Make sure that you allowed the subnet correctly.Docker exec - it openvpn- as passwd admin If you get an error, most likely it is firewall that causing the issue. You can see the currently connected users info (location, bandwidth usage etc). After log in you should see the web based OpenVPN monitoring with all the information. Visit :8080, use user pass admin:batman when prompted. Now we can run the compose file docker-compose -f docker-compose-openvpnmonitor.yml up -d Since I am using iptables in my Linux server, I’ve added the below rule iptables -I INPUT 1 -s 192.168.35.0/20 -j ACCEPT That’s how we can ensure that subnet remain same and we can get a static IP from subnet for accessing the host machine.įinally, before running this compose file, we need to add that subnet to iptables/ufw/firewalld for accepting the connection. Here we defined our own subnet so that it won’t change even if the docker-compose recreate the containers. Named skynet 🤖įrom line 20 to 31, we used another service for implementing basic authentication for securing the monitoring tool which will be accessible to :8080Īt line 32 & 33, we used the same custom network.Īt line 34 to 40, we configured the custom network. You can find more details hereĪt line 16 & 17, we defined a custom networks.
From line 3 to 15, we are using openvpn-monitor image with some required environment variables. # example user/pass generated with htpasswd is admin:batman # escape $ with $$ in Docker yml due to variable expansion OPENVPNMONITOR_SITES_0_SHOWDISCONNECT=True OPENVPNMONITOR_DEFAULT_DATETIMEFORMAT=%%d/%%m/%%Y Paste the following contents in docker-compose-openvpnmonitor.yml services: First let’s create the docker-compose file. The solution (probable) of this issue is to create a known private subnet defined in docker compose networks and configure it in iptables (or whatever firewall solution you are using) for allowing to communicate with host. Moreover, if the server has firewall enabled (iptables/ufw/firewalld), we need to add the subnet/IP in firewall in order to grant access the containers to communicate with host machine. So it is difficult to grab static IP address for accessing the host from that random bridge interface. You can access the host from the container with the static IP address of docker0 interface but it’s not the same case for the containers created with Docker compose.īy default docker compose creates randomly generated bridge network with random subnet group. Since the monitoring tool will run in Docker container and the OpenVPN server is running on the host, we need to allow Docker to communicate with host machine. So first, make sure that Docker and Docker compose are installed. There are several ways of setting up but in this tutorial I will use Docker. Now we will setup the monitoring tool for OpenVPN. sudo service restart Setting up monitoring tool with Docker compose
#Enable OpenVPN Management Interface on all interface using port 5555 Sudo vim /etc/openvpn/server/nf client-config-dir /etc/openvpn/ccd All you need is to add the below management line in nf file. The next step is to configure the OpenVPN server for monitoring. Configuring OpenVPN server for monitoring I’ve been using this setup for several years with no issue. Your personal OpenVPN server will be ready in no time. Check this repo: angristan/openvpn-install and follow the usage steps.
Openvpn docker how to#
If you don’t know how to setup, don’t worry, it is actually easy. The first thing is you need a working OpenVPN server running on Linux. I had to spend several hours in order to make it work with Docker compose. Though making it working in Docker is challenging.
There are many OpenVPN monitoring tools out there but today I will show you my favorite one, furlongm/openvpn-monitor which is easy to configure, open source web based monitoring tool. If you have OpenVPN server with multiple clients, you might need to monitor the clients location, bandwidth usage or other informations.
0 kommentar(er)
