Hey there. I followed the guide at https://www.htpcguides.com/force-torrent...ntu-16-04/ to attempt to set up a split tunnel. I built OpenVPN from source using this guide
The base system is a clean Raspbian Stretch install. This is the first thing I attempted to set up, so no other software is installed.
Once I get to rebooting and checking if the connection is made, the log shows (verb=3)
which more or less repeats over and over. I assume it's something to do with the "Failed running command" line. I'm not super flash with Linux, but the script files are present and set to executable
I don't think I deviated from the guide at any point, though the output of ip route list looked a little different to the guide
but I thought that looked within acceptable differences.
So if anyone can help me out a little here and see my error, I'd appreciate it greatly.
The base system is a clean Raspbian Stretch install. This is the first thing I attempted to set up, so no other software is installed.
Once I get to rebooting and checking if the connection is made, the log shows (verb=3)
Code:
Mar 26 14:31:38 STRUDWICK-PI01 systemd[1]: Starting OpenVPN connection to openvpn...
Mar 26 14:31:38 STRUDWICK-PI01 ovpn-openvpn[6784]: OpenVPN 2.4.5 armv7l-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 26 2018
Mar 26 14:31:38 STRUDWICK-PI01 ovpn-openvpn[6784]: library versions: OpenSSL 1.1.0f 25 May 2017, LZO 2.08
Mar 26 14:31:38 STRUDWICK-PI01 systemd[1]: Started OpenVPN connection to openvpn.
Mar 26 14:31:38 STRUDWICK-PI01 ovpn-openvpn[6785]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Mar 26 14:31:38 STRUDWICK-PI01 ovpn-openvpn[6785]: TCP/UDP: Preserving recently used remote address: [AF_INET]91.108.183.58:1198
Mar 26 14:31:38 STRUDWICK-PI01 ovpn-openvpn[6785]: Socket Buffers: R=[163840->163840] S=[163840->163840]
Mar 26 14:31:38 STRUDWICK-PI01 ovpn-openvpn[6785]: UDP link local: (not bound)
Mar 26 14:31:38 STRUDWICK-PI01 ovpn-openvpn[6785]: UDP link remote: [AF_INET]91.108.183.58:1198
Mar 26 14:31:38 STRUDWICK-PI01 ovpn-openvpn[6785]: TLS: Initial packet from [AF_INET]91.108.183.58:1198, sid=792b603f ef6163d0
Mar 26 14:31:39 STRUDWICK-PI01 ovpn-openvpn[6785]: VERIFY OK: depth=1, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=Private Internet Access, name=Private Internet Access, emailAddress=secure@privateinternetaccess.com
Mar 26 14:31:39 STRUDWICK-PI01 ovpn-openvpn[6785]: VERIFY KU OK
Mar 26 14:31:39 STRUDWICK-PI01 ovpn-openvpn[6785]: Validating certificate extended key usage
Mar 26 14:31:39 STRUDWICK-PI01 ovpn-openvpn[6785]: ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Mar 26 14:31:39 STRUDWICK-PI01 ovpn-openvpn[6785]: VERIFY EKU OK
Mar 26 14:31:39 STRUDWICK-PI01 ovpn-openvpn[6785]: VERIFY OK: depth=0, C=US, ST=CA, L=LosAngeles, O=Private Internet Access, OU=Private Internet Access, CN=2a1adac6698c88bf15c281200256fe89, name=2a1adac6698c88bf15c281200256fe89
Mar 26 14:31:40 STRUDWICK-PI01 ovpn-openvpn[6785]: Control Channel: TLSv1.2, cipher TLSv1.2 DHE-RSA-AES256-GCM-SHA384, 2048 bit RSA
Mar 26 14:31:40 STRUDWICK-PI01 ovpn-openvpn[6785]: [2a1adac6698c88bf15c281200256fe89] Peer Connection Initiated with [AF_INET]91.108.183.58:1198
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: SENT CONTROL [2a1adac6698c88bf15c281200256fe89]: 'PUSH_REQUEST' (status=1)
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 209.222.18.222,dhcp-option DNS 209.222.18.218,ping 10,comp-lzo no,route 10.61.10.1,topology net30,ifconfig 10.61.10.6 10.61.10.5,auth-token'
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: auth-token received, disabling auth-nocache for the authentication token
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: OPTIONS IMPORT: timers and/or timeouts modified
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: OPTIONS IMPORT: compression parms modified
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: OPTIONS IMPORT: --ifconfig/up options modified
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: OPTIONS IMPORT: route options modified
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: Outgoing Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: Outgoing Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: Incoming Data Channel: Cipher 'AES-128-CBC' initialized with 128 bit key
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: Incoming Data Channel: Using 160 bit message hash 'SHA1' for HMAC authentication
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=eth0 HWADDR=b8:27:eb:18:93:17
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: TUN/TAP device tun0 opened
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: TUN/TAP TX queue length set to 100
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: /sbin/ifconfig tun0 10.61.10.6 pointopoint 10.61.10.5 mtu 1500
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: /etc/openvpn/iptables.sh tun0 1500 1558 10.61.10.6 10.61.10.5 init
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: WARNING: Failed running command (--up/--down): could not execute external program
Mar 26 14:31:41 STRUDWICK-PI01 ovpn-openvpn[6785]: Exiting due to fatal error
Mar 26 14:31:41 STRUDWICK-PI01 systemd[1]: openvpn@openvpn.service: Main process exited, code=exited, status=1/FAILURE
Mar 26 14:31:41 STRUDWICK-PI01 systemd[1]: openvpn@openvpn.service: Unit entered failed state.
Mar 26 14:31:41 STRUDWICK-PI01 systemd[1]: openvpn@openvpn.service: Failed with result 'exit-code'.
Mar 26 14:31:44 STRUDWICK-PI01 systemd[1]: openvpn@openvpn.service: Service hold-off time over, scheduling restart.
Mar 26 14:31:44 STRUDWICK-PI01 systemd[1]: Stopped OpenVPN connection to openvpn.
Code:
ls -la /etc/openvpn/
total 36
drwxr-xr-x 2 root root 4096 Mar 26 14:28 .
drwxr-xr-x 86 root root 4096 Mar 26 13:45 ..
-rw-r--r-- 1 root root 2025 Mar 26 13:55 ca.rsa.2048.crt
-rw-r--r-- 1 root root 869 Mar 26 13:55 crl.rsa.2048.pem
-rwxr-xr-x 1 root root 1636 Mar 26 13:47 iptables.sh
-rw------- 1 root root 30 Mar 26 13:30 login.txt
-rw-r--r-- 1 root root 534 Mar 26 14:28 openvpn.conf
-rwxr-xr-x 1 root root 627 Mar 26 13:48 routing.sh
-rwxr-xr-x 1 root root 1351 Mar 26 13:37 update-resolv-conf
I don't think I deviated from the guide at any point, though the output of ip route list looked a little different to the guide
Code:
default via 192.168.1.1 dev eth0 src 192.168.1.220 metric 202
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.220 metric 202
So if anyone can help me out a little here and see my error, I'd appreciate it greatly.