Hello,
i would like to secure the PiVPN-Server with fail2ban.
I used instructions for OpenVPN, but they did not work.
What i have done:
Create a file /etc/fail2ban/jail.d/openvpn
[openvpn]
enabled = true
port = 1194
protocol = udp
filter = openvpn
logpath = /var/log/openvpn.log
maxretry = 3
and create a file /etc/fail2ban/filter.d/openvpn.conf
#Fail2Ban filter for selected OpenVPN rejections
[Definition]
failregex = ^ TLS Error: incoming packet authentication failed from \[AF_INET\]<HOST>:\d+$
^ <HOST>:\d+ Connection reset, restarting
^ <HOST>:\d+ TLS Auth Error
^ <HOST>:\d+ TLS Error: TLS handshake failed$
^ <HOST>:\d+ VERIFY ERROR
ignoreregex =
When i try to log into PiVPN using a wrong password, i can repeat endless.
There is some protection mechanism, because the time between every attempt is growing, but i would like to ban the IP.
When i check the logfile with
tail -f /var/log/openvpn.log
then there are no entries about failing login attempts, so fail2ban can not react to them.
Has someone a solution or can tell me, where PiVPN is logging these informations.
Thank you very much.