I installed my Tumbleweed server 3-4 months ago and the configuration
below has worked until now. I run “zypper dup” every couple of weeks
and after running this on Friday I’ve run into a problem. I’m not sure
if this is an OpenVPN problem or a SuSE problem or something else so I’m
starting here
My server runs 2 instances of OpenVPN. One as a client to a VPN provider
which sets the default gateway of my server to the VPN connection. All
the rest of my PCs use this server as their default gateway, I NAT from
the internal to the VPN connection and so all my PCs always send their
traffic down the VPN
The second instance is as an OpenVPN server which listens on UDP 1194
(the default) for incoming connections and when connected allows me
access to my PCs when I’m out in the field
I also run a webserver on the server and have had no problems with this
setup for several months
After running zypper dup on Friday I have had 2 problems. The first was
that the OpenVPN instances would not start as they were asking for the
Private Key Password. I solved this by editing
/etc/systemd/system/openvpn.target.wants/openvpn@.service and removing
–askpass from the ExecStart line and then “systemctl daemon-reload”
They now both start but if the client instance is connected then I can’t
access the server instance or the webserver from outside my network
(they’re available internally). If I shut down the client instance then
everything is accessible from outside my network
With both OpenVPN instances connected when I try to access my server
then you can see the traffic arriving at the server (tcpdump port 1194
-i any) but replies aren’t being sent or they’re lost somewhere before
tcpdump can see them
Hopefully someone out there can help with this as I’m running out of
ideas how to fix this and it’s quite a major issue for me
If anyone needs more info please ask and thanks for reading
Paul