Увожаемые.
Начинающий, только постигаю ubuntu.
хочу поднять сервер OpenVPN в домашней сети для доступа в эту сеть из вне.
Пока что тренируюсь на виртуалке.
Установил на сервер ubuntu 22.04 openvpn.
Создал центр сертификации.
Сгенерировал ключи и сертификаты для ЦС и сервера.
Запускаю сервер
● openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; enabled; vendor prese>
Active: active (exited) since Mon 2025-06-16 11:44:30 +07; 4h 58min ago
Main PID: 2547 (code=exited, status=0/SUCCESS)
CPU: 3ms
июн 16 11:44:30 ubuser systemd[1]: Starting OpenVPN service...
июн 16 11:44:30 ubuser systemd[1]: Finished OpenVPN service.
я так понимаю он стартует и останавливается? почему останавливается?
вот серверлог
2025-06-16 16:48:56 us=269320 1810 variation(s) on previous 20 message(s) suppressed by --mute
2025-06-16 16:48:56 us=269388 event_wait : Interrupted system call (code=4)
2025-06-16 16:48:56 us=269437 MULTI: REAP range 0 -> 256
2025-06-16 16:48:56 us=271083 TCP/UDP: Closing socket
2025-06-16 16:48:56 us=271378 net_route_v4_del: 10.15.0.0/24 via 10.15.0.2 dev [NULL] table 0 metric -1
2025-06-16 16:48:56 us=271531 sitnl_send: checking for received messages
2025-06-16 16:48:56 us=271562 sitnl_send: rtnl: received 64 bytes
2025-06-16 16:48:56 us=271583 sitnl_send: rtnl: generic error (-1): Operation not permitted
2025-06-16 16:48:56 us=271607 ERROR: Linux route delete command failed
2025-06-16 16:48:56 us=271628 Closing TUN/TAP interface
2025-06-16 16:48:56 us=285134 net_addr_v4_del: 10.15.0.1 dev tun0
2025-06-16 16:48:56 us=285240 sitnl_send: checking for received messages
2025-06-16 16:48:56 us=285261 sitnl_send: rtnl: received 52 bytes
2025-06-16 16:48:56 us=285275 sitnl_send: rtnl: generic error (-1): Operation not permitted
2025-06-16 16:48:56 us=285328 Linux can't del IP from iface tun0
2025-06-16 16:48:56 us=308275 PID packet_id_free
2025-06-16 16:48:56 us=308350 SIGTERM[hard,] received, process exiting
2025-06-16 16:48:56 us=310473 PKCS#11: Terminating openssl
2025-06-16 16:48:56 us=310598 PKCS#11: Removing providers
2025-06-16 16:48:56 us=310615 PKCS#11: Releasing sessions
2025-06-16 16:48:56 us=310625 PKCS#11: Terminating slotevent
2025-06-16 16:48:56 us=310635 PKCS#11: Marking as uninitialized
2025-06-16 16:48:56 us=351691 --cipher is not set. Previous OpenVPN version defaulted to BF-CBC as fallback when cipher negotiation failed in this case. If you need this fallback please add '--data-ciphers-fallback BF-CBC' to your configuration and/or add BF-CBC to --data-ciphers.
2025-06-16 16:48:56 us=362053 Current Parameter Settings:
2025-06-16 16:48:56 us=362086 config = '/etc/openvpn/server.conf'
2025-06-16 16:48:56 us=362099 mode = 1
2025-06-16 16:48:56 us=362109 persist_config = DISABLED
2025-06-16 16:48:56 us=362119 persist_mode = 1
2025-06-16 16:48:56 us=362128 show_ciphers = DISABLED
2025-06-16 16:48:56 us=362138 show_digests = DISABLED
2025-06-16 16:48:56 us=362148 show_engines = DISABLED
2025-06-16 16:48:56 us=362158 genkey = DISABLED
2025-06-16 16:48:56 us=362168 genkey_filename = '[UNDEF]'
2025-06-16 16:48:56 us=362178 key_pass_file = '[UNDEF]'
2025-06-16 16:48:56 us=362188 show_tls_ciphers = DISABLED
2025-06-16 16:48:56 us=362197 connect_retry_max = 0
2025-06-16 16:48:56 us=362207 Connection profiles [0]:
2025-06-16 16:48:56 us=362218 proto = udp
2025-06-16 16:48:56 us=362227 local = '[UNDEF]'
2025-06-16 16:48:56 us=362237 local_port = '1194'
2025-06-16 16:48:56 us=362247 remote = '[UNDEF]'
2025-06-16 16:48:56 us=362256 remote_port = '1194'
2025-06-16 16:48:56 us=362266 remote_float = DISABLED
2025-06-16 16:48:56 us=362275 NOTE: --mute triggered...
2025-06-16 16:48:56 us=362351 275 variation(s) on previous 20 message(s) suppressed by --mute
2025-06-16 16:48:56 us=362369 OpenVPN 2.5.11 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Sep 17 2024
2025-06-16 16:48:56 us=362390 library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
2025-06-16 16:48:56 us=362672 PKCS#11: Setting property 1=0x0
2025-06-16 16:48:56 us=362688 PKCS#11: Setting property 7=0x0
2025-06-16 16:48:56 us=362699 PKCS#11: Setting property 6=0x564948095180
2025-06-16 16:48:56 us=362709 PKCS#11: Setting property 9=0x0
2025-06-16 16:48:56 us=362719 PKCS#11: Setting property 8=0x564948095280
2025-06-16 16:48:56 us=362745 PKCS#11: Setting property 10=0x1
2025-06-16 16:48:56 us=362758 PKCS#11: Setting property 11=0xffffffff
2025-06-16 16:48:56 us=362850 net_route_v4_best_gw query: dst 0.0.0.0
2025-06-16 16:48:56 us=362919 sitnl_send: checking for received messages
2025-06-16 16:48:56 us=362990 sitnl_send: rtnl: received 684 bytes
2025-06-16 16:48:56 us=363026 net_route_v4_best_gw result: via 192.168.83.100 dev ens33
2025-06-16 16:48:56 us=386060 Diffie-Hellman initialized with 2048 bit key
2025-06-16 16:48:56 us=399620 CRL: loaded 1 CRLs from file /etc/openvpn/crl.pem
2025-06-16 16:48:56 us=399694 PRNG init md=SHA1 size=36
2025-06-16 16:48:56 us=399829 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2025-06-16 16:48:56 us=399851 Outgoing Control Channel Authentication: HMAC KEY: 1da5c23a a3574afd db655781 70197bae 8484a2e2
2025-06-16 16:48:56 us=399862 Outgoing Control Channel Authentication: HMAC size=20 block_size=20
2025-06-16 16:48:56 us=399874 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2025-06-16 16:48:56 us=399887 Incoming Control Channel Authentication: HMAC KEY: 4d65ce78 804fc0b9 f4fbdd12 62e40f14 a7b72a26
2025-06-16 16:48:56 us=399897 Incoming Control Channel Authentication: HMAC size=20 block_size=20
2025-06-16 16:48:56 us=399909 crypto_adjust_frame_parameters: Adjusting frame parameters for crypto by 28 bytes
2025-06-16 16:48:56 us=399923 TLS-Auth MTU parms [ L:1622 D:1184 EF:66 EB:0 ET:0 EL:3 ]
2025-06-16 16:48:56 us=399933 MTU DYNAMIC mtu=1450, flags=2, 1622 -> 1450
2025-06-16 16:48:56 us=400224 net_route_v4_best_gw query: dst 0.0.0.0
2025-06-16 16:48:56 us=400282 sitnl_send: checking for received messages
2025-06-16 16:48:56 us=400303 sitnl_send: rtnl: received 684 bytes
2025-06-16 16:48:56 us=400334 net_route_v4_best_gw result: via 192.168.83.100 dev ens33
2025-06-16 16:48:56 us=400378 ROUTE_GATEWAY 192.168.83.100/255.255.255.0 IFACE=ens33 HWADDR=00:0c:29:45:c3:84
2025-06-16 16:48:56 us=401461 TUN/TAP device tun0 opened
2025-06-16 16:48:56 us=401489 do_ifconfig, ipv4=1, ipv6=0
2025-06-16 16:48:56 us=401522 net_iface_mtu_set: mtu 1500 for tun0
2025-06-16 16:48:56 us=401615 sitnl_send: checking for received messages
2025-06-16 16:48:56 us=401646 sitnl_send: rtnl: received 36 bytes
2025-06-16 16:48:56 us=401693 net_iface_up: set tun0 up
2025-06-16 16:48:56 us=402494 sitnl_send: checking for received messages
2025-06-16 16:48:56 us=402519 sitnl_send: rtnl: received 36 bytes
2025-06-16 16:48:56 us=402537 net_addr_v4_add: 10.15.0.1/24 dev tun0
2025-06-16 16:48:56 us=402921 sitnl_send: checking for received messages
2025-06-16 16:48:56 us=402942 sitnl_send: rtnl: received 36 bytes
2025-06-16 16:48:56 us=402971 net_route_v4_add: 10.15.0.0/24 via 10.15.0.2 dev [NULL] table 0 metric -1
2025-06-16 16:48:56 us=403085 sitnl_send: checking for received messages
2025-06-16 16:48:56 us=403102 sitnl_send: rtnl: received 36 bytes
2025-06-16 16:48:56 us=403122 Data Channel MTU parms [ L:1622 D:1450 EF:122 EB:406 ET:0 EL:3 AF:14/122 ]
2025-06-16 16:48:56 us=403360 Could not determine IPv4/IPv6 protocol. Using AF_INET
2025-06-16 16:48:56 us=403396 Socket Buffers: R=[212992->212992] S=[212992->212992]
2025-06-16 16:48:56 us=403441 UDPv4 link local (bound): [AF_INET][undef]:1194
2025-06-16 16:48:56 us=403473 UDPv4 link remote: [AF_UNSPEC]
2025-06-16 16:48:56 us=403507 GID set to adm
2025-06-16 16:48:56 us=403525 UID set to mikle
2025-06-16 16:48:56 us=403544 MULTI: multi_init called, r=256 v=256
2025-06-16 16:48:56 us=403609 IFCONFIG POOL IPv4: base=10.15.0.2 size=253
2025-06-16 16:48:56 us=403765 Initialization Sequence Completed
2025-06-16 16:49:00 us=128456 MULTI: REAP range 0 -> 16
вот ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.77.10 netmask 255.255.255.0 broadcast 192.168.77.255
inet6 fe80::20c:29ff:fe45:c384 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:45:c3:84 txqueuelen 1000 (Ethernet)
RX packets 97844 bytes 19305950 (19.3 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 53209 bytes 32631066 (32.6 MB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 3704 bytes 309174 (309.1 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3704 bytes 309174 (309.1 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.15.0.1 netmask 255.255.255.0 destination 10.15.0.1
inet6 fe80::feff:78fb:7e4a:52cd prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5 bytes 240 (240.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0причём по ens33 пингуется а по tuno нет. Тобишь действительно, сервер стартанул и остановился.
Но по логу, я ничего такого не вижу, он вроде как стартанул....
Тема: OpenVPN server настройка. (Прочитано 1246 раз)
