echo on all' 2024-07-08 20:36:54 MANAGEMENT: CMD 'bytecount 5' 2024-07-08 20:36:54 MANAGEMENT: CMD 'state' 2024-07-08 20:36:54 MANAGEMENT: CMD 'hold off' 2024-07-08 20:36:54 MANAGEMENT: CMD 'hold release' 2024-07-08 20:36:54 TCP/UDP: Preserving recently used remote address: [AF_INET]15.157.72.55:1194 2024-07-08 20:36:54 ovpn-dco device [OpenVPN Data Channel Offload] opened 2024-07-08 20:36:54 UDP link local: (not bound) 2024-07-08 20:36:54 UDP link remote: [AF_INET]15.157.72.55:1194 2024-07-08 20:36:54 MANAGEMENT: >STATE:1720485414,WAIT,,,,,, 2024-07-08 20:37:55 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) 2024-07-08 20:37:55 TLS Error: TLS handshake failed 2024-07-08 20:37:55 Closing DCO interface 2024-07-08 20:37:55 SIGUSR1[soft,tls-error] received, process restarting 2024-07-08 20:37:55 MANAGEMENT: >STATE:1720485475,RECONNECTING,tls-error,,,,, 2024-07-08 20:37:55 Restart pause, 1 second(s)

I checked everything I could think and still nothing but the servers are not kvm it's hvm so idk if that has a issue or not.

ouddorp commented 1 month ago

OpenVPN by the script is running fine on AWS. We have it running on multiple AWS locations on t3a micro instances. It's important that source/destination check is stopped on the instance (options -> networking -> Change/source destation check -> Checkbox "stop" needs te be checked). And a security group is needed to allow traffic on UDP port 1194.