# openvpn start issues

## blossa

I have been trying to install openvpn server on a computer with wlan/connection. I have tried to follow the guides but something seems to be wrong

 *Quote:*   

> # /etc/init.d/openvpn start
> 
>  * Starting openvpn ...
> 
>  * Check your logs to see why startup failed                              [ !! ]
> ...

 

I think that message refers to the "openvpn-status.log" file here:

 *Quote:*   

> # ls -ls /etc/openvpn/
> 
> total 8
> 
> 0 -rw------- 1 root root    0 Oct  3 00:19 ipp.txt
> ...

 

However, that file is empty.

I tried this command then:

 *Quote:*   

> # openvpn --config /etc/openvpn/openvpn.conf 
> 
> Options error: --server directive network/netmask combination is invalid
> 
> Use --help for more information.

 

And here is the "/etc/openvpn/openvpn.conf"

 *Quote:*   

> # non default port to prevent worm attacks!
> 
> port 1194
> 
> proto udp
> ...

 

192.168.0.102 is the IP of the wlan. There is no LAN cable connected and here is the output of ifconfig

 *Quote:*   

> # ifconfig
> 
> eth0      Link encap:Ethernet  HWaddr 00:02:a5:e3:cb:af  
> 
>           inet addr:169.254.26.200  Bcast:169.254.255.255  Mask:255.255.0.0
> ...

 

I am using wlan0 when writing this so it works.

Any suggestions?

----------

## depontius

My config looks a lot like yours.  The big differences I see, other than that I'm using a different subnet in RFC1918 space is that I'm using the client-config-dir stuff to push out "fixed" IP addresses based on the connecting client, and I see that you're using auto-IP-assign plus the "ifconfig-pool-persist" option.  That shouldn't make a difference to functionality.

Have you defined the tun0 device in /etc/conf.d/net? I have an IP defined, but that's all.  Nor do I start it.  I'm wondering if it's possible that you have a conflict between tun0 in /etc/conf.d/net and the openvpn configuration.

You might try truning the verbosity up on the logfile per the example configuration.  We're both using "3", and they suggest higher numbers for debugging connection problems.

----------

## blossa

Sorry for my bad english... I do not understand if your openvpn works or not.   :Embarassed: 

I have not defined tun0 in /etc/conf.d/net. I must have missed that in the guide I followed.

I can try higher verbosity. I am not sure if it gives me any more information but I will try.

Thanks for your reply!

----------

## depontius

My openvpn installation works just fine.

I don't think it is necessary to define tun0 in /etc/conf.d/net, but if you have it there it should probably agree with what is in the openvpn configuration.

Higher verbosity should give better information - the config file suggests "6" or "9" for debugging problems.

----------

## arndawg

Add

log /var/log/openvpn.log

to you configfile and see what the problem is. 

Probably just wrong path to the certificates or something  :Smile: 

----------

## blossa

I have added that to my conf-file, and the contents of that file gives:

 *Quote:*   

> Options error: --server directive network/netmask combination is invalid 
> 
> Use --help for more information.

 

But I think you might have a point... Because whatever I change regarding network-settings, I still get the same message. I will test changing the path and see what that brings up.  :Smile:  I have tested to write the full path but that did not help.

Also, do I have the right permissions on the /etc/openvpn/privnet folder?

----------

## arndawg

Try changing server line to something like:

server 10.100.0.0 255.255.255.0

Can you start openvpn without errors now?

----------

## blossa

 *arndawg wrote:*   

> Try changing server line to something like:
> 
> server 10.100.0.0 255.255.255.0
> 
> Can you start openvpn without errors now?

 

Yes, it seems ok.  :Smile:  I have not yet tried to connect to the server from a client but the server itself seems to start.

I have tried some different IP-addresses on my wlan0 and openvpn like:

server 192.168.0.2 255.255.255.0

and

server 192.168.0.102 255.255.255.255

Maybe I have missunderstood something? I thought that the IP-address for the openvpn-server should be the same as my wlan0? Is that wrong?

When I have wlan0=192.168.0.2 and I set "server 192.168.0.5 255.255.255.0" (yes, wrong IP just for testing) I still only get this in the log-file:

 *Quote:*   

> Options error: --server directive network/netmask combination is invalid 
> 
> Use --help for more information.

 

Thanks for all your help!  :Smile: 

----------

## depontius

 *blossa wrote:*   

> Maybe I have missunderstood something? I thought that the IP-address for the openvpn-server should be the same as my wlan0? Is that wrong?
> 
> When I have wlan0=192.168.0.2 and I set "server 192.168.0.5 255.255.255.0" (yes, wrong IP just for testing) I still only get this in the log-file:
> 
>  *Quote:*   Options error: --server directive network/netmask combination is invalid 
> ...

 

Bingo!

That's exactly the problem.  The OpenVPN server address needs to be fictional.  Once you have the server started, it's the address of one end of your tunnel, or at least the address the server sees as being at one end of the tunnel.  This simply can't be the same as any real address.  So if you want, you can go back into 192.168.x.x space, as long as you're not in 192.168.0.x - that's the place you can't go, because it would have your VPN tunnel subnet conflicting with your real subnet.

----------

## blossa

Ok, that sound great!  :Smile:  I thought 192.168.0.x was ok so there is one of the places I had wrong.  :Very Happy: 

I will test some other day. Atm I am struggeling with some other issues but I will probably solve that on tuesday.

Thanks for all your help! I will post here again as soon as I have tested openvpn again.

Regards / Anders

----------

