openvpn-install icon indicating copy to clipboard operation
openvpn-install copied to clipboard

Published 20 hours ago verified publisher icon angristan

In Oracle Linux (OCI free tire), OpenVPN didn't work after reboot.

Open dongfang-a opened this issue 4 years ago • 2 comments

Describe the issue

After the installation, OpenVPN works well. However, after Linux server reboot, although the client still can connect to the OpenVPN server, it cannot download anything from internet any more.

I troubleshooted the issue, and found it is caused by "iptables-openvpn.service", : after the Linux server reboot, if I manually restart this service, OpenVPN server works.

Further more, I found if I change "/etc/systemd/system/iptables-openvpn.service", Line 3, from "Before=network-online.target " to "After=network-online.target", the issue fixed.

To Reproduce Steps to reproduce the behavior:

  1. Install the OpenVPN server/client, and verify the client can connect to the server and download webpages.
  2. Restart the Linux server
  3. OpenVPN client connect to the server
  4. user cannot download anything.

Expected behavior in Step 4, user shall be able to connect to internet and download webpages.

  • OS: Oracle Linux Server 7.9 Linux instance-20201208-1913 5.4.17-2036.100.6.1.el7uek.x86_64 #2 SMP Thu Oct 29 17:04:48 PDT 2020 x86_64 x86_64 x86_64 GNU/Linux

  • Hosting provider (if applicable): Oracle OCI free tier

dongfang-a avatar Dec 30 '20 08:12 dongfang-a

Maybe try to stop and disable the firewall it works for me

bakmyradov avatar Mar 16 '21 17:03 bakmyradov

Im using a VPS on Contabo with Ubuntu 20.04 install

i was facing same problem since few days , tried lot of permutations to solve this issue but just because this script is really good that it has been shared with lot of community to make it spread for good.

i had to go inside the script to find the original author of this script version and landed on this github page , FAQ's had no insight on this problem , so next was bugs , and found this!!

Thanks @dongfang-a for the resolution or at least the guidance on right path

script uses to setup iptables-openvpn for port access; problem is not entirely in script neither it is a bug!!

my system uses firewalld therefore it ends up running two firewall, if iptables-openvpn service runs after the start of firewalld service the VPN connects , otherway around it does not.

if you disable both , obviously it connects ; reading on internet lot of discussion was there about incompatibility between two services they do not use same files/db/backend.

solution: i manually added service exception for openvpn on firewalld , and rebooted the server , everything works normal!

@angristan , my suggestion, probably a check of firewall service can be done and rules appended accordingly that should solve the problem for any variation of different firewall services, or iptables can be made optional in script and manually addition of port suggested to user

callmeeagle avatar Nov 26 '21 13:11 callmeeagle