> On Wednesday, February 21st, 2024 at 9:48 PM, Gert Doering > <g...@greenie.muc.de> wrote:
> Hi, > > On Wed, Feb 21, 2024 at 05:53:59PM +0000, Peter Davis via Openvpn-users wrote: > > > What is wrong? > > > Have you enabled the script in the openvpn config? Including raising > script-security? What does the openvpn server log look like? > > (It's always the same question "what is in the logs?" so you might want > to start proactively looking there) > > gert > -- > "If was one thing all people took for granted, was conviction that if you > feed honest figures into a computer, honest figures come out. Never doubted > it myself till I met a computer with a sense of humor." > Robert A. Heinlein, The Moon is a Harsh Mistress > > Gert Doering - Munich, Germany g...@greenie.muc.de Hello, I'm using Debian and AppArmor is not enabled. I created a file called "Connections.log" under the "/tmp" directory and changed the script as follows: log_file="/tmp/Connections.log" The "Server.conf" file also contains the following two lines: script-security 2 client-connect /etc/openvpn/scripts/script-events.sh I restarted the OpenVPN service: # systemctl restart openvpn I connected to the OpenVPN server: # cat /var/log/openvpn/openvpn-status.log OpenVPN CLIENT LIST Updated,2024-02-23 10:20:05 Common Name,Real Address,Bytes Received,Bytes Sent,Connected Since Peter,172.20.1.254:54870,63358,55507,2024-02-23 10:19:55 ROUTING TABLE Virtual Address,Common Name,Real Address,Last Ref 10.10.0.3,Peter,172.20.1.254:54870,2024-02-23 10:20:00 GLOBAL STATS Max bcast/mcast queue length,3 END But, the "Connections.log" file is empty: # cat /tmp/Connections.log # The OpenVPN log file contains the following lines: # cat /var/log/openvpn/openvpn.log 2024-02-23 10:19:55 172.20.1.254:54870 [Peter] Peer Connection Initiated with [AF_INET]172.20.1.254:54870 2024-02-23 10:19:55 MULTI: new connection by client 'Peter' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect. 2024-02-23 10:19:55 MULTI_sva: pool returned IPv4=10.10.0.3, IPv6=(Not enabled) 2024-02-23 10:19:55 OPTIONS IMPORT: reading client specific options from: /tmp/openvpn_cc_1d69a64b5d27a07f4fea610432fd7.tmp 2024-02-23 10:19:55 MULTI: Learn: 10.10.0.3 -> Peter/172.20.1.254:54870 2024-02-23 10:19:55 MULTI: primary virtual IP for Peter/172.20.1.254:54870: 10.10.0.3 2024-02-23 10:19:55 SENT CONTROL [Peter]: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 9.9.9.9,dhcp-option DNS 149.112.112.112,route-gateway 10.10.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.10.0.3 255.255.255.0,peer-id 3,cipher AES-256-GCM,protocol-flags cc-exit tls-ekm dyn-tls-crypt,tun-mtu 1500' (status=1) 2024-02-23 10:19:55 Peter/172.20.1.254:54870 PUSH: Received control message: 'PUSH_REQUEST' 2024-02-23 10:19:56 Peter/172.20.1.254:54870 Data Channel: cipher 'AES-256-GCM', peer-id: 0 2024-02-23 10:19:56 Peter/172.20.1.254:54870 Timers: ping 10, ping-restart 240 2024-02-23 10:19:56 Peter/172.20.1.254:54870 Protocol options: explicit-exit-notify 1, protocol-flags cc-exit tls-ekm dyn-tls-crypt _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
