Differences

This shows you the differences between two versions of the page.

--- linux:openvpn [2019/12/11 15:27] – niziak
+++ linux:openvpn [2020/10/19 15:50] – niziak
@@ Line 1: / Line 1: @@
+====== OpenVPN ======
 ====== Installation ======
-    * Put client configuration into /etc/openvpn/client/
+    * Put client configuration into ''/etc/openvpn/client/''
     * Start openvpn services <code bash>
 systemctl start openvpn-client@config-name
+systemctl status openvpn-client@config-name
 systemctl enable openvpn-client@config-name
 </code>
+NOTE: `openvpn-client@` service doesn't contain `restart`. To make sure your VPN is running:
+<code bash>systemctl edit openvpn-client@config-name</code>
+and enter following config:
+<code>
+[Service]
+Restart=always
+RestartSec=300
+</code>
+===== issue =====
+<code>
+openvpn[281925]: Failed to query password: Timer expired
+openvpn[281924]: ERROR: Failed retrieving username or password
+</code>
+Solution:
+<file | /etc/systemd/system/openvpn-client@.service.d/askpass.conf>
+[Service]
+ExecStart=
+ExecStart=/usr/sbin/openvpn --suppress-timestamps --askpass --nobind --config
+%i.conf
+</file>
 ===== Deprecated =====
@@ Line 110: / Line 139: @@
 MinProtocol = TLSv1
 </file>
+**Error**: File transfer stuck
+**Cause**: File transfer are using maximum packet size, which probably cannot fit to MTU limitataions
+**Solution**: Not tested, try params like:
+<file>
+# On one side of connection
+mssfix 1400
+# MTU on tunX interface
+# has to be set on both sides
+tun-mtu 1400
+</file>
+More:
+  * [[https://community.openvpn.net/openvpn/wiki/271-i-can-ping-through-the-tunnel-but-any-real-work-causes-it-to-lock-up-is-this-an-mtu-problem]]
+  * [[https://www.sonassi.com/help/troubleshooting/setting-correct-mtu-for-openvpn|Setting correct MTU for OpenVPN]]
 ====== rsyslog ======
 <file txt /etc/rsyslog.d/20-ovpn.conf>

Tools

menus and quick search

quick search

site status

Page Tools

meta data for this page

Differences