search

pieterlange / kube-openvpn

:closed_lock_with_key: Kubernetes native OpenVPN
MIT License
383 stars 57 forks source link

ovpn for AWS elb #29

Closed cemo closed 7 years ago

cemo commented 7 years ago

I have some problems regarding setting up a ovpn file behind AWS ELB. The generated file is unfortunately is not able provide access to our vpn server.

The charts is used by helm in charts repo of kubernetes has a different way of setting up ovpn. See please [setup-certs.sh] [setup-certs.sh]: https://github.com/kubernetes/charts/blob/master/stable/openvpn/templates/config-openvpn.yaml

I also see some logs on my server like:

Sat Feb 18 00:22:24 2017 TCP connection established with [AF_INET]10.2.8.0:64377
Sat Feb 18 00:22:24 2017 10.2.8.0:64377 TCP connection established with [AF_INET]10.2.11.0:50548
Sat Feb 18 00:22:24 2017 10.2.8.0:64377 Connection reset, restarting [0]
Sat Feb 18 00:22:24 2017 10.2.8.0:64377 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sat Feb 18 00:22:24 2017 10.2.11.0:50548 Connection reset, restarting [0]
Sat Feb 18 00:22:24 2017 10.2.11.0:50548 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sat Feb 18 00:22:53 2017 TCP connection established with [AF_INET]10.2.58.1:61093
Sat Feb 18 00:22:53 2017 10.2.58.1:61093 Connection reset, restarting [0]
Sat Feb 18 00:22:53 2017 10.2.58.1:61093 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sat Feb 18 00:22:53 2017 TCP connection established with [AF_INET]10.2.27.0:11860
Sat Feb 18 00:22:53 2017 10.2.27.0:11860 TCP connection established with [AF_INET]10.2.11.0:22752
Sat Feb 18 00:22:53 2017 10.2.27.0:11860 Connection reset, restarting [0]
Sat Feb 18 00:22:53 2017 10.2.27.0:11860 SIGUSR1[soft,connection-reset] received, client-instance restarting
Sat Feb 18 00:22:53 2017 TCP connection established with [AF_INET]10.2.8.0:16462

But I have poor knowledge of VPN and don't know the details. Would you help me please? :)

pieterlange commented 7 years ago

In order to help you i'd like you to reproduce how you have set up kube-openvpn and how you generated your client configuration.

The client logs might provide more info as to what's wrong too.

As a last resort you can try starting the deployment with the DEBUG variable set, which will log the entire openvpn initialization and connection setup, but that shouldn't be necessary under normal circumstances.

cemo commented 7 years ago

Was my fault. I had put in a wrong subnet ELB. Found hardly. Thanks.

khawaga commented 6 years ago

@cemo Can you please tell us the solution? I'm having the same issue.

cemo commented 6 years ago

I remember that I put ELB in a private subnet. ELB should be in public subnet.