The content of this topic has been archived on 1 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
Hello OpenVPN community,
i have a Problem with my OpenVPN... When I try to run it with
user nobody
group nogroupit crashs because OpenVPN restarts itself and try to bind the TCP socket (which is not possible becaus of the permissions) I read the OpenVPN manpage and noticed that this is the normal behavior in TCP mode but this also happens in UDP mode. So my question how to run OpenVPN under OpenWRT as unprivileged user?
Hovy
I've never encountered it in UDP mode (never ran TCP). Maybe some other setting is producing the restart?
Here's how I'm running: http://forum.openwrt.org/viewtopic.php?id=9609
Hmm, my config file looks like yours, but im using the tun device maybe this is the problem...
This is everythink the manpages says:
--proto p
Use protocol p for communicating with remote host.
p can be udp, tcp-client, or tcp-server
[...]
A peer started
with tcp-client will attempt to connect, and if
that fails, will sleep for 5 seconds (adjustable
via the --connect-retry option) and try again.
Both TCP client and server will simulate a SIGUSR1
restart signal if either side resets the connec-
tion.im also using persist-tun and key but the nobody, nogroup command located at the beginning of my config and the --deamon is called by my init script with openvpn --deamon --config /etc/server.ovpn
I will try it a little bit longer an then post my experiances here..
Hovy
I have the same config - I was following the OpenVPN-Tun Howto in the Documentation Section and I am using Port 443 TCP. Same problem
user nobody
group nogroup
Deamon crashs after client connect / disconnect..its working a few times, then it crashs after a disconnect / connect try.
I've always heard TCP packaged inside TCP has its own set of problems - especially with any kind of packet loss. For this reason I've only used UDP. I wonder... if you are seeing part of this phenomena.
If you change to UDP does the problem go away?
I have tested it two days with UDP (Standard Port) - it worked without disconnect / OpenVPN crash.
But I want to have it running on Port 443 TCP to bypass all restrictive firewalls, so I will give another config change a try, will post if I have success.
Greetz
fireandy
Ok I have changed some parameters in my server config, now tcp is working fine on port 443:
port 443
proto tcp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/server.crt
key /etc/openvpn/server/server.key
dh /etc/openvpn/server/dh2048.pem
server 10.8.0.0 255.255.255.0
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 10.8.0.1"
push "dhcp-option WINS 10.8.0.1"
client-to-client
keepalive 10 120
tls-auth /etc/openvpn/server/shared.key 0
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
ping-timer-rem
status /etc/openvpn/server/openvpn-status.log
verb 4Greetz
fireandy
(Last edited by fireandy on 3 Jul 2007, 15:38)
The discussion might have continued from here.