启动openvpn失败

启动OpenVPN失败

文:铁乐与猫

[root@yunwei_OpenVPN openvpn]# systemctl status openvpn
● openvpn.service - LSB: start and stop openvpn
   Loaded: loaded (/etc/rc.d/init.d/openvpn; bad; vendor preset: disabled)
   Active: active (exited) since 四 2017-11-16 15:41:52 CST; 1min 31s ago
     Docs: man:systemd-sysv-generator(8)
  Process: 1175 ExecStart=/etc/rc.d/init.d/openvpn start (code=exited, status=0/SUCCESS)

11月 16 15:41:52 yunwei_OpenVPN systemd[1]: Starting LSB: start and stop openvpn...
11月 16 15:41:52 yunwei_OpenVPN openvpn[1175]: /etc/rc.d/init.d/openvpn: 第 108 行:[: =: 期待一元表达式
11月 16 15:41:52 yunwei_OpenVPN openvpn[1175]: Starting openvpn: [失败]

## 11月 16 15:41:52 yunwei_OpenVPN systemd[1]: Started LSB: start and stop openvpn.

现怀疑是因为VMware虚拟机上搭建创建不出虚拟网卡所致。
因为/etc/rc.d/init.d/openvpn第108行是:

107 # Check that networking is up.
108 if [ ${NETWORKING} = "no" ]
109 then
110   echo "Networking is down"
111   exit 0
112 fi

解决办法是加载tun内核模块并启用转发

加载tun内核模块以便于openvpn生成虚拟网卡
[root@yunwei_OpenVPN openvpn]# modprobe tun
检验加载成功没有
[root@yunwei_OpenVPN openvpn]# lsmod | grep tun
tun                    31621  0 
启用转发
[root@yunwei_OpenVPN openvpn]# echo 1 > /proc/sys/net/ipv4/ip_forward
检验
[root@yunwei_OpenVPN openvpn]# cat /proc/sys/net/ipv4/ip_forward
1
[root@yunwei_OpenVPN openvpn]# locate tun.ko
/usr/lib/modules/3.10.0-514.el7.x86_64/kernel/drivers/net/tun.ko
/usr/lib/modules/3.10.0-693.5.2.el7.x86_64/kernel/drivers/net/tun.ko.xz
  • 后来发现是自己的配置文件还没有设置好tun项导致,改好后,再启动:
    [root@yunwei_OpenVPN openvpn]# openvpn --config /etc/openvpn/server.conf
    (注:这种命令还不是在后台模式运行的)
Thu Nov 16 17:19:39 2017 OpenVPN 2.4.4 x86_64-redhat-linux-gnu [Fedora EPEL patched][SSL (OpenSSL)] [LZO][LZ4] [EPOLL][PKCS11] [MH/PKTINFO][AEAD] built on Sep 26 2017
Thu Nov 16 17:19:39 2017 library versions: OpenSSL 1.0.1e-fips 11 Feb 2013, LZO 2.06
Thu Nov 16 17:19:39 2017 Diffie-Hellman initialized with 2048 bit key
Thu Nov 16 17:19:39 2017 Failed to extract curve from certificate (UNDEF), using secp384r1 instead.
Thu Nov 16 17:19:39 2017 ECDH curve secp384r1 added
Thu Nov 16 17:19:39 2017 ROUTE_GATEWAY 172.16.1.2/255.255.255.0 IFACE=ens33 HWADDR=00:0c:29:96:0a:fe
Thu Nov 16 17:19:39 2017 TUN/TAP device tun0 opened
Thu Nov 16 17:19:39 2017 TUN/TAP TX queue length set to 100
Thu Nov 16 17:19:39 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Thu Nov 16 17:19:39 2017 /sbin/ip link set dev tun0 up mtu 1500
Thu Nov 16 17:19:39 2017 /sbin/ip addr add dev tun0 local 10.66.72.1 peer 10.66.72.2
Thu Nov 16 17:19:39 2017 /sbin/ip route add 10.66.72.0/24 via 10.66.72.2
Thu Nov 16 17:19:39 2017 Could not determine IPv4/IPv6 protocol. Using AF_INET
Thu Nov 16 17:19:39 2017 Socket Buffers: R=[212992->212992] S=[212992->212992]
Thu Nov 16 17:19:39 2017 UDPv4 link local (bound): [AF_INET][undef]:1194
Thu Nov 16 17:19:39 2017 UDPv4 link remote: [AF_UNSPEC]
Thu Nov 16 17:19:39 2017 MULTI: multi_init called, r=256 v=256
Thu Nov 16 17:19:39 2017 IFCONFIG POOL: base=10.66.72.4 size=62, ipv6=0
Thu Nov 16 17:19:39 2017 IFCONFIG POOL LIST
Thu Nov 16 17:19:39 2017 Initialization Sequence Completed

另开一个终端验证有在运行没有:

[root@yunwei_OpenVPN ~]# lsof -i:1194
COMMAND  PID USER   FD   TYPE DEVICE SIZE/OFF NODE NAME
openvpn 6864 root    6u  IPv4  42254      0t0  UDP *:openvpn 

正常成功运行。

end

2 thoughts on “启动openvpn失败

  1. “解决办法是加载tun内核模块并启用转发
    后来发现是自己的配置文件还没有改好导致,改好后,再启动:” 我也碰到了同样/etc/rc.d/init.d/openvpn: 第 108 行:[: =: 期待一元表达式 的问题,请问你是怎么修改的?

    1. 加载tun内核模块并启用转发
      加载tun内核模块以便于openvpn生成虚拟网卡
      [root@yunwei_OpenVPN openvpn]# modprobe tun
      检验加载成功没有
      [root@yunwei_OpenVPN openvpn]# lsmod | grep tun
      tun 31621 0
      启用转发
      [root@yunwei_OpenVPN openvpn]# echo 1 > /proc/sys/net/ipv4/ip_forward
      检验
      [root@yunwei_OpenVPN openvpn]# cat /proc/sys/net/ipv4/ip_forward
      1
      [root@yunwei_OpenVPN openvpn]# locate tun.ko
      /usr/lib/modules/3.10.0-514.el7.x86_64/kernel/drivers/net/tun.ko
      /usr/lib/modules/3.10.0-693.5.2.el7.x86_64/kernel/drivers/net/tun.ko.xz

发表评论

电子邮件地址不会被公开。 必填项已用*标注