OpenVPN launches multiple times

Hello, I have an issue with launching/stopping OpenVPN.
I'm using OpenWRT (OpenWrt SNAPSHOT, r23375-cdfcac6e24)
Installed and configured OpenVPN. It's running just fine, I can connect.
however, when I'm launching OpenVPN via /etc/init.d/openvpn start or it's launching automatically, I'm always getting following error:

2023-06-16 14:24:54 TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address in use (errno=98)
2023-06-16 14:24:54 Exiting due to fatal error
2023-06-16 14:24:54 /usr/libexec/openvpn-hotplug route-pre-down vpn_server tun1 1500 1623 10.0.2.1 255.255.255.0 init
2023-06-16 14:24:54 Closing TUN/TAP interface

ps www | grep openvpn shows only 1 instance is running:

21244 nobody    6844 S    /usr/sbin/openvpn --syslog openvpn(vpn_server) --status /var/run/openvpn.vpn_server.status --cd /etc/openvpn --config vpn_server.conf --up /usr/libexec/openvpn-hotplug up vpn_server --down /usr/libexec/openvpn-hotplug down vpn_server --route-up /usr/libexec/openvpn-hotplug route-up vpn_server --route-pre-down /usr/libexec/openvpn-hotplug route-pre-down vpn_server --script-security 2

I've checked there only 1 config file in /etc/openvpn/ it is vpn_server.conf

if I stopping via /etc/init.d/openvpn stop, process not being stopped and I have to use kill {pid}.
If I launch it manually openvpn --config /etc/config/vpn-server.conf all is good.

uci show opevpn - throws an error "uci: entry not found".

I've checked and google for such error, but none of the provided suggestion helped to resolve the issue.

Maybe someone solved it or knows what could be the issue?

Thanks in advance.

tried. many times. doesn't help.

what is the output of netstat -pln?

Here is the output of netstat -pln.

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      2393/uhttpd
tcp        0      0 0.0.0.0:1194            0.0.0.0:*               LISTEN      21244/openvpn
tcp        0      0 10.0.0.1:53             0.0.0.0:*               LISTEN      2148/AdGuardHome
tcp        0      0 0.0.0.0:54              0.0.0.0:*               LISTEN      17262/dnsmasq
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1928/dropbear
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      2393/uhttpd
tcp        0      0 10.0.0.1:8080           0.0.0.0:*               LISTEN      2148/AdGuardHome
tcp        0      0 :::443                  :::*                    LISTEN      2393/uhttpd
tcp        0      0 :::54                   :::*                    LISTEN      17262/dnsmasq
tcp        0      0 :::22                   :::*                    LISTEN      1928/dropbear
tcp        0      0 :::80                   :::*                    LISTEN      2393/uhttpd
udp        0      0 10.0.0.1:53             0.0.0.0:*                           2148/AdGuardHome
udp        0      0 0.0.0.0:54              0.0.0.0:*                           17262/dnsmasq
udp        0      0 0.0.0.0:67              0.0.0.0:*                           17262/dnsmasq
udp        0      0 :::54                   :::*                                17262/dnsmasq
raw        0      0 ::%166:58               :::*                    58          2263/odhcpd
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node PID/Program name    Path
unix  2      [ ACC ]     STREAM     LISTENING       6434 767/ubusd           /var/run/ubus/ubus.sock

But, OpenVPN works just fine. The issue is in exactly second launch of OpenVPN instance using the same configuration file, when launch it using /etc/init.d/openvpn.

tun0 launches good with configuration file and it is working fine. I'm not sure why it tries to launch second instance of OpenVPN, even though there is only 1 configuration file.

Thank you.

In the future, please don't post screenshots like this... instead, please copy/paste the output in text form.

Please use the "Preformatted text </>" button for logs, scripts, configs and general console output.
grafik
Please edit your post accordingly. Thank you! :slight_smile:

Let's see the output of

ubus call system board
cat /etc/config/openvpn

post edited :slight_smile:

output of ubus call system board:

{
        "kernel": "6.1.33",
        "hostname": "OpenWrt",
        "system": "ARMv8 Processor rev 4",
        "model": "Xiaomi AX3600",
        "board_name": "xiaomi,ax3600",
        "rootfs_type": "squashfs",
        "release": {
                "distribution": "OpenWrt",
                "version": "SNAPSHOT",
                "revision": "r23375-cdfcac6e24",
                "target": "ipq807x/generic",
                "description": "OpenWrt SNAPSHOT r23375-cdfcac6e24"
        }
}

output of cat /etc/config/openvpn

cat: can't open '/etc/config/openvpn': No such file or directory

Config is stored in /etc/openvpn/vpn_server.conf
output of /etc/openvpn/vpn_server.conf

port 1194
proto tcp4
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/vpn_home_server.crt
key /etc/openvpn/server/vpn_home_server.key
dh /etc/openvpn/server/dh.pem
tls-crypt-v2 /etc/openvpn/server/vpn_home_server.pem

server 10.0.2.0 255.255.255.0

topology subnet
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.0.0.1"
push "dhcp-option DOMAIN home.local"
;push "route 10.0.0.1 255.255.255.255"
push "route 10.0.0.0 255.255.252.0"
duplicate-cn
client-to-client
cipher AES-256-GCM
data-ciphers AES-256-GCM
tls-version-min 1.3
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
auth SHA512
auth-nocache
keepalive 20 60
persist-key
persist-tun
daemon
user nobody
group nogroup
log-append /var/log/openvpn.log
status /var/log/openvpn-status.log
verb 3

try deleting this line. In theory, both the semi-colon and hash-tag should be equivalent for commenting a line, but that like should be deleted anyway. Let's get rid of it just in case it is causing a problem.

Meanwhile...
Try using the 23.05-RC1 instead of the snapshot you're currently running. Sometimes snapshots have random issues.

removing commented values didn't help.

Unfortunately, as far as I see from the description for my router there is no RC supported for ipq807x/generic, only snapshots as of now.

https://firmware-selector.openwrt.org/?version=23.05.0-rc1&target=ipq807x%2Fgeneric&id=xiaomi_ax3600

1 Like

Even if you use a native format config file, you still need an /etc/config/openvpn to start OpenVPN properly.

This /etc/config/openvpn file would look like this:

config openvpn vpn_server
    option config '/etc/openvpn/vpn_server.ovpn'
    option enabled '1'

OpenVPN will automatically try to parse and run any files *.conf in /etc/openvpn. This leads to a lot of confusion, and best practice is not to have any such files in that directory. Instead it is conventional to name the configuration files .ovpn which has no special meaning to the program.

1 Like

@psherman, @mk24 thanks a lot for your help. You gave me direction and I found a solution.
So...what I did.
I installed RC version and installed openvpn packages, it finally geneated /etc/config/openvpn.
I've tried as @mk24 suggested and specified config file. However, it was still generating same error. However I saw uci show openvpn started to appear :slight_smile: I have moved all configuration elements from vpn_server.ovpn to /etc/config/openvpn and magic happened. Error dissapeared and everything works exactly how I need!

Thanks a lot again :slight_smile:

PS: RC version not working properly. Wifi is not bringing up. So, I had to revert to a snapshot version.

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.