Open nathanoertel opened 3 years ago
br0ziliy
commented
2 years ago I pushed https://github.com/br0ziliy/ultimate-docker-openvpn-ssh/commit/c9e2e93484178900a85b7d8ab3701b1ed57bc720 to master, please try now. It will either fix your issue, or provide a bit more details to help us debug further.
DeflateAwning
commented
1 year ago I'm having this same issue. I can't get it to connect.
docker run -v C:\Users\.../vpn_configs/:/vpn_configs -it --cap-add NET_ADMIN -p 22222:22 --env DVPN_CONFIG=vpn-config.ovpn docker-vpnOpenVPN config in use: vpn-config.ovpn
.............................................................Could not connect - timeout
2023-03-22 17:45:50 OpenVPN 2.5.8 x86_64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Nov 2 2022
2023-03-22 17:45:50 library versions: OpenSSL 3.0.8 7 Feb 2023, LZO 2.10
2023-03-22 17:45:50 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-03-22 17:45:50 TCP/UDP: Preserving recently used remote address: [AF_INET]34.202.211.119:443
2023-03-22 17:45:50 Socket Buffers: R=[131072->131072] S=[16384->16384]
2023-03-22 17:45:50 Attempting to establish TCP connection with [AF_INET]34.202.211.119:443 [nonblock]
2023-03-22 17:45:50 TCP connection established with [AF_INET]34.202.211.119:443
2023-03-22 17:45:50 TCP_CLIENT link local: (not bound)
2023-03-22 17:45:50 TCP_CLIENT link remote: [AF_INET]34.202.211.119:443
2023-03-22 17:45:50 TLS: Initial packet from [AF_INET]34.202.211.119:443, sid=f5503357 b6adfcb0
2023-03-22 17:45:50 VERIFY OK: depth=1, CN=REDACTED
2023-03-22 17:45:50 VERIFY KU OK
2023-03-22 17:45:50 Validating certificate extended key usage
2023-03-22 17:45:50 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-03-22 17:45:50 VERIFY EKU OK
2023-03-22 17:45:50 VERIFY OK: depth=0, CN=REDACTED
2023-03-22 17:45:50 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2023-03-22 17:45:50 [REDACTED] Peer Connection Initiated with [AF_INET]34.202.211.119:443
2023-03-22 17:45:52 SENT CONTROL [REDACTED]: 'PUSH_REQUEST' (status=1)
2023-03-22 17:45:52 PUSH: Received control message: 'PUSH_REPLY,route 172.31.0.0 255.255.0.0,route-gateway 10.1.1.33,topology subnet,ping 1,ping-restart 20,ifconfig 10.1.1.34 255.255.255.224,peer-id 0,cipher AES-256-GCM'
2023-03-22 17:45:52 OPTIONS IMPORT: timers and/or timeouts modified
2023-03-22 17:45:52 OPTIONS IMPORT: --ifconfig/up options modified
2023-03-22 17:45:52 OPTIONS IMPORT: route options modified
2023-03-22 17:45:52 OPTIONS IMPORT: route-related options modified
2023-03-22 17:45:52 OPTIONS IMPORT: peer-id set
2023-03-22 17:45:52 OPTIONS IMPORT: adjusting link_mtu to 1626
2023-03-22 17:45:52 OPTIONS IMPORT: data channel crypto options modified
2023-03-22 17:45:52 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2023-03-22 17:45:52 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2023-03-22 17:45:52 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:02
2023-03-22 17:45:52 TUN/TAP device tun0 opened
2023-03-22 17:45:52 /sbin/ip link set dev tun0 up mtu 1500
2023-03-22 17:45:52 /sbin/ip link set dev tun0 up
2023-03-22 17:45:52 /sbin/ip addr add dev tun0 10.1.1.34/27
2023-03-22 17:45:52 /etc/openvpn/up.sh tun0 1500 1626 10.1.1.34 255.255.255.224 init
2023-03-22 17:45:52 /sbin/ip route add 172.31.0.0/16 via 10.1.1.33
2023-03-22 17:45:52 Initialization Sequence Completed@DeflateAwning Your OpenVPN output looks good, it's connecting; the container stops because for some reason ip r get 1.2.3.4 command does not report that a tunnel was created. I've just checked and all is working fine for me on a Mac...
If you'd like to help me debug it, could you please do the following:
docker run -v C:\Users\.../vpn_configs/:/vpn_configs -it --cap-add NET_ADMIN -p 22222:22 --env DVPN_CONFIG=vpn-config.ovpn --env DVPN_DEBUG=1 docker-vpn - this will give you a shell inside the container/usr/sbin/openvpn --config /vpn_configs/vpn-config.ovpn --log /var/log/openvpn.log --script-security 2 --up /etc/openvpn/up.sh --down /etc/openvpn/down.sh - this will exit immediately; run this command until you see Initialization Sequence Completed as last line (indicates successful connection): cat /var/log/openvpn.logps axfuww | grep bin/[o]penvpn; ip r get 1.2.3.4DeflateAwning
commented
1 year ago The second command (/usr/sbin/openvpn ...) never completes, and shows no output. Instead, I ran it in the background by appending an ampersand after the command.
cat /var/log/openvpn.log shows the same output as earlier.
Debug command output, with newlines between the two commands:
[debugging mode] / # ps axfuww | grep bin/[o]penvpn; echo ; echo ; echo ; ip r get 1.2.3.4
13 root 0:00 /usr/sbin/openvpn --config /vpn_configs/vpn-config.ovpn --log /var/log/openvpn.log --script-security 2 --up /etc/openvpn/up.sh --down /etc/openvpn/down.sh
1.2.3.4 via 172.17.0.1 dev eth0 src 172.17.0.2 uid 0
cache
[debugging mode] / #
I've followed the steps to set everything up. I downloaded the profile that my OpenVPN Connect OSX application is using to connect to the VPN (saved as vpn_configs/dev.ovpn). I'm getting the error Could not connect when I try to run the following command:
docker run -v $(pwd)/vpn_configs/:/vpn_configs -it --cap-add NET_ADMIN -p 22222:22 --env DVPN_CONFIG=dev.ovpn docker-vpnThis is the output of that command:
When I view the active connections on the VPN server it shows an active connection while that is setting up. Is there any obvious error that could be causing this or any tips on debugging it?