Open part-time-githubber opened 4 years ago
What exactly is your problem with this? Because I cannot get this to work either but for me it just says "authentication failed" on login...
I could get it to work finally. the sequence was something like -
export OVPN_DATA="ovpn-data-infra" docker volume create --name $OVPN_DATA docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://${google_compute_address.public_ip.address} -2 docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none -e EASYRSA_BATCH=1 --rm kylemanna/openvpn ovpn_initpki nopass
docker run --name openvpn -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN --rm kylemanna/openvpn
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn easyrsa build-client-full ${chomp(var.auth_id)} nopass sudo bash -c "docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm pankajmt/openvpn ovpn_otp_user ${chomp(var.auth_id)} > /var/static/${chomp(var.auth_id)}_secret.txt" sudo bash -c "docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_getclient ${chomp(var.auth_id)} > /var/static/${chomp(var.auth_id)}.ovpn"
On Sun, Apr 26, 2020 at 7:09 AM PPillau notifications@github.com wrote:
What exactly is your problem with this? Because I cannot get this to work either but for me it just says "authentication failed" on login...
— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/kylemanna/docker-openvpn/issues/557#issuecomment-619441059, or unsubscribe https://github.com/notifications/unsubscribe-auth/AHVJHSRZCVJDW5X5CREOR5LRONGRFANCNFSM4LEBYPUA .
-- पंकज एम तोलानी
Pick a name for the $OVPN_DATA data volume container
OVPN_DATA="ovpn-data-example"
Initialize the $OVPN_DATA container that will hold the configuration files and certificates
docker volume rm $OVPN_DATA docker volume create --name $OVPN_DATA
Generate server configuration
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://100.64.19.178
Initialize the EasyRSA PKI
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none -e EASYRSA_BATCH=1 --rm kylemanna/openvpn ovpn_initpki nopass
Start OpenVPN server process
docker run --name openvpn -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN --rm kylemanna/openvpn
Generate your client certificate (possibly without a password since you're using OTP)
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full pankaj@example.com nopass
Retrieve the client configuration with embedded certificates
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_getclient pankaj@example.com > pankaj@example.com_1.ovpn
can connect using the downloaded vpn config
docker logs for open vpn server suggest AES-256-GCM being used
Mon Mar 9 04:40:59 2020 pankaj@example.com/172.17.0.1:55643 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key Mon Mar 9 04:40:59 2020 pankaj@example.com/172.17.0.1:55643 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Pick a name for the $OVPN_DATA data volume container
OVPN_DATA="ovpn-data-example"
Initialize the $OVPN_DATA container that will hold the configuration files and certificates
docker volume rm $OVPN_DATA docker volume create --name $OVPN_DATA
Generate server configuration with -2
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_genconfig -u udp://100.64.19.178 -2
Initialize the EasyRSA PKI
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none -e EASYRSA_BATCH=1 --rm kylemanna/openvpn ovpn_initpki nopass
Start OpenVPN server process
docker run --name openvpn -v $OVPN_DATA:/etc/openvpn -d -p 1194:1194/udp --cap-add=NET_ADMIN --rm kylemanna/openvpn
Generate your client certificate (possibly without a password since you're using OTP)
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn easyrsa build-client-full pankaj@example.com nopass
Generate authentication configuration for your client. -t is needed to show QR code, -i is optional for interactive usage
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm -it kylemanna/openvpn ovpn_otp_user pankaj@example.com
Retrieve the client configuration with embedded certificates
docker run -v $OVPN_DATA:/etc/openvpn --log-driver=none --rm kylemanna/openvpn ovpn_getclient pankaj@example.com > pankaj@example.com_2.ovpn
cannot connect using the downloaded vpn config
nothing in docker logs but testing with pamtester -v openvpn authenticate is good
how do i debug/fix two factor authentication?