This post accompanies a series on how I set up a Raspberry Pi running OSMC to act as an OpenVPN server.
I found the process of setting up OpenVPN on OSMC was not as trouble free as expected given the number of tutorials around explaining the process, mainly because most of these dealt with installing OpenVPN on Raspian rather than OSMC.
If you follow my posts you may experience a trouble free process but more likely you will also have issues due to the fact that your environment will not be identical to mine.
Therefore in this post I have listed a series of commands that I found useful in checking and troubleshooting as I went through the process. All the commands can be entered into terminal window on your Pi.
Note, in the examples shown below the commands have been run after the OpenVPN server has been successfully set up on the Pi i.e. this what you should see.
Before proceeding, if you haven’t done so already, re-start your Pi and any devices you have set up as this may be all thats needed (it’s always worth a try).
Checking the ddclient service
ddclient is the service which updates your Dynamic DNS domain name server.
sudo systemctl status ddclient
Checking the OpenVPN service
sudo systemctl status openvpn
sudo systemctl status firstname.lastname@example.org
The following command lists the contents of the openvpn log file; the example listing shows the contents just after the OpenVPN server has been restarted. When you connect to your OpenVPN server with a device you will see entries in this log file with the name of the connected device (not shown below):
sudo cat /var/log/openvpn.log
The following command shows OpenVPN running in the process list:
sudo ps aux | grep openvpn
Network and routing
The following command shows that the Pi’s firewall configured to allow connections to it:
sudo iptables -t nat -L -v
The following commands shows the tunnel interface (tun0) used for routing by OpenVPN:
sudo ifconfig -a
The following command shows port 1194 is open and listening for UDP traffic on the Pi:
sudo netstat -ln | grep 1194
Device errors (OpenVPN Connect app)
I experienced the error PolarSSL: ca certificate is undefined in the OpenVPN Connect app when I tried to connect to my OpenVPN server after I had created a new key for a device I had already set up as a client and had re-used the same mydevice.ovpn filename (I did not get this error when I created the .ovpn file with a new name e.g. mydevice2.ovpn).
However, I did find a fix for this which allows you to re-create a new mydevice.ovpn file and keep the same filename.
When you have created your mydevice.ovpn file and copied it to your pishare drive, you need to edit it before copying it to your device (you will need to copy it to another location on your PC first as you won’t have permissions to edit a file on the pishare drive).
Use your code editor (Visual Studio Code) to open your mydevice.ovpn file.
Locate the and tags with the certificate code in between; Select and and Cut this code …
… then Paste is at the bottom of the file …
Save and exit the mydevice.ovpn file.
Now copy the mydevice.ovpn file to your device and complete the instructions for setting up the device.
If you have found this useful then I’m glad to be of help. If you have found it REALLY useful you can send me 1 US Dollar by clicking the Donate button!