Запуск OpenVPN
Centos7
Проблемы на самом деле у меня две:
Первая -
openvpn --config /etc/openvpn/server.conf - так openvpn запускается и клиент коннектится
systemctl start openvpn@server - так выпадает с ошибкой
systemctl status openvpn@server
● openvpn@u7wrm89.service - OpenVPN Robust And Highly Flexible Tunneling Application On server
Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; enabled; vendor preset: disabled)
Active: failed (Result: exit-code) since Fri 2018-07-13 06:51:18 EDT; 13s ago
Process: 2324 ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/ --config %i.conf (code=exited, status=1/FAILURE)
Main PID: 2324 (code=exited, status=1/FAILURE)
Jul 13 06:51:18 server systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application On server...
Jul 13 06:51:18 server openvpn[2324]: Options error: In [CMD-LINE]:1: Error opening configuration file: server.conf
Jul 13 06:51:18 server openvpn[2324]: Use --help for more information.
Jul 13 06:51:18 server systemd[1]: openvpn@server.service: main process exited, code=exited, status=1/FAILURE
Jul 13 06:51:18 server systemd[1]: Failed to start OpenVPN Robust And Highly Flexible Tunneling Application On server.
Jul 13 06:51:18 server systemd[1]: Unit openvpn@server.service entered failed state.
Jul 13 06:51:18 server systemd[1]: openvpn@server.service failed.
Feriwalld выключен, SElinux тоже.
# This file controls the state of SELinux on the system.
# SELINUX= can take one of these three values:
# enforcing - SELinux security policy is enforced.
# permissive - SELinux prints warnings instead of enforcing.
# disabled - No SELinux policy is loaded.
SELINUX=disabled
# SELINUXTYPE= can take one of these two values:
# targeted - Targeted processes are protected,
# minimum - Modification of targeted policy. Only selected processes are protected.
# mls - Multi Level Security protection.
SELINUXTYPE=targeted
log openvpn
cat /var/log/openvpn.log
Fri Jul 13 06:52:21 2018 OpenVPN 2.4.6 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Apr 26 2018
Fri Jul 13 06:52:21 2018 library versions: OpenSSL 1.0.2k-fips 26 Jan 2017, LZO 2.06
Fri Jul 13 06:52:21 2018 Diffie-Hellman initialized with 2048 bit key
Fri Jul 13 06:52:21 2018 TUN/TAP device tun0 opened
Fri Jul 13 06:52:21 2018 TUN/TAP TX queue length set to 100
Fri Jul 13 06:52:21 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Jul 13 06:52:21 2018 /sbin/ip link set dev tun0 up mtu 1500
Fri Jul 13 06:52:21 2018 /sbin/ip addr add dev tun0
192.168.50.1/24 broadcast 192.168.50.255
Fri Jul 13 06:52:21 2018 Could not determine IPv4/IPv6 protocol. Using AF_INET
Fri Jul 13 06:52:21 2018 Socket Buffers: R=[212992->212992] S=[212992->212992]
Fri Jul 13 06:52:21 2018 UDPv4 link local (bound): [AF_INET][undef]:1194
Fri Jul 13 06:52:21 2018 UDPv4 link remote: [AF_UNSPEC]
Fri Jul 13 06:52:21 2018 GID set to nobody
Fri Jul 13 06:52:21 2018 UID set to nobody
Fri Jul 13 06:52:21 2018 MULTI: multi_init called, r=256 v=256
Fri Jul 13 06:52:21 2018 IFCONFIG POOL: base=192.168.50.2 size=252, ipv6=0
Fri Jul 13 06:52:21 2018 IFCONFIG POOL LIST
Fri Jul 13 06:52:21 2018 Initialization Sequence Completed
Fri Jul 13 06:52:28 2018 event_wait : Interrupted system call (code=4)
Fri Jul 13 06:52:29 2018 event_wait : Interrupted system call (code=4)
Fri Jul 13 06:52:29 2018 Closing TUN/TAP interface
Fri Jul 13 06:52:29 2018 /sbin/ip addr del dev tun0
192.168.50.1/24
RTNETLINK answers: Operation not permitted
Fri Jul 13 06:52:29 2018 Linux ip addr del failed: external program exited with error status: 2
Fri Jul 13 06:52:29 2018 SIGINT[hard,] received, process exiting
Вторая - палится IP провайдера моего, а не ВПН. Но это надо NAT и iptables. Мне бы пока с первым решить.