I've followed the steps to set everything up. I downloaded the profile that my OpenVPN Connect OSX application is using to connect to the VPN (saved as vpn_configs/dev.ovpn). I'm getting the error Could not connect when I try to run the following command:
.............................................................Could not connect
2021-11-12 18:27:32 OpenVPN 2.5.2 aarch64-alpine-linux-musl [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on May 4 2021
2021-11-12 18:27:32 library versions: OpenSSL 1.1.1l 24 Aug 2021, LZO 2.10
2021-11-12 18:28:11 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2021-11-12 18:28:11 Outgoing Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
2021-11-12 18:28:11 Outgoing Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
2021-11-12 18:28:11 Incoming Control Channel Encryption: Cipher 'AES-256-CTR' initialized with 256 bit key
2021-11-12 18:28:11 Incoming Control Channel Encryption: Using 256 bit message hash 'SHA256' for HMAC authentication
2021-11-12 18:28:11 TCP/UDP: Preserving recently used remote address: [AF_INET]<IP_ADDRESS>:1194
2021-11-12 18:28:11 Socket Buffers: R=[212992->212992] S=[212992->212992]
2021-11-12 18:28:11 UDP link local: (not bound)
2021-11-12 18:28:11 UDP link remote: [AF_INET]<IP_ADDRESS>:1194
2021-11-12 18:28:11 TLS: Initial packet from [AF_INET]<IP_ADDRESS>:1194, sid=ef5b5968 f8e0f2a6
2021-11-12 18:28:11 VERIFY OK: depth=1, CN=OpenVPN CA
2021-11-12 18:28:11 VERIFY KU OK
2021-11-12 18:28:11 Validating certificate extended key usage
2021-11-12 18:28:11 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2021-11-12 18:28:11 VERIFY EKU OK
2021-11-12 18:28:11 VERIFY OK: depth=0, CN=OpenVPN Server
2021-11-12 18:28:11 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2021-11-12 18:28:11 [OpenVPN Server] Peer Connection Initiated with [AF_INET]<IP_ADDRESS>:1194
2021-11-12 18:28:11 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 12,ping-restart 50,redirect-private def1,redirect-private bypass-dhcp,redirect-private autolocal,redirect-private bypass-dns,route-gateway 172.27.232.1,route 172.27.224.0 255.255.240.0,route 10.1.0.0 255.255.0.0,block-ipv6,ifconfig 172.27.232.27 255.255.252.0,peer-id 0,auth-tokenSESS_ID,cipher AES-256-GCM'
2021-11-12 18:28:11 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.5.2)
2021-11-12 18:28:11 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.5.2)
2021-11-12 18:28:11 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.5.2)
2021-11-12 18:28:11 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2021-11-12 18:28:11 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2021-11-12 18:28:11 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2021-11-12 18:28:11 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2021-11-12 18:28:11 OPTIONS IMPORT: timers and/or timeouts modified
2021-11-12 18:28:11 OPTIONS IMPORT: explicit notify parm(s) modified
2021-11-12 18:28:11 OPTIONS IMPORT: --ifconfig/up options modified
2021-11-12 18:28:11 OPTIONS IMPORT: route options modified
2021-11-12 18:28:11 OPTIONS IMPORT: route-related options modified
2021-11-12 18:28:11 OPTIONS IMPORT: peer-id set
2021-11-12 18:28:11 OPTIONS IMPORT: adjusting link_mtu to 1624
2021-11-12 18:28:11 OPTIONS IMPORT: data channel crypto options modified
2021-11-12 18:28:11 Data Channel: using negotiated cipher 'AES-256-GCM'
2021-11-12 18:28:11 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-11-12 18:28:11 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2021-11-12 18:28:11 ROUTE_GATEWAY 172.17.0.1/255.255.0.0 IFACE=eth0 HWADDR=02:42:ac:11:00:02
2021-11-12 18:28:11 TUN/TAP device tun0 opened
2021-11-12 18:28:11 /sbin/ip link set dev tun0 up mtu 1500
2021-11-12 18:28:11 /sbin/ip link set dev tun0 up
2021-11-12 18:28:11 /sbin/ip addr add dev tun0 172.27.232.27/22
2021-11-12 18:28:11 /etc/openvpn/up.sh tun0 1500 1552 172.27.232.27 255.255.252.0 init
2021-11-12 18:28:16 ROUTE remote_host is NOT LOCAL
2021-11-12 18:28:16 /sbin/ip route add <IP_ADDRESS>/32 via 172.17.0.1
2021-11-12 18:28:16 /sbin/ip route add 172.27.224.0/20 metric 101 via 172.27.232.1
2021-11-12 18:28:16 /sbin/ip route add 10.1.0.0/16 metric 101 via 172.27.232.1
2021-11-12 18:28:16 Initialization Sequence Completed
When I view the active connections on the VPN server it shows an active connection while that is setting up. Is there any obvious error that could be causing this or any tips on debugging it?
I've followed the steps to set everything up. I downloaded the profile that my OpenVPN Connect OSX application is using to connect to the VPN (saved as vpn_configs/dev.ovpn). I'm getting the error Could not connect when I try to run the following command:
docker run -v $(pwd)/vpn_configs/:/vpn_configs -it --cap-add NET_ADMIN -p 22222:22 --env DVPN_CONFIG=dev.ovpn docker-vpnThis is the output of that command:
When I view the active connections on the VPN server it shows an active connection while that is setting up. Is there any obvious error that could be causing this or any tips on debugging it?