Results 1 to 2 of 2

Thread: Changed Behaviour for OpenVPN in Latest Tumbleweed

  1. #1
    Paul NNTP User

    Default Changed Behaviour for OpenVPN in Latest Tumbleweed

    I installed my Tumbleweed server 3-4 months ago and the configuration
    below has worked until now. I run "zypper dup" every couple of weeks
    and after running this on Friday I've run into a problem. I'm not sure
    if this is an OpenVPN problem or a SuSE problem or something else so I'm
    starting here

    My server runs 2 instances of OpenVPN. One as a client to a VPN provider
    which sets the default gateway of my server to the VPN connection. All
    the rest of my PCs use this server as their default gateway, I NAT from
    the internal to the VPN connection and so all my PCs always send their
    traffic down the VPN

    The second instance is as an OpenVPN server which listens on UDP 1194
    (the default) for incoming connections and when connected allows me
    access to my PCs when I'm out in the field

    I also run a webserver on the server and have had no problems with this
    setup for several months

    After running zypper dup on Friday I have had 2 problems. The first was
    that the OpenVPN instances would not start as they were asking for the
    Private Key Password. I solved this by editing
    /etc/systemd/system/openvpn.target.wants/openvpn@.service and removing
    --askpass from the ExecStart line and then "systemctl daemon-reload"

    They now both start but if the client instance is connected then I can't
    access the server instance or the webserver from outside my network
    (they're available internally). If I shut down the client instance then
    everything is accessible from outside my network

    With both OpenVPN instances connected when I try to access my server
    then you can see the traffic arriving at the server (tcpdump port 1194
    -i any) but replies aren't being sent or they're lost somewhere before
    tcpdump can see them

    Hopefully someone out there can help with this as I'm running out of
    ideas how to fix this and it's quite a major issue for me

    If anyone needs more info please ask and thanks for reading

    Paul

  2. #2
    news NNTP User

    Default Re: Changed Behaviour for OpenVPN in Latest Tumbleweed

    I should also have said that my previously working setup used a single
    NIC and single IP address. I have also tried a second IP address in the
    same subnet and a different IP address in a different subnet and used
    these for the OpenVPN server instance and webserver. For each IP address
    I also tried the OpenVPN server options "local" and "multihome"
    individually and together - the results were as previously described
    Thanks

    Paul

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •