openvpn troubles

[metaverser]

Hello,

I'm new with CentOS 7. Today I tried to install openvpn. This worked like before. Only I'm only unable to make it work with systemd:

Code: Select all

systemctl status openvpn@myopenvpn.service
openvpn@myopenvpn.service - OpenVPN Robust And Highly Flexible Tunneling Application On myopenvpn
   Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; enabled)
   Active: failed (Result: exit-code) since Sat 2014-09-06 15:47:00 CEST; 4min 25s ago
  Process: 5896 ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --management localhost 5559 --management-query-passwords --management-forget-disconnect --config /etc/openvpn/%i.conf (code=exited, status=1/FAILURE)

Sep 06 15:47:00 charlie systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application On myopenvpn...
Sep 06 15:47:00 charlie systemd[1]: openvpn@myopenvpn.service: control process exited, code=exited status=1
Sep 06 15:47:00 charlie systemd[1]: Failed to start OpenVPN Robust And Highly Flexible Tunneling Application On myopenvpn.
Sep 06 15:47:00 charlie systemd[1]: Unit openvpn@myopenvpn.service entered failed state.

config file: /lib/systemd/system/openvpn\@.service

Code: Select all

[Unit]
Description=OpenVPN Robust And Highly Flexible Tunneling Application On %I
After=syslog.target network.target

[Service]
PrivateTmp=true
Type=forking
PIDFile=/var/run/openvpn/%i.pid
ExecStart=/usr/sbin/openvpn --daemon ovpn-%i --status /run/openvpn/%i.status 10 --cd /etc/openvpn --config /etc/openvpn/%i.conf
ExecStartPost=/usr/bin/expect /lib/systemd/system/openvpn_pw.exp

[Install]
WantedBy=multi-user.target

I tried to google this problem. Seems that more people are suffering from it (http://unix.stackexchange.com/questions ... th-systemd).
Does anybody have a solution?

[MoonWolf]

Do you have /etc/openvpn/myopenvpn.conf file?

[salar88]

i have this problem too, can anyone help me?


openvpn@server.service - OpenVPN Robust And Highly Flexible Tunneling Application On server
Loaded: loaded (/usr/lib/systemd/system/openvpn@.service; enabled)
Active: failed (Result: exit-code) since Wed 2015-02-04 01:59:08 PST; 8s ago
Process: 5564 ExecStart=/usr/sbin/openvpn --daemon --writepid /var/run/openvpn/%i.pid --cd /etc/openvpn/ --config %i.conf (code=exited, status=1/FAILURE)

Feb 04 01:59:08 localhost.localdomain systemd[1]: Starting OpenVPN Robust And Highly Flexible Tunneling Application On server...
Feb 04 01:59:08 localhost.localdomain systemd[1]: openvpn@server.service: control process exited, code=exited status=1
Feb 04 01:59:08 localhost.localdomain systemd[1]: Failed to start OpenVPN Robust And Highly Flexible Tunneling Application On server.
Feb 04 01:59:08 localhost.localdomain systemd[1]: Unit openvpn@server.service entered failed state.
[root@localhost /]# ln -s /lib/systemd/system/openvpn\@.service /etc/systemd/system/openvpn\@server.service
[root@localhost /]# systemctl enable openvpn@server.service
[root@localhost /]# systemctl start openvpn@server.service
Job for openvpn@server.service failed. See 'systemctl status openvpn@server.service' and 'journalctl -xn' for details.

[penguinvitamins2]

On response to above. it seems adding the command line on OpenVPN server startup --management localhost (and port) or adding "management localhost PORT (e.g. 7505) to the OpenVPN server config file breaks the server and it fails to startup. Does anyone know how to get past this? I tried using different ports, disabling the local firewall on the server as well but no luck. The server message logs and security logs does not offer any further clues. Running openvpn-2.3.6-1.el7.x86_64 on CentOS 7 64 bit (with all the latest patches on the O.S.)


Thanks in advance.

[TrevorH]

You may well need to use semanage to add a port definition so that openvpn is allowed to use that port. If the problem goes away after running setenforce 0 to put selinux into permissive mode then you need to look at your audit logs to find out.