EdgeRouter - openVPN restart

JaredBusch

First of all, restart vpn is for IPSEC services. Not OpenVPN services.

Second, you could not have restarted the router with that command because it does not have that capability.

Tab completion tells you this...

jbusch@jared:~$ restart
dhcpv6           flow-accounting  igmp-proxy       task-scheduler   vpn              vrrp             webproxy
jbusch@jared:~$ restart
Possible completions:
  dhcpv6        Restart a DHCPv6 service
  flow-accounting
                Restart flow-accounting service
  igmp-proxy    Restart IGMP proxy
  task-scheduler
                Restart task scheduler service
  vpn           Restart IPsec VPN
  vrrp          Restart VRRP
  webproxy      Restart webproxy service

jbusch@jared:~$ restart
Incomplete command
jbusch@jared:~$ restart vpn
Clearing IPsec process...
jbusch@jared:~$

JaredBusch

Like almost all systems, tab completion is your friend.

With nothing on the command line

jbusch@jared:~$
add            copy           generate       ping6          renew          show           traceroute
clear          debug          initial-setup  reboot         reset          shutdown       traceroute6
configure      delete         no             release        restart        telnet         update
connect        disconnect     ping           rename         set            terminal

Well we tried restart first found it was not what we needed.. hmm look reset...

jbusch@jared:~$ reset
         openvpn
jbusch@jared:~$ reset
Possible completions:
  openvpn       Reset OpenVPN


jbusch@jared:~$ reset openvpn
client     interface
jbusch@jared:~$ reset openvpn interface
       vtun0
jbusch@jared:~$ reset openvpn interface
Possible completions:
  vtun0         Reset OpenVPN process on interface

jbusch@jared:~$ reset openvpn interface
       vtun0
jbusch@jared:~$ reset openvpn interface vtun0
This will reset and re-establish all tunnel connections on this interface.
Are you sure you want to continue? (y/n) [y]y
Tunnel connections for interface vtun0 have been reset.
jbusch@jared:~$

gjacobse

@JaredBusch said in EdgeRouter - openVPN restart:

First of all, restart vpn is for IPSEC services. Not OpenVPN services.

Second, you could not have restarted the router with that command because it does not have that capability.

Command used to restart the router

shutdown -r now

stacksofplates

It's just a startup script under /etc/init.d. You should be able to just run

/etc/init.d/openvpn restart

JaredBusch

@stacksofplates said in EdgeRouter - openVPN restart:

It's just a startup script under /etc/init.d. You should be able to just run

/etc/init.d/openvpn restart

Yes, but they make a command for it.

stacksofplates

@JaredBusch said in EdgeRouter - openVPN restart:

@stacksofplates said in EdgeRouter - openVPN restart:

It's just a startup script under /etc/init.d. You should be able to just run

/etc/init.d/openvpn restart

Yes, but they make a command for it.

Ya on my phone and didn't see your post until after I posted that.

JaredBusch

@gjacobse said in EdgeRouter - openVPN restart:

@JaredBusch said in EdgeRouter - openVPN restart:

First of all, restart vpn is for IPSEC services. Not OpenVPN services.

Second, you could not have restarted the router with that command because it does not have that capability.

Command used to restart the router

shutdown -r now

gods the things wrong here..

1. You implied the restart vpn caused a reboot.

2. There is a reboot command for that. Use it. why are you applying base OS commands when there is an entire set of commands layered on top to handle all the normal duties. Perhaps doing things you do not know in addition.

gjacobse

@JaredBusch said in EdgeRouter - openVPN restart:

@gjacobse said in EdgeRouter - openVPN restart:

@JaredBusch said in EdgeRouter - openVPN restart:

First of all, restart vpn is for IPSEC services. Not OpenVPN services.

Second, you could not have restarted the router with that command because it does not have that capability.

Command used to restart the router

shutdown -r now

gods the things wrong here..

1. You implied the restart vpn caused a reboot.

2. There is a reboot command for that. Use it. why are you applying base OS commands when there is an entire set of commands layered on top to handle all the normal duties. Perhaps doing things you do not know in addition.

Restart VPN and REBOOT are two wholly different things - I know that.

The command to restart the SERVICE wasn't found in the time I had to find it for a 14:00 EDT REBOOT. I wanted to do a restart of the service rather than a reboot as to not take the site down.

As the restart command wasn't found in the time I had, the shutdown -r now was used to reboot and thus restart the OpenVPN services.

Upon the reboot completion, the service was restarted normally and users were again able to sign in.

JaredBusch

@gjacobse you need to step the f*** back and read things a little more carefully. because your little marked up rant there is all kinds of wrong if you are trying to reply to anything I said.

travisdh1

@gjacobse said in EdgeRouter - openVPN restart:

As the restart command wasn't found in the time I had, the shutdown -r now was used to reboot and thus restart the OpenVPN services.

So, the router actually rebooted instead of stopping? Because 'shutdown -r now' is a hard stop, not a reboot. I understand that you were most likely just trying to fix things, but that line especially doesn't make sense.

gjacobse

@travisdh1 said in EdgeRouter - openVPN restart:

@gjacobse said in EdgeRouter - openVPN restart:

As the restart command wasn't found in the time I had, the shutdown -r now was used to reboot and thus restart the OpenVPN services.

So, the router actually rebooted instead of stopping? Because 'shutdown -r now' is a hard stop, not a reboot. I understand that you were most likely just trying to fix things, but that line especially doesn't make sense.

Restart linux
The shutdown command can be used to restart a system with the r option instead of the h option. Usage is same as before. Just replace the h option with r option.

# shutdown -r +5 "Server will restart in 5 minutes. Please save your work."

Shutdown linux
To shutdown a machine call the shutdown command like this

# shutdown -h now
The h option is for halt which means to stop. The second parameter is the time parameter. "now" means that shutdown the system right away.

Didn't need to shutdown (halt) the router, I'm not there to restart it. So rather than use -h, the -r was used.

As the service restart wasn't found in the time I had - the router was rebooted as a 'this is what I have now, and the service window is NOW'

I never said that the router rebooted itself. The router was rebooted as the only other option to getting the OpenVPN service to restart......

travisdh1

@gjacobse said in EdgeRouter - openVPN restart:

@travisdh1 said in EdgeRouter - openVPN restart:

@gjacobse said in EdgeRouter - openVPN restart:

As the restart command wasn't found in the time I had, the shutdown -r now was used to reboot and thus restart the OpenVPN services.

So, the router actually rebooted instead of stopping? Because 'shutdown -r now' is a hard stop, not a reboot. I understand that you were most likely just trying to fix things, but that line especially doesn't make sense.

Restart linux
The shutdown command can be used to restart a system with the r option instead of the h option. Usage is same as before. Just replace the h option with r option.

# shutdown -r +5 "Server will restart in 5 minutes. Please save your work."

Shutdown linux
To shutdown a machine call the shutdown command like this

# shutdown -h now
The h option is for halt which means to stop. The second parameter is the time parameter. "now" means that shutdown the system right away.

Didn't need to shutdown (halt) the router, I'm not there to restart it. So rather than use -h, the -r was used.

As the service restart wasn't found in the time I had - the router was rebooted as a 'this is what I have now, and the service window is NOW'

I never said that the router rebooted itself. The router was rebooted as the only other option to getting the OpenVPN service to restart......

Ah, I use the shutdown command so infrequently that I'm forgetting what the option switches for it are. That's a lot of typing for

reboot

gjacobse

@travisdh1 said in EdgeRouter - openVPN restart:

@gjacobse said in EdgeRouter - openVPN restart:

@travisdh1 said in EdgeRouter - openVPN restart:

@gjacobse said in EdgeRouter - openVPN restart:

As the restart command wasn't found in the time I had, the shutdown -r now was used to reboot and thus restart the OpenVPN services.

So, the router actually rebooted instead of stopping? Because 'shutdown -r now' is a hard stop, not a reboot. I understand that you were most likely just trying to fix things, but that line especially doesn't make sense.

Restart linux
The shutdown command can be used to restart a system with the r option instead of the h option. Usage is same as before. Just replace the h option with r option.

# shutdown -r +5 "Server will restart in 5 minutes. Please save your work."

Shutdown linux
To shutdown a machine call the shutdown command like this

# shutdown -h now
The h option is for halt which means to stop. The second parameter is the time parameter. "now" means that shutdown the system right away.

Didn't need to shutdown (halt) the router, I'm not there to restart it. So rather than use -h, the -r was used.

As the service restart wasn't found in the time I had - the router was rebooted as a 'this is what I have now, and the service window is NOW'

I never said that the router rebooted itself. The router was rebooted as the only other option to getting the OpenVPN service to restart......

Ah, I use the shutdown command so infrequently that I'm forgetting what the option switches for it are. That's a lot of typing for

reboot

Ha - with the limited experience in CLI, I went with what I knew would work.. I used that command in Windows and Linux - so is second nature to type. I'll forgo using the GUI in Win10 and type that ,..... Is it 'right' - meh,.. maybe not. but it works.

JaredBusch

@gjacobse said in EdgeRouter - openVPN restart:

maybe not. but it works.

How do you know? Have you looked into the reboot script to see what it actually does and contrast that with the shutdown -r now command?

It forces a hard restart of the system, but does it actually "work"?

Carnival Boy

Wow, tough crowd on this thread.

BRRABill

@Carnival-Boy said in EdgeRouter - openVPN restart:

Wow, tough crowd on this thread.

You new to ML?

helix

This shit still doesn't work properly through the EdgeOS-provided /etc/init.d/openvpn script. If you do /etc/init.d/openvpn status or systemctl status openvpn you get a green-light active (exited) but this is deceiving because it's a one-shot service and not a proper systemd daemon. systemctl edit --full shows the following piece of crap "service":

[Unit]
Description=OpenVPN service
After=network.target

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/bin/true
ExecReload=/bin/true
WorkingDirectory=/etc/openvpn

[Install]
WantedBy=multi-user.target

/bin/true? Are you fucking kidding me, Ubiquiti? I pay thousands of €s for your shit and you still manage to be so bad at Linuxing. At least don't pretend you have a service or properly document your shit, ubnt.

https://community.ui.com/questions/Restarting-OpenVPN/2e5c4e8b-ab61-49f1-a25b-e5aa23130d48 suggests that reset openvpn interface works but… it didn't. You can try it before you try the following.

What helped me was to change settings so the config got regenerated. For example you could set or delete the following option:

interfaces openvpn vtun0 openvpn-option "--cipher AES-256-CBC"

then commit and see with sudo ss -lpn | grep :1194 that the thing's started. If OpenVPN is running or doesn't restart, you can killall openvpn a few times with forced Enter (hit the Enter key very hard, it's important) before you change the settings.

Just wanted to mention this to anyone finding this thread through "openvpn restart edgerouter doesn't work" in google or similar. I hope I sweared enough for my first fucking post in this damn nice forum