pivpn: Unable to connect from any client after update

After an update and upgrade I restarted my pi and was unable to connect to my vpn from any of my devices. I double checked and the port is being forwarded correctly. I have no problems with ssh to my pi.

Console output of pivpn debug

:::					:::
::		PiVPN Debug		 ::
:::					:::
::	Latest Commit			 ::
:::					:::
commit 3c764db9b6d670c8bf9eae3ad94f1dbd570043c7
Merge: 6ce39bf fbec57d
Author: redfast00 <redfast00@users.noreply.github.com>
Date:   Thu Jun 29 13:32:14 2017 +0200

    Merge pull request #292 from cfcolaco/master
    
    changed to new openvpn repos
:::					:::
::	Recursive list of files in	 ::
::	/etc/openvpn/easy-rsa/pki	 ::
:::					:::
/etc/openvpn/easy-rsa/pki/:
ca.crt
crl.pem
Default.txt
dh2048.pem
firestick.ovpn
ghome.ovpn
index.txt
index.txt.attr
index.txt.attr.old
index.txt.old
ironthrone.ovpn
issued
private
rlatpop.ovpn
rphone.ovpn
serial
serial.old
ta.key
txlaptop.ovpn
tlaptop1.ovpn
tlaptop.ovpn
tphone.ovpn
ttablet.ovpn
user1.ovpn

/etc/openvpn/easy-rsa/pki/issued:
firestick.crt
ghome.crt
ironthrone.crt
rlatpop.crt
rphone.crt
server.crt
talaptop.crt
tlaptop1.crt
tlaptop.crt
tphone.crt
ttablet.crt
user1.crt

/etc/openvpn/easy-rsa/pki/private:
ca.key
firestick.key
ghome.key
ironthrone.key
rlatpop.key
rphone.key
server.key
talaptop.key
tlaptop1.key
tlaptop.key
tphone.key
ttablet.key
user1.key
:::					:::
::	Output of /etc/pivpn/*		 ::
:::					:::
:: START /etc/pivpn/DET_PLATFORM ::
Raspbian
:: END /etc/pivpn/DET_PLATFORM ::
:: START /etc/pivpn/INSTALL_PORT ::
11920
:: END /etc/pivpn/INSTALL_PORT ::
:: START /etc/pivpn/INSTALL_PROTO ::
udp
:: END /etc/pivpn/INSTALL_PROTO ::
:: START /etc/pivpn/INSTALL_USER ::
pi
:: END /etc/pivpn/INSTALL_USER ::
:: START /etc/pivpn/NO_UFW ::
1
:: END /etc/pivpn/NO_UFW ::
:: START /etc/pivpn/pivpnINTERFACE ::
eth0
:: END /etc/pivpn/pivpnINTERFACE ::
:: START /etc/pivpn/REVOKE_STATUS ::
1
:: END /etc/pivpn/REVOKE_STATUS ::
:::					:::
:: /etc/openvpn/easy-rsa/pki/Default.txt ::
:::					:::
client
dev tun
proto udp
remote *myip* 11920
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server name
cipher AES-256-CBC
auth SHA256
comp-lzo
verb 1
:::					:::
::	Debug Output Complete		 ::
:::					:::

ifconfig output:

eth0 Link encap:Ethernet HWaddr b8:27:eb:dd:29:28 inet addr: Bcast: Mask:255.255.255.0 inet6 addr: fe80::f01:6eda:69a3:db4d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:16457 errors:0 dropped:53 overruns:0 frame:0 TX packets:7378 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:10897212 (10.3 MiB) TX bytes:693304 (677.0 KiB)

lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:334 errors:0 dropped:0 overruns:0 frame:0 TX packets:334 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:33076 (32.3 KiB) TX bytes:33076 (32.3 KiB)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr: P-t-P: Mask:255.255.255.0 inet6 addr: fe80::671a:c980:2af3:4b72/64 Scope:Link UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:28 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:0 (0.0 B) TX bytes:1344 (1.3 KiB)

wlan0 Link encap:Ethernet HWaddr b8:27:eb:88:7c:7d inet addr: Bcast: Mask:255.255.255.0 inet6 addr: fe80::94c9:cc9a:b48d:ec51/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5324 errors:0 dropped:38 overruns:0 frame:0 TX packets:2890 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:499641 (487.9 KiB) TX bytes:234565 (229.0 KiB)

iptables -t nat -S output:

-P PREROUTING ACCEPT -P INPUT ACCEPT -P OUTPUT ACCEPT -P POSTROUTING ACCEPT -A POSTROUTING -s /24 -o eth0 -j MASQUERADE

iptables -S output:

-P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT

About this issue

  • Original URL
  • State: closed
  • Created 7 years ago
  • Comments: 23 (14 by maintainers)

Most upvoted comments

I think lines provide evidence that this is clearly the server log.

Sat Nov 25 14:15:56 2017 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 27 2017

Sat Nov 25 14:15:56 2017 Control Channel Authentication: using '/etc/openvpn/easy-rsa/pki/ta.key' as a OpenVPN static key file

+1
orazioedoardo on Dec 19, 2017
Read more comments on GitHub
← pivpn: [Support] Wireguard VPN Protocol Not Working
pivpn: Unable to connect to PiVPN →