Troubleshooting:Openvpn Troubleshooting: Difference between revisions

Latest revision as of 13:44, 1 January 2026

This guide covers troubleshooting for OpenVPN server and client connection issues.

Server Not Starting

Check logs:

   journalctl -u openvpn -n 50

Verify configuration:

   openvpn --config /etc/openvpn/server/server.conf --test-crypto

Check file permissions:

   ls -la /etc/openvpn/server/
=== Certificates should be readable by OpenVPN user ===

Client Cannot Connect

Check server is listening:

   ss -ulnp | grep 1194

Check firewall:

   iptables -L INPUT -n -v | grep 1194

Verify client certificate:

  * Ensure certificate hasn't been revoked

  * Check certificate expiration date

  * Verify CA certificate matches server

Check server logs:

   tail -f /var/log/syslog | grep openvpn

Connection Drops

Check keepalive settings in server.conf

Verify network connectivity:

   ping 10.8.0.2

Check routing:

   ip route | grep 10.8.0.0

Performance Issues

Check server load:

   top
   htop

Monitor network traffic:

   iftop -i tun0

@@ Line 1: / Line 1: @@
-= OpenVPN Troubleshooting =
 This guide covers troubleshooting for OpenVPN server and client connection issues.
 == Server Not Starting ==
-= '''Check logs''': =
+=== '''Check logs''': ===
     <pre class="lang-bash">
     journalctl -u openvpn -n 50
 </pre>
-= '''Verify configuration''': =
+== '''Verify configuration''': ==
     <pre class="lang-bash">
     openvpn --config /etc/openvpn/server/server.conf --test-crypto
 </pre>
-= '''Check file permissions''': =
+== '''Check file permissions''': ==
     <pre class="lang-bash">
     ls -la /etc/openvpn/server/
-   # Certificates should be readable by OpenVPN user
+=== Certificates should be readable by OpenVPN user ===
 </pre>
 == Client Cannot Connect ==
-= '''Check server is listening''': =
+=== '''Check server is listening''': ===
     <pre class="lang-bash">
     ss -ulnp | grep 1194
 </pre>
-= '''Check firewall''': =
+== '''Check firewall''': ==
     <pre class="lang-bash">
     iptables -L INPUT -n -v | grep 1194
 </pre>
-= '''Verify client certificate''': =
+== '''Verify client certificate''': ==
     * Ensure certificate hasn't been revoked
@@ Line 40: / Line 38: @@
     * Verify CA certificate matches server
-= '''Check server logs''': =
+== '''Check server logs''': ==
     <pre class="lang-bash">
     tail -f /var/log/syslog | grep openvpn
@@ Line 47: / Line 45: @@
 == Connection Drops ==
-= '''Check keepalive settings''' in server.conf =
+=== '''Check keepalive settings''' in server.conf ===
-= '''Verify network connectivity''': =
+== '''Verify network connectivity''': ==
     <pre class="lang-bash">
     ping 10.8.0.2
 </pre>
-= '''Check routing''': =
+== '''Check routing''': ==
     <pre class="lang-bash">
     ip route | grep 10.8.0.0
@@ Line 60: / Line 58: @@
 == Performance Issues ==
-= '''Check server load''': =
+=== '''Check server load''': ===
     <pre class="lang-bash">
     top
@@ Line 66: / Line 64: @@
 </pre>
-= '''Monitor network traffic''': =
+== '''Monitor network traffic''': ==
     <pre class="lang-bash">
     iftop -i tun0
 </pre>
-= '''Check for connection limits''' in server configuration =
+== '''Check for connection limits''' in server configuration ==
 == Related Documentation ==

Latest revision as of 13:44, 1 January 2026

Server Not Starting

Check logs:

Verify configuration:

Check file permissions:

Client Cannot Connect

Check server is listening:

Check firewall:

Verify client certificate:

Check server logs:

Connection Drops

Check keepalive settings in server.conf

Verify network connectivity:

Check routing:

Performance Issues

Check server load:

Monitor network traffic:

Check for connection limits in server configuration

Related Documentation