Open vpn config preventing service from running



  • open vpn config preventing service from running

    Jan 8 22:51:43 php-fpm 69236 /status_services.php: The command '/usr/local/sbin/openvpn –config '/var/etc/openvpn/server1.conf'' returned exit code '1', the output was 'Sun Jan 8 22:51:43 2017 Note: option tun-ipv6 is ignored because modern operating systems do not need special IPv6 tun handling anymore.'



  • heres config sanitized

    dev ovpns1
    verb 1
    dev-type tun
    tun-ipv6
    dev-node /dev/tun1
    writepid /var/run/openvpn_server1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-256-CBC
    auth SHA1
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    client-connect /usr/local/sbin/openvpn.attributes.sh
    client-disconnect /usr/local/sbin/openvpn.attributes.sh
    local xxx.xxx.xxx.xxx
    engine cryptodev
    tls-server
    server 192.168.xx.1 255.255.255.0
    client-config-dir /var/etc/openvpn-csc/server1
    username-as-common-name
    auth-user-pass-verify "/usr/local/sbin/ovpn_auth_verify user xxxxxxxxxxxxx= false server1 1194" via-env
    tls-verify "/usr/local/sbin/ovpn_auth_verify tls 'xxxxx+xxxxx+xxxxx+xxxxx' 1"
    lport 1194
    management /var/etc/openvpn/server1.sock unix
    push "route 192.168.x.1 255.255.255.0"
    client-to-client
    ca /var/etc/openvpn/server1.ca
    cert /var/etc/openvpn/server1.cert
    key /var/etc/openvpn/server1.key
    dh /etc/dh-parameters.1024
    tls-auth /var/etc/openvpn/server1.tls-auth 0
    persist-remote-ip
    float
    topology subnet


  • Rebel Alliance Developer Netgate

    Any other errors when you run that command by hand?

    the tun-ipv6 message is a non-fatal warning. It wouldn't cause OpenVPN to fail or exit. It only ignores the directive in that version.



  • not good with cli not sure howto do that



  • ok enter in cli no just what was in syslog



  • reran wizard on create a new openvpn server and get same error when try to start service

    2.3.3-DEVELOPMENT (amd64)
    built on Fri Jan 06 15:29:16 CST 2017 e
    FreeBSD 10.3-RELEASE-p12



  • created manually works I will try and find time to diff against wizard


  • Rebel Alliance Developer Netgate

    It works fine when I use the wizard.

    Two things I noticed: In the tunnel network and route you listed "192.168.x.1" when it must end in .0

    If that doesn't help, you'll have to state the exact wizard inputs you used without masking any of the information.



  • follow up
    it was as you noticed 192.168.x.1 issues where it should have been a .0 also had not noticed last night and should have all info was right in syslog under openvpn tab (kinda embarrassing) can't even guess how many times I use that page but first time with openvpn so guess my eye glanced right over it


Log in to reply