OpenVPN inside OpenVZ container - Socket bind failed on local address 192.168.0.91:1194: Address.. [message #35270] |
Fri, 13 March 2009 12:34 ![Go to next message Go to next message](/theme/ovz3/images/down.png) |
lowlow2
Messages: 7 Registered: March 2009 Location: Belgium
|
Junior Member |
|
|
Hello all,
I'm trying to implement OpenVPN inside a OpenVZ container (192.168.0.91) the host's IP is 192.168.0.90
When I (re)start the OpenVPN Server I get the error message that the "Socket bind failed" because "the address is already in use"
The output of openvpn /etc/openvpn/server.conf
root@vpnserv:~# openvpn /etc/openvpn/server.conf
Fri Mar 13 14:03:41 2009 OpenVPN 2.1_rc7 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] built on Jun 11 2008
Fri Mar 13 14:03:41 2009 Diffie-Hellman initialized with 1024 bit key
Fri Mar 13 14:03:41 2009 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Fri Mar 13 14:03:42 2009 Control Channel Authentication: using '/etc/openvpn/ta.key' as a OpenVPN static key file
Fri Mar 13 14:03:42 2009 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Mar 13 14:03:42 2009 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Mar 13 14:03:42 2009 TLS-Auth MTU parms [ L:1574 D:166 EF:66 EB:0 ET:0 EL:0 ]
Fri Mar 13 14:03:42 2009 TCP/UDP: Socket bind failed on local address 192.168.0.91:1194: Address already in use
Fri Mar 13 14:03:42 2009 Exiting
This is my server.conf
mode server
tls-server
local 192.168.0.91 ## ip/hostname of server
port 1194 ## default openvpn port
proto udp
#bridging directive
dev tap ## If you need multiple tap devices, add them here
#up "/etc/openvpn/up.sh br0"
#down "/etc/openvpn/down.sh br0"
persist-key
persist-tun
#certificates and encryption
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
tls-auth /etc/openvpn/ta.key 0 # This file is secret
cipher BF-CBC # Blowfish (default)
comp-lzo
#DHCP Information
ifconfig-pool-persist ipp.txt
server 10.8.0.0 255.255.255.0
#server-bridge 192.168.0.90 255.255.255.0 192.168.0.100 192.168.0.110
push "dhcp-option DNS 192.168.0.1"
push "dhcp-option DOMAIN impactweb.imm.be"
max-clients 10 ## set this to the max number of clients that should be connected at a time
I'm not really sure about the server-bridge option and the local (IP) option, on the top of my server.conf ?
Are there may-be specific things necessary for the good working of VPN inside a OpenVZ container that I may have overcome?
(I'm new to OpenVZ & virtualization)
Thanks in advance!
[Updated on: Tue, 17 March 2009 09:26] Report message to a moderator
|
|
|
|
Re: OpenVPN inside OpenVZ container - Socket bind failed on local address 192.168.0.91:1194: Addres [message #35323 is a reply to message #35270] |
Tue, 17 March 2009 15:10 ![Go to previous message Go to previous message](/theme/ovz3/images/up.png) |
lowlow2
Messages: 7 Registered: March 2009 Location: Belgium
|
Junior Member |
|
|
Thanks for the reply, tun0 makes it quite easy. I modified my server.conf to:
mode server
tls-server
#local 127.0.0.1 ## ip/hostname of server
#remote 213.219.138.138 #necessary?
port 1194 ## default openvpn port
proto udp
dev tun0
persist-key
persist-tun
#certificates and encryption
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
tls-auth /etc/openvpn/ta.key 0 # This file is secret
cipher BF-CBC # Blowfish (default)
comp-lzo
#DHCP Information
ifconfig-pool-persist ipp.txt
server 10.8.0.0 255.255.255.0
#server-bridge 192.168.0.91 255.255.255.0 192.168.0.100 192.168.0.110
push "dhcp-option DNS 192.168.0.1"
push "dhcp-option DOMAIN impactweb.xxx.be"
push "route 192.168.0.0 255.255.255.0"
max-clients 10
#log and security
user nobody
group nogroup
keepalive 10 120
status openvpn-status.log
verb 3
I set up the client and I can make connection (which made me happy already!).
Now I would like to know how my clients can each get a different IP address. Is it necessary the ip is 192.168.0.x as my internal network? I guess not...
What I would like to know, is how I can implement DHCP because now all my clients get the same IP: 10.8.0.6
Thanks in advance
|
|
|