Failed to configure admin for tun VPN

[cerahmed]

Hi @bnhf,

Thanks for the great UI! I'm trying to install it as per instructions, but I get an error in the Admin UI saying check your configuration. I have a TUN OpenVPN already installed using pivpn, so I assumed I'd have to change tap0 to tun0 and dev tap to dev tun in the vpn setting (through the UI) and reboot.

That didn't help. Could you please guide us on how to make it work with TUN vpn types?

Thanks.

[bnhf]

@cerahmed

You're on the right track. You need to run through the Configuration - OpenVPN Config page once -- entering all of the directives you'd like used in server.conf. You can use your current version of the file as guide, if the default values from the PiVPN installation work for you. Then reboot or restart OpenVPN.

After that, in Configuration - Settings, you'll need to enter the Management Interface Address you used in OpenVPN Config. In addition, you'll want to enter your Static IP or DDNS hostname in the Server Address External field. Save that, and you should be up-and-running.

[cerahmed]

Hey @bnhf,

Thanks for the guide! I'll give it a try now. Also, I'm trying to change the iprange in server.conf from the default 10.161.102.2 to 192.168.2.0 but OpenVPN keeps generating clients with the old ip range.

Anyway you can help with this? Much appreciated.

[bnhf]

@cerahmed

I use TAP myself, but I believe you need to use the server directive followed by the address and netmask of the range you'd like to use, and then optionally a pool of addresses.

Something like server 192.168.2.0 255.255.255.0 192.168.2.2 192.168.2.10 should work I would think. But look to OpenVPN reference materials on server directives if it doesn't.

[cerahmed]

Thanks a bunch. I've followed the instructions and now rebooting, will let you know how it goes.

Just a quick question, what is Management Interface Address supposed to refer to. I don't remember dealing with it during the pivpn installation process.

[cerahmed]

Hmm I still get Mapping Error.

[bnhf]

@cerahmed

Just a quick question, what is Management Interface Address supposed to refer to.

The OpenVPN Management Interface is what this WebUI uses to interact with the OpenVPN Server daemon.

Hmm I still get Mapping Error.

Did you setup the Management Interface on both the OpenVPN - Config page and the Settings page? Using the recommended IP addresses, and in the required format shown in the field's "hints" just below the text entry box?

[cerahmed]

Apologies for these questions but I'm just moving to OpenVPN coming from Wireguard.

The OpenVPN Management Interface is what this WebUI uses to interact with the OpenVPN Server daemon.

How do I find it, I don't recall pivpn prompting for it, plus it doesn't show in the server.conf file. This might be the reason I'm getting the error indeed.

[bnhf]

@cerahmed

How do I find it, I don't recall pivpn prompting for it, plus it doesn't show in the server.conf file. This might be the reason I'm getting the error indeed.

You didn't answer my question above:

Did you setup the Management Interface on both the OpenVPN - Config page and the Settings page? Using the recommended IP addresses, and in the required format shown in the field's "hints" just below the text entry box?

You need to enter all of the OpenVPN server directives through the WebUI to initialize the WebUI's database and to get the Management Interface directive added to the server.conf file. PiVPN does not add this directive, it's added by the WebUI. Once you've done that, make any and all changes you want to server.conf through the WebUI.

[cerahmed]

Did you setup the Management Interface on both the OpenVPN - Config page and the Settings page? Using the recommended IP addresses, and in the required format shown in the field's "hints" just below the text entry box?

No I did not. I just kept the default values as I couldn't figure out what they were. I can see that all the changes I made through the WebUI are reflected in server.conf, though. I'll double check the Management Interface thing.

[cerahmed]

Ok so I started clean, followed the instructions and I still get the Error.

Is there anything I'm missing?

Thanks the support, really appreciate it.

[bnhf]

@cerahmed

Is there anything I'm missing?

There should be a PiVPN OpenVPN Server Name showing in your screenshot -- which is based on the environment variables required for this project. Did you follow the README?

[cerahmed]

Uh. I actually did read it and followed it carefully, I grabbed the name from the server.conf file and pasted it in the env vars. Not sure how it disappeared. I'll do my homework again and will let you know.

[cerahmed]

Thanks a lot @bnhf for guiding me through, it finally works now! Really appreciate it.

[cerahmed]

Actually now the status page does not show errors, but creating a new certificate raises exit status 1, does it have to do with the configuration?

[bnhf]

@cerahmed

That's probably related to things getting configured the first time around without the PiVPN server name being correct.

Check your /etc/openvpn/easy-rsa/vars file and see if it looks something like this:

All your blurred-out values should be in double quotes. The country code should be the 2 character standard code for your country.

And check that the end of the first line of your /etc/openvpn/easy-rsa/pki/index.txt file should look something like this:

unknown /CN=[Your PiVPN Server Name]/name=server