Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Client & Server unable to run simultaneously

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dplat
      last edited by

      Hey,

      I have an OpenVPN client tcp port 443 (to connect to a VPN service).
      I also have an OpenVPN server tcp port 8080.

      Each of them work OK, except if I try to enable them both  >:(

      What could possibly prevent a server from running when a client is, and vice versa?

      Thanks!

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Some other setting that is the same on both - maybe the same tunnel network has been used?

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • D
          dplat
          last edited by

          Hey Phil! How you're doin'?

          Here is the server:

          dev ovpns1
          dev-type tun
          tun-ipv6
          dev-node /dev/tun1
          writepid /var/run/openvpn_server1.pid
          script-security 3
          daemon
          keepalive 10 60
          ping-timer-rem
          persist-tun
          persist-key
          proto tcp-server
          cipher AES-256-CBC
          up /usr/local/sbin/ovpn-linkup
          down /usr/local/sbin/ovpn-linkdown
          local 11.22.33.44.55
          tls-server
          server 10.2.6.0 255.255.255.248
          client-config-dir /var/etc/openvpn-csc
          tls-verify /var/etc/openvpn/server1.tls-verify.php
          lport 8080
          management /var/etc/openvpn/server1.sock unix
          max-clients 1
          push "dhcp-option DNS 8.8.8.8"
          push "dhcp-option DNS 8.8.4.4"
          push "redirect-gateway def1"
          ca /var/etc/openvpn/server1.ca
          cert /var/etc/openvpn/server1.cert
          key /var/etc/openvpn/server1.key
          dh /etc/dh-parameters.4096
          tls-auth /var/etc/openvpn/server1.tls-auth 0
          comp-lzo
          persist-remote-ip
          float
          topology subnet

          Here is the client :

          dev ovpnc3
          dev-type tun
          tun-ipv6
          dev-node /dev/tun3
          writepid /var/run/openvpn_client3.pid
          script-security 3
          daemon
          keepalive 10 60
          ping-timer-rem
          persist-tun
          persist-key
          proto tcp-client
          cipher BF-CBC
          up /usr/local/sbin/ovpn-linkup
          down /usr/local/sbin/ovpn-linkdown
          local 11.22.33.44.55
          tls-client
          client
          lport 0
          management /var/etc/openvpn/client3.sock unix
          remote 99.88.77.66.55 443
          ca /var/etc/openvpn/client3.ca
          cert /var/etc/openvpn/client3.cert
          key /var/etc/openvpn/client3.key
          comp-lzo
          resolv-retry infinite
          persist-key
          persist-tun
          verb 3
          remote-cert-tls server

          Thanks!

          1 Reply Last reply Reply Quote 0
          • P
            phil.davis
            last edited by

            I can't see anything obvious wrong with those. (Obviously you have cleansed the public IPs)
            If you stop the server and start the client, what tunnel network does the client get from the VPN provider?

            If they are both enabled, which/what exactly does not work?

            and what does the routing table look like with each enabled individually, and with both enabled?

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • D
              dplat
              last edited by

              Phil,
              I really don't know what happened but since I rebooted, it now works!
              Sorry for the waste of time!
              Regards

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.