PiVPN and fail2ban

Have some feedback, questions, suggestions, or just fancy a chat? Pop it in here.
Post Reply
raysson
Posts: 3
Joined: Tue Jun 27, 2017 10:14 pm

PiVPN and fail2ban

Post by raysson »

Hello,

i would like to secure the PiVPN-Server with fail2ban.

I used instructions for OpenVPN, but they did not work.

What i have done:

Create a file /etc/fail2ban/jail.d/openvpn

Code: Select all

[openvpn]
enabled  = true
port     = 1194
protocol = udp
filter   = openvpn
logpath  = /var/log/openvpn.log
maxretry = 3
and create a file /etc/fail2ban/filter.d/openvpn.conf

Code: Select all

#Fail2Ban filter for selected OpenVPN rejections

[Definition]
failregex = ^ TLS Error: incoming packet authentication failed from \[AF_INET\]<HOST>:\d+$
            ^ <HOST>:\d+ Connection reset, restarting
            ^ <HOST>:\d+ TLS Auth Error
            ^ <HOST>:\d+ TLS Error: TLS handshake failed$
            ^ <HOST>:\d+ VERIFY ERROR

ignoreregex =

When i try to log into PiVPN using a wrong password, i can repeat endless.
There is some protection mechanism, because the time between every attempt is growing, but i would like to ban the IP.

When i check the logfile with

Code: Select all

tail -f /var/log/openvpn.log
then there are no entries about failing login attempts, so fail2ban can not react to them.

Has someone a solution or can tell me, where PiVPN is logging these informations.


Thank you very much.
Post Reply