SOLVED OpenVPN says Starting but status says it has not.

[Vince]

Hi,

i just installed openvpn from this guide: https://forums.freenas.org/index.ph...-6-with-access-to-remote-hosts-via-nat.22873/

but realized that the new easyrsa had a different setup (didn't have to source var) so i followed this work around: https://forums.freenas.org/index.php?threads/how-to-set-up-openvpn-server-on-freenas-9-3.40862/
When I try to start openvpn it says it is starting but when i check it's status it's not running!

when i start openvpn it says:

Code:

root@OpenVPN:/usr/local/etc/rc.d # service openvpn start

Starting openvpn.

but when i check status it didn't start!:

Code:

root@OpenVPN:/usr/local/etc/rc.d # service openvpn status

openvpn is not running.

root@OpenVPN:/usr/local/etc/rc.d #

OpenVPN Config:

Code:

port 1194
proto udp
dev tun
ca /mnt/openvpn/keys/ca.crt
cert /mnt/openvpn/keys/openvpn-server.crt #Server key created previously
key /mnt/openvpn/keys/openvpn-server.key
dh /mnt/openvpn/keys/dh2048.pem #Diffie-Hellman parameters are now 2048 bits long
server 10.8.0.0 255.255.255.0 #Purple network
ifconfig-pool-persist ipp.txt
push "route 10.0.0.0 255.255.255.0" #Yellow network
route 192.168.1.2 255.255.255.0 10.8.0.1 #Routes traffic from the Yellow network side $
                                      #to the Purple network side (10.8.0.0/24)
#tls-auth /mnt/openvpn/keys/auth.key 0
#crl-verify /mnt/openvpn/keys/crl.pem
keepalive 10 120
group nobody
user nobody
comp-lzo
persist-key
persist-tun
verb 7

here is my /etc/rc.conf

Code:

apache22_enable="YES"
sshd_enable="YES"
vboxwebsrv_user="vbox"
vboxwebsrv_enable="YES"
inet6_enable="YES"
ip6addrctl_enable="YES"
openvpn_enable="YES"
openvpn_if="tun"
openvpn_configfile="/mnt/openvpn/openvpn.conf"
openvpn_dir="/mnt/openvpn"
cloned_interfaces="tun"
gateway_enable="YES"
firewall_enable="YES"
firewall_script="/usr/local/etc/ipfw.rules"

here is my ipfw.rules

Code:

#!/bin/sh

EPAIR=$(/sbin/ifconfig -l | tr " " "\n" | /usr/bin/grep epair)
ipfw -q -f flush
ipfw -q nat 1 config if ${EPAIR}
ipfw -q add nat 1 all from 10.8.0.0/24 to any out via ${EPAIR}
ipfw -q add nat 1 all from any to any in via ${EPAIR}

TUN=$(/sbin/ifconfig -l | tr " " "\n" | /usr/bin/grep tun)
ifconfig ${TUN} name tun0

 

[Vince]

bump

 

[Vince]

I decided to try using a older version of openvpn and everything worked! :D
This was a temp work-around. If there is a real solution that would be helpful.

 

[dlavigne]

It depends what error messages showed up in /var/log/messages when it failed...

 

[Vince]

[removed message]

 

[Vince]

I believe this is the part where the error happened

Code:

root@openvpn:/ # tail /var/log/messages
Feb  8 11:31:33 openvpn openvpn[36250]: Diffie-Hellman initialized with 2048 bit key
Feb  8 11:31:53 openvpn openvpn[36265]: OpenVPN 2.3.10 amd64-portbld-freebsd9.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Feb  1 2016
Feb  8 11:31:53 openvpn openvpn[36265]: library versions: OpenSSL 0.9.8y 5 Feb 2013, LZO 2.09
Feb  8 11:31:53 openvpn openvpn[36266]: Diffie-Hellman initialized with 2048 bit key
Feb  8 11:32:09 openvpn syslogd: exiting on signal 15
Feb  8 11:32:20 openvpn syslogd: kernel boot file is /boot/kernel/kernel
Feb  8 11:32:20 openvpn openvpn[38676]: OpenVPN 2.3.10 amd64-portbld-freebsd9.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Feb  1 2016
Feb  8 11:32:20 openvpn openvpn[38676]: library versions: OpenSSL 0.9.8y 5 Feb 2013, LZO 2.09
Feb  8 11:32:20 openvpn openvpn[38677]: Diffie-Hellman initialized with 2048 bit key
Feb  8 11:32:21 openvpn root: /etc/rc: WARNING: failed to start apache22
root@openvpn:/ #

 

[Vince]

bump

 

[Vince]

ok. Just to let everybody know the only solution right now is to install openvpn but downgrade after by forcing the install of a older openvpn.