PiVPN not connecting externally..

Having issues with your DietPi installation or found a bug? Post it here.
SiCKFoRM
Posts: 5
Joined: Thu Feb 04, 2021 12:13 am

PiVPN not connecting externally..

Post by SiCKFoRM »

The keys seem to work over LAN but for some reason I can not connect externally.

My router is set up correctly but I am not sure what happened this time around (I had to fresh install due to a HHD failure which caused a failed boot)..

I checked all ports with an online tester.
1194 (the default) shows that I can not connect as the port is closed.

I checked in server.conf and changed a couple of settings:
dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/*****.crt
key /etc/openvpn/easy-rsa/pki/private/*****.key
dh none
ecdh-curve prime256v1
topology subnet
server ************ 255.255.255.0 <<< ************ This is the IP of my internal RPi
# Set your primary domain name server address for clients
push "dhcp-option DOMAIN *****.ddns.net"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
# Prevent DNS leaks on Windows
push "block-outside-dns"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
client-config-dir /etc/openvpn/ccd
keepalive 15 120
remote-cert-tls client
tls-version-min 1.2
tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 3
#DuplicateCNs allow access control on a less-granular, per user basis.
#Remove # if you will manage access by user instead of device.
#duplicate-cn
# Generated for use by PiVPN.io
I am not sure what else to do at this point.

I had everything working great before the crash, and now I just can't seem to get it to work at all.

I've tried reinstalling multiple times, and still no dice.

I am not sure what else to do at this point.

I have all the other installs I wish for installed and working correctly, I am trying to avoid yet another fresh install.

Any light on this would be great.

Thanks in advance!
Last edited by SiCKFoRM on Sat Feb 06, 2021 12:43 am, edited 2 times in total.
User avatar
Joulinar
Posts: 3703
Joined: Sat Nov 16, 2019 12:49 am

Re: PiVPN not connecting externally..

Post by Joulinar »

Hi,

I'm not using PiPVN/OpenPVN but probably PiVPN created a new client configuration file. Did you upload this on client side as well?
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
SiCKFoRM
Posts: 5
Joined: Thu Feb 04, 2021 12:13 am

Re: PiVPN not connecting externally..

Post by SiCKFoRM »

Yes.

But it refuses... (The key, which works locally)

It was a fresh install, so not sure why I can't get it to work externally now.

I can open over LAN / the key works great.

I've checked through loads of forums etc, but everything I have tried does not seem to work.

I do not believe it to be a key issue.

It seems to be a port related issue?

I'm just wondering if there is a way I can return everything to default in terms of routing / firewall etc without disturbing other installations?
User avatar
Joulinar
Posts: 3703
Joined: Sat Nov 16, 2019 12:49 am

Re: PiVPN not connecting externally..

Post by Joulinar »

I tested PiVPN/OpenVPN and for me it was working well. Just to be sure, let's check following
  1. your router is forwarding port 1194 UDP (not TCP) correctly?
  2. OpenVPN is LISTEN on correct port?

    Code: Select all

    ss -tulpn |grep openvpn
  3. your client config file contains correct DDNS/external IP address?

    Code: Select all

    cat /home/dietpi/ovpns/<your_file>.ovpn | grep 1194
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
User avatar
trendy
Posts: 220
Joined: Tue Feb 25, 2020 2:54 pm

Re: PiVPN not connecting externally..

Post by trendy »

You could also check the logs for any useful hint.
SiCKFoRM
Posts: 5
Joined: Thu Feb 04, 2021 12:13 am

Re: PiVPN not connecting externally..

Post by SiCKFoRM »

your router is forwarding port 1194 UDP (not TCP) correctly?
Yes. I have both TCP and UDP open and forwarded to the correct IP address.
OpenVPN is LISTEN on correct port?
I have it set to the default 1194. This is matched in my router settings.

When I use

Code: Select all

ss -tulpn |grep openvpn
I get zero echo / readout.
It just moves on to the next line. This is regardless of using sudo / root.
your client config file contains correct DDNS/external IP address?
I am using no-ip to forward as my public domain and pointing in.
I have cloudFlare pointing out for searches.

When using

Code: Select all

cat /home/***/ovpns/***.ovpn | grep 1194
I get back:
remote ***.ddns.net 1194

I believe this to be correct ( *** == hidden / private details).
User avatar
Joulinar
Posts: 3703
Joined: Sat Nov 16, 2019 12:49 am

Re: PiVPN not connecting externally..

Post by Joulinar »

I believe this to be correct
Well, you are the only one who knows if this is correct ;) . You can check if the NoIP DDNS is correctly set and pointing to your external IP your router has.

As connection is working inside your network (according your info), the issue doesn't seems to be with DietPi
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
User avatar
trendy
Posts: 220
Joined: Tue Feb 25, 2020 2:54 pm

Re: PiVPN not connecting externally..

Post by trendy »

SiCKFoRM wrote: Fri Feb 05, 2021 1:31 am When I use

Code: Select all

ss -tulpn |grep openvpn
I get zero echo / readout.
It just moves on to the next line. This is regardless of using sudo / root.
This means that the server is not running.
Check the logs.
SiCKFoRM
Posts: 5
Joined: Thu Feb 04, 2021 12:13 am

Re: PiVPN not connecting externally..

Post by SiCKFoRM »

Now this is odd..

I checked the logs, and for both openvpn files that I could find, there was zero information in them.

I then ran

Code: Select all

sudo ps -A
and openvpn is nowhere to be found!

So then I opened dietpi-services, and it says that openvpn is running??

I tried to uninstall, and openvpn still appears in services as inactive, despite an uninstall and reboot.

After unistalling a second time it then doesn't appear in installations, but still does in processes as "inactive".

I am really not sure what has happened here, so have decided to bite the bullet, back up the entire system, backup all configs of known working installs, and returning everything to scratch, attempting to install piVPN first and making sure this works.

I am not sure if this is a bug or something I have done by accident, but wish me luck!
User avatar
Joulinar
Posts: 3703
Joined: Sat Nov 16, 2019 12:49 am

Re: PiVPN not connecting externally..

Post by Joulinar »

usually PiVPN is working and I verified it this week. PiVPN will install OpenVPN if selected during PiVPN installation process.
Pls let us know if a solution is working. This could help others if they hit by similar situation. Your DietPi Team
Post Reply