Openvpn socket bind failed on local address windows

hi any help on debugging this would be great its turning my head to mush !!!! i ve been trying to work it out for four days thanks steve

gonesurfing

OpenVpn Newbie
Posts: 7
Joined: Tue Dec 21, 2010 5:58 am

[SOLVED] TCP/UDP: Socket bind failed on local address alr…

hi
any help on debugging this would be great its turning my head to mush !!!! i ve been trying to work it out for four days
thanks steve

$ sudo openvpn /etc/openvpn/server.conf

Wed Oct 5 20:02:21 2011 us=400417 Current Parameter Settings:
Wed Oct 5 20:02:21 2011 us=400614 config = ‘/etc/openvpn/server.conf’
Wed Oct 5 20:02:21 2011 us=400659 mode = 1
Wed Oct 5 20:02:21 2011 us=434034 persist_config = DISABLED
Wed Oct 5 20:02:21 2011 us=434109 persist_mode = 1
Wed Oct 5 20:02:21 2011 us=434150 show_ciphers = DISABLED
Wed Oct 5 20:02:21 2011 us=434187 show_digests = DISABLED
Wed Oct 5 20:02:21 2011 us=434224 show_engines = DISABLED
Wed Oct 5 20:02:21 2011 us=434260 genkey = DISABLED
Wed Oct 5 20:02:21 2011 us=434296 key_pass_file = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=434333 show_tls_ciphers = DISABLED
Wed Oct 5 20:02:21 2011 us=434376 Connection profiles [default]:
Wed Oct 5 20:02:21 2011 us=434415 proto = udp
Wed Oct 5 20:02:21 2011 us=434452 local = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=434488 local_port = 1194
Wed Oct 5 20:02:21 2011 us=434526 remote = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=434563 remote_port = 1194
Wed Oct 5 20:02:21 2011 us=434599 remote_float = DISABLED
Wed Oct 5 20:02:21 2011 us=434635 bind_defined = DISABLED
Wed Oct 5 20:02:21 2011 us=434671 bind_local = ENABLED
Wed Oct 5 20:02:21 2011 us=434707 connect_retry_seconds = 5
Wed Oct 5 20:02:21 2011 us=434743 connect_timeout = 10
Wed Oct 5 20:02:21 2011 us=434779 connect_retry_max = 0
Wed Oct 5 20:02:21 2011 us=434816 socks_proxy_server = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=434878 socks_proxy_port = 0
Wed Oct 5 20:02:21 2011 us=434915 socks_proxy_retry = DISABLED
Wed Oct 5 20:02:21 2011 us=434955 Connection profiles END
Wed Oct 5 20:02:21 2011 us=434992 remote_random = DISABLED
Wed Oct 5 20:02:21 2011 us=435028 ipchange = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=435064 dev = ‘tun’
Wed Oct 5 20:02:21 2011 us=435099 dev_type = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=437578 dev_node = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=437620 lladdr = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=437656 topology = 1
Wed Oct 5 20:02:21 2011 us=437692 tun_ipv6 = DISABLED
Wed Oct 5 20:02:21 2011 us=437729 ifconfig_local = ‘10.8.0.1’
Wed Oct 5 20:02:21 2011 us=437765 ifconfig_remote_netmask = ‘10.8.0.2’
Wed Oct 5 20:02:21 2011 us=437802 ifconfig_noexec = DISABLED
Wed Oct 5 20:02:21 2011 us=437839 ifconfig_nowarn = DISABLED
Wed Oct 5 20:02:21 2011 us=437875 shaper = 0
Wed Oct 5 20:02:21 2011 us=437910 tun_mtu = 1500
Wed Oct 5 20:02:21 2011 us=437946 tun_mtu_defined = ENABLED
Wed Oct 5 20:02:21 2011 us=437982 link_mtu = 1500
Wed Oct 5 20:02:21 2011 us=438018 link_mtu_defined = DISABLED
Wed Oct 5 20:02:21 2011 us=438054 tun_mtu_extra = 0
Wed Oct 5 20:02:21 2011 us=438090 tun_mtu_extra_defined = DISABLED
Wed Oct 5 20:02:21 2011 us=438126 fragment = 0
Wed Oct 5 20:02:21 2011 us=438162 mtu_discover_type = -1
Wed Oct 5 20:02:21 2011 us=438198 mtu_test = 0
Wed Oct 5 20:02:21 2011 us=438233 mlock = DISABLED
Wed Oct 5 20:02:21 2011 us=438269 keepalive_ping = 10
Wed Oct 5 20:02:21 2011 us=438305 keepalive_timeout = 120
Wed Oct 5 20:02:21 2011 us=438341 inactivity_timeout = 0
Wed Oct 5 20:02:21 2011 us=438377 ping_send_timeout = 10
Wed Oct 5 20:02:21 2011 us=438414 ping_rec_timeout = 240
Wed Oct 5 20:02:21 2011 us=438450 ping_rec_timeout_action = 2
Wed Oct 5 20:02:21 2011 us=438485 ping_timer_remote = DISABLED
Wed Oct 5 20:02:21 2011 us=438522 remap_sigusr1 = 0
Wed Oct 5 20:02:21 2011 us=438558 explicit_exit_notification = 0
Wed Oct 5 20:02:21 2011 us=438594 persist_tun = ENABLED
Wed Oct 5 20:02:21 2011 us=438629 persist_local_ip = DISABLED
Wed Oct 5 20:02:21 2011 us=438666 persist_remote_ip = DISABLED
Wed Oct 5 20:02:21 2011 us=438703 persist_key = ENABLED
Wed Oct 5 20:02:21 2011 us=438740 mssfix = 1450
Wed Oct 5 20:02:21 2011 us=438775 passtos = DISABLED
Wed Oct 5 20:02:21 2011 us=438812 resolve_retry_seconds = 1000000000
Wed Oct 5 20:02:21 2011 us=438849 username = ‘nobody’
Wed Oct 5 20:02:21 2011 us=438886 groupname = ‘nogroup’
Wed Oct 5 20:02:21 2011 us=438922 chroot_dir = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=438958 cd_dir = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=438994 writepid = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=439030 up_script = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=439066 down_script = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=439145 down_pre = DISABLED
Wed Oct 5 20:02:21 2011 us=439818 up_restart = DISABLED
Wed Oct 5 20:02:21 2011 us=439857 up_delay = DISABLED
Wed Oct 5 20:02:21 2011 us=439893 daemon = DISABLED
Wed Oct 5 20:02:21 2011 us=439929 inetd = 0
Wed Oct 5 20:02:21 2011 us=439965 log = DISABLED
Wed Oct 5 20:02:21 2011 us=440000 suppress_timestamps = DISABLED
Wed Oct 5 20:02:21 2011 us=440036 nice = 0
Wed Oct 5 20:02:21 2011 us=440072 verbosity = 5
Wed Oct 5 20:02:21 2011 us=440107 mute = 0
Wed Oct 5 20:02:21 2011 us=440142 gremlin = 0
Wed Oct 5 20:02:21 2011 us=440184 status_file = ‘openvpn-status.log’
Wed Oct 5 20:02:21 2011 us=440221 status_file_version = 1
Wed Oct 5 20:02:21 2011 us=440257 status_file_update_freq = 60
Wed Oct 5 20:02:21 2011 us=440294 occ = ENABLED
Wed Oct 5 20:02:21 2011 us=440330 rcvbuf = 65536
Wed Oct 5 20:02:21 2011 us=440365 sndbuf = 65536
Wed Oct 5 20:02:21 2011 us=440401 sockflags = 0
Wed Oct 5 20:02:21 2011 us=440482 fast_io = DISABLED
Wed Oct 5 20:02:21 2011 us=440519 lzo = 7
Wed Oct 5 20:02:21 2011 us=440555 route_script = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=440591 route_default_gateway = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=440627 route_default_metric = 0
Wed Oct 5 20:02:21 2011 us=440663 route_noexec = DISABLED
Wed Oct 5 20:02:21 2011 us=440699 route_delay = 0
Wed Oct 5 20:02:21 2011 us=440734 route_delay_window = 30
Wed Oct 5 20:02:21 2011 us=440770 route_delay_defined = DISABLED
Wed Oct 5 20:02:21 2011 us=440811 route_nopull = DISABLED
Wed Oct 5 20:02:21 2011 us=440849 route_gateway_via_dhcp = DISABLED
Wed Oct 5 20:02:21 2011 us=440886 max_routes = 100
Wed Oct 5 20:02:21 2011 us=440922 allow_pull_fqdn = DISABLED
Wed Oct 5 20:02:21 2011 us=440960 route 10.8.0.0/255.255.255.0/nil/nil
Wed Oct 5 20:02:21 2011 us=440999 management_addr = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=441035 management_port = 0
Wed Oct 5 20:02:21 2011 us=441071 management_user_pass = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=441108 management_log_history_cache = 250
Wed Oct 5 20:02:21 2011 us=441145 management_echo_buffer_size = 100
Wed Oct 5 20:02:21 2011 us=441182 management_write_peer_info_file = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=441219 management_client_user = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=441256 management_client_group = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=441292 management_flags = 0
Wed Oct 5 20:02:21 2011 us=441336 shared_secret_file = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=441374 key_direction = 0
Wed Oct 5 20:02:21 2011 us=441410 ciphername_defined = ENABLED
Wed Oct 5 20:02:21 2011 us=441446 ciphername = ‘BF-CBC’
Wed Oct 5 20:02:21 2011 us=441527 authname_defined = ENABLED
Wed Oct 5 20:02:21 2011 us=441566 authname = ‘SHA1’
Wed Oct 5 20:02:21 2011 us=441601 prng_hash = ‘SHA1’
Wed Oct 5 20:02:21 2011 us=441638 prng_nonce_secret_len = 16
Wed Oct 5 20:02:21 2011 us=441674 keysize = 0
Wed Oct 5 20:02:21 2011 us=441710 engine = DISABLED
Wed Oct 5 20:02:21 2011 us=441746 replay = ENABLED
Wed Oct 5 20:02:21 2011 us=441782 mute_replay_warnings = DISABLED
Wed Oct 5 20:02:21 2011 us=441819 replay_window = 64
Wed Oct 5 20:02:21 2011 us=441855 replay_time = 15
Wed Oct 5 20:02:21 2011 us=441891 packet_id_file = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=441927 use_iv = ENABLED
Wed Oct 5 20:02:21 2011 us=441963 test_crypto = DISABLED
Wed Oct 5 20:02:21 2011 us=441999 tls_server = ENABLED
Wed Oct 5 20:02:21 2011 us=442034 tls_client = DISABLED
Wed Oct 5 20:02:21 2011 us=442070 key_method = 2
Wed Oct 5 20:02:21 2011 us=442106 ca_file = ‘/etc/openvpn/ca.crt’
Wed Oct 5 20:02:21 2011 us=442142 ca_path = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=442178 dh_file = ‘/etc/openvpn/dh1024.pem’
Wed Oct 5 20:02:21 2011 us=442215 cert_file = ‘/etc/openvpn/server.crt’
Wed Oct 5 20:02:21 2011 us=442278 priv_key_file = ‘/etc/openvpn/server.key’
Wed Oct 5 20:02:21 2011 us=442316 pkcs12_file = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=442374 cipher_list = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=442412 tls_verify = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=442449 tls_remote = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=442485 crl_file = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=442521 ns_cert_type = 0
Wed Oct 5 20:02:21 2011 us=442562 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442598 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442634 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442669 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442704 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442739 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442774 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442809 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442845 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442879 remote_cert_ku = 0
Wed Oct 5 20:02:21 2011 us=442915 remote_cert_ku[i] = 0
Wed Oct 5 20:02:21 2011 us=442950 remote_cert_ku[i] = 0
Wed Oct 5 20:02:21 2011 us=442985 remote_cert_ku[i] = 0
Wed Oct 5 20:02:21 2011 us=443021 remote_cert_ku[i] = 0
Wed Oct 5 20:02:21 2011 us=443056 remote_cert_ku[i] = 0
Wed Oct 5 20:02:21 2011 us=443092 remote_cert_ku[i] = 0
Wed Oct 5 20:02:21 2011 us=444151 remote_cert_eku = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=444171 tls_timeout = 2
Wed Oct 5 20:02:21 2011 us=444186 renegotiate_bytes = 0
Wed Oct 5 20:02:21 2011 us=444200 renegotiate_packets = 0
Wed Oct 5 20:02:21 2011 us=444214 renegotiate_seconds = 3600
Wed Oct 5 20:02:21 2011 us=444228 handshake_window = 60
Wed Oct 5 20:02:21 2011 us=444242 transition_window = 3600
Wed Oct 5 20:02:21 2011 us=444256 single_session = DISABLED
Wed Oct 5 20:02:21 2011 us=444270 push_peer_info = DISABLED
Wed Oct 5 20:02:21 2011 us=444284 tls_exit = DISABLED
Wed Oct 5 20:02:21 2011 us=444298 tls_auth_file = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=444313 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444327 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444341 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444356 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444370 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444384 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444398 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444413 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444427 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444441 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444456 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444470 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444484 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444498 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444513 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444527 pkcs11_protected_authentication = DISABLED
Wed Oct 5 20:02:21 2011 us=444543 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444557 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444571 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444585 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444599 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444614 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444628 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444642 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444665 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444681 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444695 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444710 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444724 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444739 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444753 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444768 pkcs11_private_mode = 00000000
Wed Oct 5 20:02:21 2011 us=444782 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444797 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444811 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444825 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444839 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444853 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444867 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444881 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444895 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444909 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444923 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444937 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444951 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444965 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444979 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=444993 pkcs11_cert_private = DISABLED
Wed Oct 5 20:02:21 2011 us=445008 pkcs11_pin_cache_period = -1
Wed Oct 5 20:02:21 2011 us=445022 pkcs11_id = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=445036 pkcs11_id_management = DISABLED
Wed Oct 5 20:02:21 2011 us=445057 server_network = 10.8.0.0
Wed Oct 5 20:02:21 2011 us=445075 server_netmask = 255.255.255.0
Wed Oct 5 20:02:21 2011 us=445091 server_bridge_ip = 0.0.0.0
Wed Oct 5 20:02:21 2011 us=445107 server_bridge_netmask = 0.0.0.0
Wed Oct 5 20:02:21 2011 us=445123 server_bridge_pool_start = 0.0.0.0
Wed Oct 5 20:02:21 2011 us=445139 server_bridge_pool_end = 0.0.0.0
Wed Oct 5 20:02:21 2011 us=445154 push_entry = ‘route 192.168.5.1 255.255.255.0’
Wed Oct 5 20:02:21 2011 us=445171 push_entry = ‘route 10.8.0.0 255.255.255.0’
Wed Oct 5 20:02:21 2011 us=445187 push_entry = ‘topology net30’
Wed Oct 5 20:02:21 2011 us=445201 push_entry = ‘ping 10’
Wed Oct 5 20:02:21 2011 us=445215 push_entry = ‘ping-restart 120’
Wed Oct 5 20:02:21 2011 us=445229 ifconfig_pool_defined = ENABLED
Wed Oct 5 20:02:21 2011 us=445245 ifconfig_pool_start = 10.8.0.4
Wed Oct 5 20:02:21 2011 us=445262 ifconfig_pool_end = 10.8.0.251
Wed Oct 5 20:02:21 2011 us=445281 ifconfig_pool_netmask = 0.0.0.0
Wed Oct 5 20:02:21 2011 us=445296 ifconfig_pool_persist_filename = ‘ipp.txt’
Wed Oct 5 20:02:21 2011 us=477224 ifconfig_pool_persist_refresh_freq = 600
Wed Oct 5 20:02:21 2011 us=477287 n_bcast_buf = 256
Wed Oct 5 20:02:21 2011 us=477327 tcp_queue_limit = 64
Wed Oct 5 20:02:21 2011 us=477365 real_hash_size = 256
Wed Oct 5 20:02:21 2011 us=477401 virtual_hash_size = 256
Wed Oct 5 20:02:21 2011 us=477525 client_connect_script = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=477566 learn_address_script = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=477605 client_disconnect_script = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=477642 client_config_dir = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=477679 ccd_exclusive = DISABLED
Wed Oct 5 20:02:21 2011 us=477715 tmp_dir = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=477751 push_ifconfig_defined = DISABLED
Wed Oct 5 20:02:21 2011 us=477795 push_ifconfig_local = 0.0.0.0
Wed Oct 5 20:02:21 2011 us=477836 push_ifconfig_remote_netmask = 0.0.0.0
Wed Oct 5 20:02:21 2011 us=477873 enable_c2c = ENABLED
Wed Oct 5 20:02:21 2011 us=477909 duplicate_cn = DISABLED
Wed Oct 5 20:02:21 2011 us=477945 cf_max = 0
Wed Oct 5 20:02:21 2011 us=477981 cf_per = 0
Wed Oct 5 20:02:21 2011 us=478017 max_clients = 1024
Wed Oct 5 20:02:21 2011 us=478053 max_routes_per_client = 256
Wed Oct 5 20:02:21 2011 us=478090 auth_user_pass_verify_script = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=478128 auth_user_pass_verify_script_via_file = DISABLED
Wed Oct 5 20:02:21 2011 us=478165 ssl_flags = 0
Wed Oct 5 20:02:21 2011 us=478200 port_share_host = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=478236 port_share_port = 0
Wed Oct 5 20:02:21 2011 us=478272 client = DISABLED
Wed Oct 5 20:02:21 2011 us=478308 pull = DISABLED
Wed Oct 5 20:02:21 2011 us=478344 auth_user_pass_file = ‘[UNDEF]’
Wed Oct 5 20:02:21 2011 us=478396 OpenVPN 2.1.3 i686-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] [MH] [PF_INET6] [eurephia] built on Mar 11 2011
Wed Oct 5 20:02:21 2011 us=478994 NOTE: OpenVPN 2.1 requires ‘—script-security 2’ or higher to call user-defined scripts or executables
Wed Oct 5 20:02:21 2011 us=621649 Diffie-Hellman initialized with 1024 bit key
Wed Oct 5 20:02:21 2011 us=640481 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Wed Oct 5 20:02:22 2011 us=762972 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Oct 5 20:02:22 2011 us=763089 Socket Buffers: R=[114688->131072] S=[114688->131072]
Wed Oct 5 20:02:22 2011 us=763344 TCP/UDP: Socket bind failed on local address [undef]: Address already in use
Wed Oct 5 20:02:22 2011 us=763375 Exiting
steve@steve-laptop:~$


User avatar

maikcat

Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: TCP/UDP: Socket bind failed on local address already in

Post

by maikcat » Wed Oct 05, 2011 11:24 am

hi there,

please post server config,

also use lsof -i to determine if openvpn ports are already in use
please remember if you use managment console,it also binds to tcp port as well…

Michael.

Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

«objects in mirror are losing»


User avatar

janjust

Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: TCP/UDP: Socket bind failed on local address already in

Post

by janjust » Wed Oct 05, 2011 9:11 pm

seems like the openvpn server process is already running ; don’t just start the openvpn script (my bet is you’re running ubuntu) , use a ‘restart’ instead.


gonesurfing

OpenVpn Newbie
Posts: 7
Joined: Tue Dec 21, 2010 5:58 am

Re: TCP/UDP: Socket bind failed on local address already in

Post

by gonesurfing » Thu Oct 06, 2011 7:13 am

hi
my server conf is running on ubuntu 11.04

;local
port 1194
proto udp
dev tun
ca easy-rsa/keys/ca.crt
cert easy-rsa/keys/server.crt
key easy-rsa/keys/server.key # This file should be kept secret
dh easy-rsa/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
push «route 192.168.5.1 255.255.255.0»
server 10.8.0.0 255.255.255.0
client-to-client
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 5

~$ lsof -i
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
vino-serv 4122 steve 17u IPv6 643384 0t0 TCP *:5900 (LISTEN)
vino-serv 4122 steve 18u IPv4 643385 0t0 TCP *:5900 (LISTEN)

after some time i came to the same conclusion that the server was already running however when i try to restart i get the message that it has failed is it the restart script that i am using ? i have also try a stop script and then a manually restart with the same out come

~$ sudo /etc/init.d/openvpn restart
* Stopping virtual private network daemon(s)… * No VPN is running.
* Starting virtual private network daemon(s)… * Autostarting VPN ‘server’ [fail]

thanks for any help


User avatar

maikcat

Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: TCP/UDP: Socket bind failed on local address already in

Post

by maikcat » Thu Oct 06, 2011 7:57 am

try the following

sudo lsof -i

does it shows only 2 entries? :o

Michael

Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

«objects in mirror are losing»


gonesurfing

OpenVpn Newbie
Posts: 7
Joined: Tue Dec 21, 2010 5:58 am

Re: TCP/UDP: Socket bind failed on local address already in

Post

by gonesurfing » Thu Oct 06, 2011 8:39 am

hi michael
here is the printout from sudo lsof -i

~$ sudo lsof -i

COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
sshd 460 root 3u IPv6 7039 0t0 TCP *:ssh (LISTEN)
sshd 460 root 4u IPv4 7048 0t0 TCP *:ssh (LISTEN)
avahi-dae 490 avahi 13u IPv4 7075 0t0 UDP *:mdns
avahi-dae 490 avahi 14u IPv6 7076 0t0 UDP *:mdns
avahi-dae 490 avahi 15u IPv4 7077 0t0 UDP *:56702
avahi-dae 490 avahi 16u IPv6 7078 0t0 UDP *:59829
smbd 584 root 24u IPv6 7432 0t0 TCP *:microsoft-ds (LISTEN)
smbd 584 root 25u IPv6 7434 0t0 TCP *:netbios-ssn (LISTEN)
cupsd 1406 root 5u IPv6 9620 0t0 TCP steve-laptop:ipp (LISTEN)
cupsd 1406 root 6u IPv4 9621 0t0 TCP localhost.localdomain:ipp (LISTEN)
nmbd 1559 root 9u IPv4 10327 0t0 UDP *:netbios-ns
nmbd 1559 root 10u IPv4 10328 0t0 UDP *:netbios-dgm
nmbd 1559 root 12u IPv4 10331 0t0 UDP 192.168.80.255:netbios-ns
nmbd 1559 root 13u IPv4 276936 0t0 UDP 192.168.80.255:netbios-ns
nmbd 1559 root 14u IPv4 10333 0t0 UDP 192.168.80.255:netbios-dgm
nmbd 1559 root 19u IPv4 276938 0t0 UDP 192.168.80.255:netbios-dgm
nmbd 1559 root 20u IPv4 566123 0t0 UDP steve-laptop.local:netbios-ns
nmbd 1559 root 21u IPv4 566124 0t0 UDP 192.168.5.255:netbios-ns
nmbd 1559 root 22u IPv4 566125 0t0 UDP steve-laptop.local:netbios-dgm
nmbd 1559 root 23u IPv4 566126 0t0 UDP 192.168.5.255:netbios-dgm
openvpn 2371 nobody 5u IPv4 199130 0t0 UDP *:openvpn
dhclient 3748 root 6u IPv4 555483 0t0 UDP *:bootpc
vino-serv 4122 steve 17u IPv6 643384 0t0 TCP *:5900 (LISTEN)
vino-serv 4122 steve 18u IPv4 643385 0t0 TCP *:5900 (LISTEN)
firefox 4284 steve 37u IPv4 1449026 0t0 TCP steve-laptop.local:45290->ssl.google-analytics.com:https (ESTABLISHED)


User avatar

maikcat

Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: TCP/UDP: Socket bind failed on local address already in

Post

by maikcat » Thu Oct 06, 2011 9:17 am

>openvpn 2371 nobody 5u IPv4 199130 0t0 UDP *:openvpn

there is openvpn running….

please stop service and then:

openvpn —config /etc/openvpn/server.conf

and see if it comes up

Michael.

ps:how many .conf files are inside /etc/openvpn directory?

Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

«objects in mirror are losing»


gonesurfing

OpenVpn Newbie
Posts: 7
Joined: Tue Dec 21, 2010 5:58 am

Re: TCP/UDP: Socket bind failed on local address already in

Post

by gonesurfing » Mon Jan 23, 2012 7:26 am

hi please post this as solved
thanks for the debugging help malkcat and janjust
in my attemps to set up a openvpn server i install gadmin openvpn server and i was unable to get it running so i uninstall it however the uninstal left behined a deamon running in the /etc/init.d/ directory after removing the gadmin deamon file it all started to work
thanks


@YouveGotMeowxy

I’m suddenly getting this error on this version, for every VPN config I try:

image

image

The log shows this:

2021-04-20 18:39:23 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-04-20 18:39:23 OpenVPN 2.5.1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Feb 24 2021
2021-04-20 18:39:23 Windows version 10.0 (Windows 10 or greater) 64bit
2021-04-20 18:39:23 library versions: OpenSSL 1.1.1j  16 Feb 2021, LZO 2.10
Enter Management Password:
2021-04-20 18:39:23 MANAGEMENT: Socket bind failed on local address [AF_INET]127.0.0.1:25459
2021-04-20 18:39:23 Exiting due to fatal error

I have tried changing the port in the settings tab, but I still always get the same error.

Anyone have any ideas?

@selvanair

If changing port offset by small values leads to similar error, there could be some running process that reserves a large swath of ports in that range. If so, change the port offset to be well out that range. Some one else had reported a third party app that opens a large number of ports in the 25000 to 26000 range.

Also make sure stale openvpn.exe processes are not getting left behind due to some other issue. That could lead to errors like this on attempting to restart the connection. Check running processes using task manager.

@YouveGotMeowxy

@selvanair ty for helping. I can’t seem t o find why OVPN GUI thinks that/those ports are taken?

I just did a complete uninstall using IOBit Uninsttaller, that also does a scan for anything leftover in the registry, etc., double-checked to make sure that no openvpn services were leftover, and then installed this:

http://build.openvpn.net/downloads/snapshots/openvpn-install-2.5.1-I900-release-2.5-20210420113725-8a06459d.exe

Tried to connect with a previously working .ovpn file and still got the same error:

2021-04-21 18:08:01 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-04-21 18:08:01 OpenVPN 2.5.1 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 20 2021
2021-04-21 18:08:01 Windows version 10.0 (Windows 10 or greater) 64bit
2021-04-21 18:08:01 library versions: OpenSSL 1.1.0l  10 Sep 2019, LZO 2.10
Enter Management Password:
2021-04-21 18:08:01 MANAGEMENT: Socket bind failed on local address [AF_INET]127.0.0.1:25340
2021-04-21 18:08:01 Exiting due to fatal error

Then I looked at all current ports using Nirsoft Curports, and there’s nothing using port 25340, or anything even near the 25000 range.:

image

I also just changed the port to 9999, double-checked curports to make sure 9999 wasn’t in use, and same error. Although looking at the log it’s not even trying to use the port that I specified:

image

I’m at a loss here as to what could be the issue?

@selvanair

This is baffling. As snapshots are largely untested, can you try the latest release from [here] (https://openvpn.net/community-downloads/) ?

I suppose you have interactive service running so that the GUI can be run as limited user? That’s not critical, but good to know there are no unusual things going on.

To narrow this down, could you directly start openvpn from a command prompt? Open a cmd window, cd to the folder where the config is and run, say,

C:Program FilesOpenVPNbinopenvpn.exe —config Johannesburg01.ovpn —management localhost 25340

That will not fully succeed because of limited user privileges, but we can check whether it shows the same error. If the config has a log file specified in it, you may have to do a Ctrl-C and open the log file to check. Else the logs will appear on the terminal.

Also check any excluded ports using

netsh int ipv4 show excludedportrange tcp

@YouveGotMeowxy

This is baffling. As snapshots are largely untested, can you try the latest release from [here] (https://openvpn.net/community-downloads/) ?

Ok, I uninstalled the snapshot and installed from the page you linked:

https://swupdate.openvpn.org/community/releases/OpenVPN-2.5.2-I601-amd64.msi

Unfortunately I got the same error.

I suppose you have interactive service running so that the GUI can be run as limited user? That’s not critical, but good to know there are no unusual things going on.

I just let the installer set up the service however it wanted:

image

To narrow this down, could you directly start openvpn from a command prompt? Open a cmd window, cd to the folder where the config is and run, say,

C:Program FilesOpenVPNbinopenvpn.exe —config Johannesburg01.ovpn —management localhost 25340

That will not fully succeed because of limited user privileges, but we can check whether it shows the same error. If the config has a log file specified in it, you may have to do a Ctrl-C and open the log file to check. Else the logs will appear on the terminal.

Here is the result of running from a command-line:

image

Also check any excluded ports using

netsh int ipv4 show excludedportrange tcp

image

Looking about midway through that screenshot it looks like the range 25302-25401 is excluded? Does this mean any port within that range can’t be used? If so, how do I find what might be causing them to be blocked from use?

Another question; does the computer need to be rebooted between each of these installations? I don’t see any notice from the installer saying to do so, so I haven’t been.

@selvanair

Yes, default install will setup the service and start it. Reboot is not required except in some situations where the installation would prompt for it if required.

The reservation list shows 25102 to 25901 are reserved and that is causing the error. I do not know how to find what is doing it. Apparently hyperv and docker is know to reserve large ranges though no idea whether this range is common. You could probably remove it using «netsh int ipv4 delete excludedportrange …. » command and then do an «administrative» reservation for your own use. Well-behaved programs will notice it and change their reservation when restarted. But that would require first stopping the offending program or use some registry edits and reboot. I don’t know.

An easier option may be to find a range that is free, add an administrative exclusion like

netsh int ipv4 add excludedportrange tcp 45000 50

and then set the offset to 45000 in the GUI settings.

@TinCanTech

To copy text from a command prompt, simply highlight the text with your mouse and then press Enter.
You can then paste the text into Notepad.

@YouveGotMeowxy

Well, I might be onto something but not sure what or why, lol.

Using that excluded ports command I got a massive list: https://pastebin.com/b9Hz0WEx

Then I looked at the very top and it says that port 1063 shouldn’t be excluded; confirmed it wasn’t in use with CurPorts and it wasnt; set t hat port in OpenGUI settings and got the same error. The log said it was trying 1064. So thinking that OGUI adds 1 port to anything I set in it, I set the port in it to 1062. THAT connected!

But looking in CurPorts, it literally connected to port 1062 instead of adding 1 port.

So it looks like an issue with excluded ports, but I have NO idea why my list would be THAT HUGE. Also, I don’t understand why OGUI doesn’t just use the specified port every single time rather than adding port numbers? If the idea is to start at the given port, and keep attempting at ports that’ll connect by adding 1 port at a time, it seems like it should still find a port when set to port 1063?

@YouveGotMeowxy

To copy text from a command prompt, simply highlight the text with your mouse and then press Enter.
You can then paste the text into Notepad.

I know, but I figured a screenshot would be fine in this case.

@selvanair

So it looks like an issue with excluded ports, but I have NO idea why my list would be THAT HUGE. Also, I don’t understand why OGUI doesn’t just use the specified port every single time rather than adding port numbers? If the idea is to start at the given port, and keep attempting at ports that’ll connect by adding 1 port at a time, it seems like it should still find a port when set to port 1063?

The number you specify in the settings is an offset. The index of the config is added to that number to find the port to use. configs are generally alphabetically indexed but its a bit more complex [*] than that so not that easy to predict the port number especially if you have many configs. Its not random though. This logic is not perfect and the actual port used could span over a wide range if there are 100’s of configs. Yet, its somewhat predictable :) I know this can benefit from some improvement.

The port offset + config index is used as is — no attempt is made at finding an unused port as that’s not possible the way openvpn works. The GUI has to pick the port and openvpn core has to bind to it. Otherwise we would have used dynamic ports and avoided this issue altogether.

[*] User configs are scanned first, global configs after that and Windows has a mind of its own how it orders directory traversal when recursing into sub directories.

@TinCanTech

To copy text from a command prompt, simply highlight the text with your mouse and then press Enter.
You can then paste the text into Notepad.

I know, but I figured a screenshot would be fine in this case.

If I get my magnifying glass out then I can just about read it, although it is not exactly clear.
You list yourself as «Girl Coder», so hopefully my gentle nudge will make you a better coder in future ;-)

@YouveGotMeowxy

If I get my magnifying glass out then I can just about read it, although it is not exactly clear.

ProTip: Click the image. ;)

@selvanair

To copy text from a command prompt, simply highlight the text with your mouse and then press Enter.
You can then paste the text into Notepad.

I know, but I figured a screenshot would be fine in this case.

If I get my magnifying glass out then I can just about read it, although it is not exactly clear.
You list yourself as «Girl Coder», so hopefully my gentle nudge will make you a better coder in future ;-)

If you are trying to read her username and password, its not just you — it has been blanked out. Don’t blame your glasses :)

@YouveGotMeowxy

So it looks like an issue with excluded ports, but I have NO idea why my list would be THAT HUGE. Also, I don’t understand why OGUI doesn’t just use the specified port every single time rather than adding port numbers? If the idea is to start at the given port, and keep attempting at ports that’ll connect by adding 1 port at a time, it seems like it should still find a port when set to port 1063?

The number you specify in the settings is an offset. The index of the config is added to that number to find the port to use. configs are generally alphabetically indexed but its a bit more complex [*] than that so not that easy to predict the port number especially if you have many configs. Its not random though. This logic is not perfect and the actual port used could span over a wide range if there are 100’s of configs. Yet, its somewhat predictable :) I know this can benefit from some improvement.

The port offset + config index is used as is — no attempt is made at finding an unused port as that’s not possible the way openvpn works. The GUI has to pick the port and openvpn core has to bind to it. Otherwise we would have used dynamic ports and avoided this issue altogether.

[*] User configs are scanned first, global configs after that and Windows has a mind of its own how it orders directory traversal when recursing into sub directories.

Ok, thank you again for helping me sort this all out. :)

At least I’m back in business again and able to connect, lol.

One last quick one, that I don’t know if I should just toss in here real quick or start up a whole new issue for?

Is there a quick 1-liner I need to add to my .ovpn file to fix that «DEPRECATED OPTION:» notice w/out fully disabling the cipher, or lowering it to 128?

From my searches I’m only able to find command-line flags to use (rather than the line for a config file), and also they basically give a line that disables the cipher.

@TinCanTech

@YouveGotMeowxy

@YouveGotMeowxy Pro-tip: A Pro never print-screens a DOS prompt. 🏁

A pro uses whatever tool is available to get the job effectively done; you’re only a click away from seeing the same result as a copy/paste. ;)

@TinCanTech

A Pro chooses to use the correct tools to explain the problem clearly to their intended audience.

I’ll leave it there because I don’t want to start a war — Sorry for the intrusion.

Please accept my apologies for any inadvertent offence, that was not my intention.

@YouveGotMeowxy

A Pro chooses to use the correct tools to explain the problem clearly to their intended audience.

I’ll leave it there because I don’t want to start a war — Sorry for the intrusion.

Please accept my apologies for any inadvertent offence, that was not my intention.

A screenshot is a correct tool to explain. That’s why there are hundreds of screenshot utilities, as well as millions of screenshots all over the internet on tutorial pages. :)

Apology accepted, no offense taken. :-D

@selvanair

Is there a quick 1-liner I need to add to my .ovpn file to fix that «DEPRECATED OPTION:» notice w/out fully disabling the cipher, or lowering it to 128?

One liner would be to replace «cipher» by «data-ciphers-fallback». But read on.

Assuming your server supports ncp, the cipher is negotiated and AES-256-GCM or AES-128-GCM may be getting selected (check the logs). If so the cipher you are specifying is only a fallback. In 2.5, the preferred way to do that is using —data-ciphers-fallback instead of —cipher. The deprecation message does indicate that as one of the ways of fixing it.

Command line options are the same as what goes into the config file except config file also supports inline certs and keys etc. And, the starting «—» is required on command-line but optional in the config file. So you could write

—data-ciphers-fallback AES-256-CBC
or
data-ciphers-fallback AES-256-CBC

The latter form is generally preferred in the config file, but nothing wrong with the former.

As the former form with «—» is required on command line, that’s how its generally described in documentation and logs.

P.S. Be careful and do check the logs to see what cipher is negotiated after you make changes.

@YouveGotMeowxy

@selvanair ok, tyvm for everything! It looks like the original problem is due to Hyper-V reserving all those ports, and not the fault of OpenVPN/GUI, so I’ll leave it up to you whether or not to Close the issue; I’ll go digging into why and how to stop MS from totally owning my puter, once again, lol. :)

@mohag

Os there a fix for detecting an avoiding the excluded ports in the code? (or informing the user of the issue and the setting to change)

@selvanair

As mentioned in the top of this thread, the user can change the port offset in the settings menu (see the Advanced tab) — defaults tot 25340. The port used would be the offset + ordinal index of the config. If you have, say, 3 config files, they are indexed 0, 1, 2.
Recently we have added code to also check whether the port is free and find an alternate port if not (PR #509). Hopefully that will work transparently to the user. Will be in the next release.

@mohag

Thanks, that would help. (Port numbers is not something that most users would understand)

The excluded ports are a mess — they change randomly with reboots and the error messages did not make it obvious that that is what is going on. (Some other applications sometimes use hard-coded ports which means that they break until you reboot) (I have Hyper-V installed, with one VM created that is not running. I do have WSL1 as well, not sure if that also affects the excluded ports)

(It also doesn’t help that the classic troubleshooting of checking what is listening on the port also fails for the excluded ports)

@rokedev

I ran into the same problem but didn´t check if the port was on an excluded range. After restarting the «Host Network Service» the problem was gone.

It’s not a fix but is faster than multiple restarts of the machine.

openvpn socket bind failed on local address
openvpn socket bind failed on local address

The use of Wi-Fi has increased drastically over the last few years. People also love using public Wi-Fi connections and tethering whenever it is possible. Although, while using public Wi-Fi people rim the risk of getting their data accessed by others. This means that your browsing is not secure. To fix this issue people like to use VPNs.

Considering this, one of the best VPN a person can use is OpenVPN. It provides a completely secure connection for its users through its VPN service and protocol servers. However, some OpenVPN users might run into an annoying error ‘socket bind failed on local address’. If you happen to be one of them, then here are a few ways for you to troubleshoot.

1. Restart Application

One of the fastest ways you can try to fix your problem is to restart your application. This will clear all the temporary log and cache files from your device. Usually, when you keep your application running for a long time, these files get stockpiled which results in giving the user errors while trying to operate the software.

Start by closing your application, to be sure that your application closes completely. Hold ‘control, shift, and escape’. This will open up the task manager on your computer. Locate OpenVPN in the processes tab and click on end task to completely close it. Open up your application again but this time right-click on the file and select ‘Run as administrator’. This will run your software in admin mode, making sure that it runs without any issue.

2. Restart Device

If the simple application restart doesn’t work then you might have to restart your complete system. Your computer might have a task running in the background which may be interrupting your VPN to establish a connection. Additionally, your device might require a restart because there might be some temporary files that need to be replaced before you can use OpenVPN.

Nevertheless, close all the applications you are running on your device. This Is to ensure that you don’t have anything important open when you restart causing you to lose all the data. After this, restart your computer from the start menu and both your system and OpenVPN software should be good to go.

3. Turn Off Binding

Your VPN connection’s always constructed in a way that it binds itself with a specific port number or local address. If this address or the number is not available then OpenVPN might give the error, ‘socket bind failed on local address’.

Disabling your binding will allow your VPN to connect without getting this problem. First of all, open your ‘viscosity’s preferences window’, then proceed to open the ‘connections’ bar. Afterward, click the connection you are currently using and then select the ‘edit’ option. Go to ‘options’ and then locate the ‘no-bind’ tick box here. Tick the box and make sure to save all your settings before closing this window.

After saving your settings, restart the application, and use your VPN to secure your browsing activity.

OpenVPN connections can be configured to bind to a local address and/or port number when connecting. Binding can be thought of as attaching to a fixed address and port number on the local computer. While fixed binding is needed for the OpenVPN server and for site-to-site connections, it’s typically undesired for normal client VPN connections.

If you’re seeing a «TCP/UDP: Socket bind failed on local address» error message in the OpenVPN log, it means your VPN connection is configured to bind to a fixed local address and/or port number, and that this address/port number is unavailable. This can normally be resolved by turning off binding like so:

  1. Open Viscosity’s Preferences window and make sure the Connections toolbar icon is selected.
  2. Select your connection and click the Edit button.
  3. Click the Options tab.
  4. Tick the «No Bind» checkbox and click the Save button.

If you’re trying to connect two VPN connections simultaneously, and you receive a «TCP/UDP: Socket bind failed on local address: Address already in use» error message for the second connection, it means that both VPN connections are configured to bind to the same local port number (which isn’t possible). Enabling the «No Bind» option for both connections will typically allow both connections to connect.

I cannot connect to an OpenVPN server from a Windows client with the following error in the openvpn.log:

TCP/UDP: Socket bind failed on local address [AF_INET]127.0.0.1:22194: Cannot assign requested address
Exiting due to fatal error

OpenVPN TCP/UDP: Socket bind failed on local address

To solve this problem, I have to reboot the computer or restart the Service Host: Network Service, which is very inconvenient.

I’ve only encountered this problem when TCP is used to connect to the OpenVPN server. I have never had this problem when using UDP.

If the problem occurs when you try to connect to multiple OpenVPN servers at the same time, check that multiple TAP/WinTun virtual network adapters are available in Windows.

In this case, an error will appear in openvpn.log and/or OpenVPN GUI:

All TAP-Windows/WinTun adapters on this system are currently in use

If you have more than one network adapter in Windows, check to see which process/program is using the outbound port that is specified in the details of the error. You can use netstat or PowerShell to find and kill a process that is listening on a specific port:

  • TCP port:
    Get-Process -Id (Get-NetTCPConnection -LocalPort 22194).OwningProcess
  • UDP port:
    Get-Process -Id (Get-NetUDPEndpoint -LocalPort 22194).OwningProcess

If no one is listening on the specified port, the computer might have Hyper-V services installed or WSL2 running.

This is because Windows reserves a certain dynamic range of TCP ports for Hyper-V/WSL. You can display this port range with the command:

netsh int ipv4 show excludedportrange tcp

Protocol tcp Port Exclusion Ranges
Start Port End Port
---------- --------
5985 5985
47001 47001

Protocol tcp Port Exclusion Ranges on Windows

You will get an error if this range overlaps with the outgoing port range of the OpenVPN client: TCP/UDP: Socket bind failed on local address. Change the outgoing port range in the OpenVPN client settings:

  1. Right-click on the OpenVPN GUI tray icon;
  2. Select Settings -> Advanced -> Management interface, and change the Port Offset value so that it is not in the reserved range; OpenVPN GUI change port offset
  3. Save the changes.

After that, you will be able to connect to your OpenVPN server.

You can also set a fixed outgoing port for the OpenVPN client in the .ovpn file using the following directive:

lport 10001


1

1

Уже мозг сломал. Прошу помощи у профессионалов!
Есть шлюз на Ubuntu 16.04
Нужен доступ удаленным клиентам к внутренней сетке (192.168.51.0/24)
OpenVPN поднял и он какое то время успешно проработал, но подключаясь в очередной раз мне этого сделать не удалось.
Куда копать и что я делаю не так?
Заранее благодарю за помощь!

~$ sudo cat /var/log/openvpn/openvpn.log

Mon Sep 23 12:09:33 2019 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jan  9 2019
Mon Sep 23 12:09:33 2019 library versions: OpenSSL 1.1.1  11 Sep 2018, LZO 2.08
Mon Sep 23 12:09:33 2019 Diffie-Hellman initialized with 2048 bit key
Mon Sep 23 12:09:33 2019 Outgoing Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Sep 23 12:09:33 2019 Incoming Control Channel Authentication: Using 256 bit message hash 'SHA256' for HMAC authentication
Mon Sep 23 12:09:33 2019 TUN/TAP device tun0 opened
Mon Sep 23 12:09:33 2019 TUN/TAP TX queue length set to 100
Mon Sep 23 12:09:33 2019 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Sep 23 12:09:33 2019 /sbin/ip link set dev tun0 up mtu 1500
Mon Sep 23 12:09:33 2019 /sbin/ip addr add dev tun0 10.8.0.1/24 broadcast 10.8.0.255
Mon Sep 23 12:09:33 2019 Could not determine IPv4/IPv6 protocol. Using AF_INET
Mon Sep 23 12:09:33 2019 Socket Buffers: R=[212992->212992] S=[212992->212992]
Mon Sep 23 12:09:33 2019 TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)
Mon Sep 23 12:09:33 2019 Exiting due to fatal error
Mon Sep 23 12:09:33 2019 Closing TUN/TAP interface
Mon Sep 23 12:09:33 2019 /sbin/ip addr del dev tun0 10.8.0.1/24

при чем это сообщение в логах падает постоянно, не зависимо от попытки подключения к OpenVPN. Подозреваю, что проблема именно в ошибке TCP/UDP: Socket bind failed on local address [AF_INET][undef]:1194: Address already in use (errno=98)

~$ sudo cat /etc/openvpn/server.conf

port 1194
proto udp
dev tun

ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh2048.pem

topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt

push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"

;client-to-client
;duplicate-cn

keepalive 10 120

tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
key-direction 0

cipher AES-256-CBC
auth SHA256

comp-lzo
max-clients 10

user nobody
group nogroup

persist-key
persist-tun

status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append /var/log/openvpn/openvpn.log

verb 3
mute 20

explicit-exit-notify 1

crl-verify /etc/openvpn/crl.pem

If you’re reading this in 2019 and using Ubuntu 16.x or 18.x, especially if you’re running multiple IPs, a libvirt/kvm host, or expect that your OpenVPN instance only listen on a single specified port, and are encountering the following error:

Socket bind failed on local address [AF_INET]XXX.XXX.XXX.XXX:10e94: Cannot assign requested address

All of the other answers are incorrect or poor solutions, the correct solution is to:

In /etc/default/openvpn

AUTOSTART="none"

In /etc/network/interfaces

iface ethX inet static
  address XXX.XXX.XXX.XX
  netmask 255.255.255.0
  openvpn my_vpn_name

Where ethX is your interface (ex, eth0 for a regular interface, eth0:1 for an alias of an interface), my_vpn_name is the base filename without the .conf suffix of your /etc/openvpn/my_vpn_name.conf file.

To explain, the above causes the script /etc/network/if-up.d/openvpn to get executed, this in turn executes systemctl —no-block start openvpn@my_vpn_name which starts the openvpn after the interfeace or alias is brought up.

Why do I say the other answers are poor or incorrect? because they’re either unnecessarily complex or require you to instruct your openvpn instance to listen on all IPs which is highly undesireable for obvious reasons.

DaHai8

Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

OpenVPN: Socket bind failed on local address

After (foolishly?) updating my RPi 2 (Ethernet) to the latest revisions (apt-get update / apt-get upgrade), my OpenVPN Server Service now fails to start on reboot:

TCP/UDP: Socket bind failed on local address [AF_INET]192.168.1.157:1194: Cannot assign requested address

I have tried these various suggestions from the interwebs, all of which failed to rectify the issue:

Code: Select all

nano /lib/systemd/system/openvpn@.service

Under [UNIT] section, tried all combinations of:

Code: Select all

After=network-online.target
Requires=network-online.target
After=multi-user.target
Wants=network-online.target

And have also set ‘Wait for Network At Boot’ in the raspi-config app.

The only ‘fix’ for this was to comment out the local 192.168.1.157 directive from the /etc/openvpn/server.conf file.

This is not ideal. I’d rather it bind to a specific address rather than Any address, should I choose to put another network card in, or upgrade to a RPI 3 (with Ethernet and Wifi)

Any suggestions?


User avatar

DougieLawson

Posts: 42324
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK

Re: OpenVPN: Socket bind failed on local address

Wed Mar 22, 2017 10:54 pm

What’s running on port 1194?

sudo netstat -tlnpu | awk -F ‘/’ ‘/1194/ {print $2}’

What’s in /etc/default/openvpn?

Languages using left-hand whitespace for syntax are ridiculous

DMs sent on https://twitter.com/DougieLawson or LinkedIn will be answered next month.
Fake doctors — are all on my foes list.

The use of crystal balls and mind reading is prohibited.


DaHai8

Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

Re: OpenVPN: Socket bind failed on local address

Thu Mar 23, 2017 2:29 pm

Thanks for the response!
Below are the items you requested.

Code: Select all

root@xxxxxxxx:/home/pi#  netstat -tlnpu | awk -F '/' '/1194/ {print $2}'
openvpn

Code: Select all

root@xxxxxxxx:/home/pi# cat  /etc/default/openvpn
# This is the configuration file for /etc/init.d/openvpn

#
# Start only these VPNs automatically via init script.
# Allowed values are "all", "none" or space separated list of
# names of the VPNs. If empty, "all" is assumed.
# The VPN name refers to the VPN configutation file name.
# i.e. "home" would be /etc/openvpn/home.conf
#
# If you're running systemd, changing this variable will
# require running "systemctl daemon-reload" followed by
# a restart of the openvpn service (if you removed entries
# you may have to stop those manually)
#
#AUTOSTART="all"
#AUTOSTART="none"
#AUTOSTART="home office"
#
# WARNING: If you're running systemd the rest of the
# options in this file are ignored.
#
# Refresh interval (in seconds) of default status files
# located in /var/run/openvpn.$NAME.status
# Defaults to 10, 0 disables status file generation
#
#STATUSREFRESH=10
#STATUSREFRESH=0
# Optional arguments to openvpn's command line
OPTARGS=""
#
# If you need openvpn running after sendsigs, i.e.
# to let umountnfs work over the vpn, set OMIT_SENDSIGS
# to 1 and include umountnfs as Required-Stop: in openvpn's
# init.d script (remember to run insserv after that)
#
OMIT_SENDSIGS=0


User avatar

DougieLawson

Posts: 42324
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK

Re: OpenVPN: Socket bind failed on local address

Thu Mar 23, 2017 4:02 pm

So openvpn is starting during boot up. But your openvpn defaults file is missing an

line to get your openvpn profiles (in /etc/openvpn/*.conf) running.

Languages using left-hand whitespace for syntax are ridiculous

DMs sent on https://twitter.com/DougieLawson or LinkedIn will be answered next month.
Fake doctors — are all on my foes list.

The use of crystal balls and mind reading is prohibited.


DaHai8

Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

Re: OpenVPN: Socket bind failed on local address

Fri Mar 24, 2017 2:36 am

No joy. Made the Change, then rebooted. Stil get: :(

Code: Select all

root@xxxxxxxx:/usr# cat /var/log/openvpn.log
Thu Mar 23 21:28:00 2017 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL                                                                          )] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 23 2016
Thu Mar 23 21:28:00 2017 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.08
Thu Mar 23 21:28:00 2017 Control Channel Authentication: using '/etc/openvpn/eas                                                                          y-rsa/keys/ta.key' as a OpenVPN static key file
Thu Mar 23 21:28:00 2017 TCP/UDP: Socket bind failed on local address [AF_INET]1                                                                          92.168.1.157:1194: Cannot assign requested address
Thu Mar 23 21:28:00 2017 Exiting due to fatal error

Code: Select all

root@xxxxxxxx:/usr# cat /etc/openvpn/server.conf
local 192.168.1.157
...

Code: Select all

root@xxxxxxxx:/usr# cat  /etc/default/openvpn
# This is the configuration file for /etc/init.d/openvpn

#
# Start only these VPNs automatically via init script.
# Allowed values are "all", "none" or space separated list of
# names of the VPNs. If empty, "all" is assumed.
# The VPN name refers to the VPN configutation file name.
# i.e. "home" would be /etc/openvpn/home.conf
#
# If you're running systemd, changing this variable will
# require running "systemctl daemon-reload" followed by
# a restart of the openvpn service (if you removed entries
# you may have to stop those manually)
#
AUTOSTART="all"
#AUTOSTART="none"
#AUTOSTART="home office"
#
# WARNING: If you're running systemd the rest of the
# options in this file are ignored.
#
# Refresh interval (in seconds) of default status files
# located in /var/run/openvpn.$NAME.status
# Defaults to 10, 0 disables status file generation
#
#STATUSREFRESH=10
#STATUSREFRESH=0
# Optional arguments to openvpn's command line
OPTARGS=""
#
# If you need openvpn running after sendsigs, i.e.
# to let umountnfs work over the vpn, set OMIT_SENDSIGS
# to 1 and include umountnfs as Required-Stop: in openvpn's
# init.d script (remember to run insserv after that)
#
OMIT_SENDSIGS=0

Code: Select all

root@xxxxxxxx:/usr# ifconfig
eth0      Link encap:Ethernet  HWaddr b8:27:eb:22:b5:01
          inet addr:192.168.1.157  Bcast:192.168.1.255  Mask:255.255.255.0


User avatar

DougieLawson

Posts: 42324
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK

Re: OpenVPN: Socket bind failed on local address

Fri Mar 24, 2017 10:17 am

Try this in /etc/openvpn/server.conf

Code: Select all

port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
keepalive 10 120
comp-lzo
user openvpn
group openvpn
persist-key
persist-tun
status openvpn-status.log
verb 3

Languages using left-hand whitespace for syntax are ridiculous

DMs sent on https://twitter.com/DougieLawson or LinkedIn will be answered next month.
Fake doctors — are all on my foes list.

The use of crystal balls and mind reading is prohibited.


DaHai8

Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

Re: OpenVPN: Socket bind failed on local address

Fri Mar 24, 2017 2:11 pm

Still unable to find any joy :cry:

Code: Select all

Fri Mar 24 09:05:25 2017 TCP/UDP: Socket bind failed on local address [AF_INET]192.168.1.157:1194: Cannot assign requested address

The only difference between my server.conf and your example was the user/group, so I changed it to what you had:


DaHai8

Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

Re: OpenVPN: Socket bind failed on local address

Fri Mar 24, 2017 2:13 pm

Just to verify when it fails on startup, there is nothing bound to port 1194:

Code: Select all

root@xxxxxxxx:/home/pi# netstat -tlnpu | awk -F '/' '/1194/ {print $2}'
root@xxxxxxxx:/home/pi#


User avatar

DougieLawson

Posts: 42324
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK

Re: OpenVPN: Socket bind failed on local address

Fri Mar 24, 2017 2:19 pm

Have you rebooted?

Languages using left-hand whitespace for syntax are ridiculous

DMs sent on https://twitter.com/DougieLawson or LinkedIn will be answered next month.
Fake doctors — are all on my foes list.

The use of crystal balls and mind reading is prohibited.


DaHai8

Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

Re: OpenVPN: Socket bind failed on local address

Sun Mar 26, 2017 2:43 am

Every time.
I make a change and then reboot to see if OpenVPN attaches to its specified local IP address. When it fails, I try another change and reboot again.
So far, the only time it succeeds is when I don’t specify the local IP in /etc/openvpn/server.conf


User avatar

DougieLawson

Posts: 42324
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK

Re: OpenVPN: Socket bind failed on local address

Sun Mar 26, 2017 1:36 pm

You shouldn’t need to include the local IP in your OpenVPN config. OpenVPN can work it out for itself by checking the kernel network tables.

Languages using left-hand whitespace for syntax are ridiculous

DMs sent on https://twitter.com/DougieLawson or LinkedIn will be answered next month.
Fake doctors — are all on my foes list.

The use of crystal balls and mind reading is prohibited.


DaHai8

Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

Re: OpenVPN: Socket bind failed on local address

Sun Mar 26, 2017 3:01 pm

As I said in my initial post, while not specifying the local IP address in the server.conf works, it is not ideal. For those situations where I have more than one adapter (eth0, wlan0, etc), I need to specify which IP address to bind OpenVPN to — not all of them.

And while your statement of it not being needed, that does not fix or explain why it no longer works as documented in the OpenVPN specifications.
https://community.openvpn.net/openvpn/w … n23ManPage

—local host
Local host name or IP address for bind. If specified, OpenVPN will bind to this address only. If unspecified, OpenVPN will bind to all interfaces.

So, while I understand the version of OpenVPN to which I just upgraded to may be out of your control, just stating that I don’t need it, is not a solution. I started here because all the resources from my apt-get upgrade came from the raspbian repository, and I still feel it is due to a initialization sequence issue in the startup of the RPi.

Thank you for your attempts to help me fix this issue. I will post this on the OpenVPN forum to see if someone there has some ideas.


User avatar

DougieLawson

Posts: 42324
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK

Re: OpenVPN: Socket bind failed on local address

Sun Mar 26, 2017 5:50 pm

The docs say local w.x.y.z should work (as long as each interface has a different static address and it matches one of them). I’ve never been interested in using one RPi with two active interfaces.

Languages using left-hand whitespace for syntax are ridiculous

DMs sent on https://twitter.com/DougieLawson or LinkedIn will be answered next month.
Fake doctors — are all on my foes list.

The use of crystal balls and mind reading is prohibited.


DaHai8

Posts: 55
Joined: Fri Jul 31, 2015 9:21 am

Re: OpenVPN: Socket bind failed on local address

Fri Apr 14, 2017 1:24 am

Quick update: It’s happened again on another Pi. And both Pi’s where model 3B (which have two network adapters)
It may be that there is an issue in a recent build where OpenVPN cannot identify which adapter has the IP address specified and so either binds to the wrong one, and fails, or tries to bind to both, and fails.
So, by removing the IP address in the ‘local xxx.xxx.xxx.xxx’ setting of the server.conf file, it may be binding to both with ‘any’ address.
Most of the time, this is not an issue, but if the Pi is set up as a router or gateway, I’d think this would cause problems.

P.S. That’s now 3 Raspberry Pi 3s, in three different locations, all failing this way. I think this is more than just a coincidence. There is a bug there somewhere…

Now 5! Raspberry PI 3s with this issue…and counting…


User avatar

DougieLawson

Posts: 42324
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK

Re: OpenVPN: Socket bind failed on local address

Fri Apr 14, 2017 1:42 pm

It’s a software bug. You won’t have five raspberries failing with a hardware error unless you’re seriously abusing them.

Languages using left-hand whitespace for syntax are ridiculous

DMs sent on https://twitter.com/DougieLawson or LinkedIn will be answered next month.
Fake doctors — are all on my foes list.

The use of crystal balls and mind reading is prohibited.


fcazorlasoler

Posts: 7
Joined: Sun Apr 16, 2017 6:41 am
Location: Barcelona

Re: OpenVPN: Socket bind failed on local address

Tue Apr 18, 2017 4:03 pm

Good evening, I’m Francisco Cazorla, from Barcelona. I’m a beginner with Raspberry and I’m in a trouble with my first project.

I have a new PI 3 B, with Noobs 2.4.0 (and the last Raspbian version) I’m trying to build an VPN server with openvpn. I have been following the http://readwrite.com/2014/04/10/raspber … -browsing/ tutorial and I have the same message OpenVPN: Socket bind failed on local address … (as I can see it in the openvpn.log), The server does not work and port 1194 is not opened. It does matter if I comment the local statament or not.

I would like to track the evolution of this topic.


fcazorlasoler

Posts: 7
Joined: Sun Apr 16, 2017 6:41 am
Location: Barcelona

Re: OpenVPN: Socket bind failed on local address

Tue Apr 18, 2017 8:47 pm

I add the messages from the openvpn.log, with the local statement on server.conf (both commented and uncommented)

  • The message on the openvpn.log (with local statement on server.conf)
    Tue Apr 18 21:30:19 2017 TCP/UDP: Socket bind failed on local address [AF_INET]192.168.0.157:1194: Cannot assign requested address

    The complete openvpn.log (and the local statement comented on server.conf)
    Tue Apr 18 21:30:19 2017 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 23 2016
    Tue Apr 18 21:30:19 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08
    Tue Apr 18 21:30:19 2017 Control Channel Authentication: using ‘/etc/openvpn/easy-rsa/keys/ta.key’ as a OpenVPN static key file
    Tue Apr 18 21:30:19 2017 TCP/UDP: Socket bind failed on local address [undef]: Address already in use
    Tue Apr 18 21:30:19 2017 Exiting due to fatal error


User avatar

DougieLawson

Posts: 42324
Joined: Sun Jun 16, 2013 11:19 pm
Location: A small cave in deepest darkest Basingstoke, UK

Re: OpenVPN: Socket bind failed on local address

Tue Apr 18, 2017 8:49 pm

What’s already running?

sudo netstat -tlnpu | grep 1194
ps xauf | grep openvpn

Languages using left-hand whitespace for syntax are ridiculous

DMs sent on https://twitter.com/DougieLawson or LinkedIn will be answered next month.
Fake doctors — are all on my foes list.

The use of crystal balls and mind reading is prohibited.


fcazorlasoler

Posts: 7
Joined: Sun Apr 16, 2017 6:41 am
Location: Barcelona

Re: OpenVPN: Socket bind failed on local address

Wed Apr 19, 2017 8:45 am

After the command sudo netstat -tlnpu | grep 1194 :

udp 0 0 0.0.0.0:1194 0.0.0.0:* 418/openvpn

After the command ps xauf | grep openvpn

nobody 418 0.0 0.6 5528 2844 ? Ss 10:15 0:00 /user/sbin/openvpn —daemon ovpn-server —status /run/openvpn/server.status 10 —cd /etc/openvpn —config /etc/openvpn/server.conf
root 1040 0.0 0.4 4268 1840 pts/0 S+ 10:22 0:00 _ grep openvpn


fcazorlasoler

Posts: 7
Joined: Sun Apr 16, 2017 6:41 am
Location: Barcelona

Re: OpenVPN: Socket bind failed on local address

Wed Apr 19, 2017 8:57 am

I reenter the data again, as I did it manually the first time, and may be any error on it. Now, it has been done with a copy/paste:

  • command sudo netstat -tlnpu | grep 1194
    udp 0 0 0.0.0.0:1194 0.0.0.0:* 418/openvpn

    command ps xauf | grep openvpn
    nobody 418 0.0 0.6 5528 2844 ? Ss 10:15 0:00 /usr/sbin/openv pn —daemon ovpn-server —status /run/openvpn/server.status 10 —cd /etc/openvpn —config /etc/openvpn/server.conf
    root 1040 0.0 0.4 4268 1840 pts/0 S+ 10:22 0:00

_ grep openvpn


fcazorlasoler

Posts: 7
Joined: Sun Apr 16, 2017 6:41 am
Location: Barcelona

Re: OpenVPN: Socket bind failed on local address

Wed Apr 19, 2017 9:06 am

Also, I noticed the data in the openvpn.log is not updated correctly (from my point of view):

  • -rw——- 1 root root 881 Apr 19 09:17 openvpn.log
    -rw——- 1 root root 232 Apr 19 10:16 openvpn-status.log

If I do an openvpn —config /etc/openvpn/server.conf, then the data is correctly update (I don’t know if this is usefull to debug the problem)

  • -rw——- 1 root root 771 Apr 19 11:04 openvpn.log
    -rw——- 1 root root 0 Apr 19 11:04 openvpn-status.log

and the contens of the openvpn.log:

  • Wed Apr 19 11:04:08 2017 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 23 2016
    Wed Apr 19 11:04:08 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08
    Wed Apr 19 11:04:08 2017 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts i$
    Wed Apr 19 11:04:08 2017 Control Channel Authentication: using ‘/etc/openvpn/easy-rsa/keys/ta.key’ as a OpenVPN static key file
    Wed Apr 19 11:04:08 2017 TCP/UDP: Socket bind failed on local address [undef]: Address already in use
    Wed Apr 19 11:04:08 2017 Exiting due to fatal error


fcazorlasoler

Posts: 7
Joined: Sun Apr 16, 2017 6:41 am
Location: Barcelona

Re: OpenVPN: Socket bind failed on local address

Thu Apr 20, 2017 6:49 am

There was an error in my previous updates. I have verified the openvpn.log when the local statement is commented. There is no error message in the log, as you can see below, but port 1194 is still not opened. It seems not assigned to any ip, but I don’t know raspbian enought to be sure of that.

[listThu Apr 20 08:17:12 2017 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 23 2016
Thu Apr 20 08:17:12 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08
Thu Apr 20 08:17:12 2017 Control Channel Authentication: using ‘/etc/openvpn/easy-rsa/keys/ta.key’ as a OpenVPN static key file
Thu Apr 20 08:17:12 2017 TUN/TAP device tun0 opened
Thu Apr 20 08:17:12 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Apr 20 08:17:12 2017 /sbin/ip link set dev tun0 up mtu 1500
Thu Apr 20 08:17:12 2017 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Thu Apr 20 08:17:13 2017 GID set to nogroup
Thu Apr 20 08:17:13 2017 UID set to nobody
Thu Apr 20 08:17:13 2017 UDPv4 link local (bound): [undef]
Thu Apr 20 08:17:13 2017 UDPv4 link remote: [undef]
Thu Apr 20 08:17:13 2017 Initialization Sequence Completed
][/list]

Then, the command netstat -tlnpu | grep 1194 shows:

  • root@raspberrypi:/var/log# netstat -tlnpu | grep 1194
    udp 0 0 0.0.0.0:1194 0.0.0.0:* 416/openvpn

and the command ps xauf | grep openvpn shows:

  • root@raspberrypi:/var/log# ps xauf | grep openvpn
    nobody 416 0.0 0.6 5528 2900 ? Ss 08:27 0:00 /usr/sbin/openvpn —daemon ovpn-server —status /run/openvpn/server.status 10 —cd /etc/openvpn —config /etc/openvpn/server.conf
    root 1020 0.0 0.4 4268 1840 pts/0 S+ 08:47 0:00 _ grep openvpn
    root@raspberrypi:/var/log#

I don’t know how to continue with this. Any help welcome!


fcazorlasoler

Posts: 7
Joined: Sun Apr 16, 2017 6:41 am
Location: Barcelona

Re: OpenVPN: Socket bind failed on local address

Fri Apr 21, 2017 7:57 am

The problem was not really a problem!! It works perfectly (with the local statement commented) !!

I was trying to connect to the openvpn server from my local wifi, and this does not work. ( I supose this is normal. I don’t know)

But today I tryed to connect form outside the wifi, and it works. The conecction is established and I can access the LAN without any problem.

Sorry for the inconvenience I could have caused to you.

Regards.


rohtua

Posts: 72
Joined: Sat Jul 16, 2016 9:01 am

Re: OpenVPN: Socket bind failed on local address

Wed Jun 28, 2017 11:25 am

Hi, I’ve been having the same issues myself and was reading your post, this post has the answer :)

DougieLawson wrote:The docs say local w.x.y.z should work (as long as each interface has a different static address and it matches one of them). I’ve never been interested in using one RPi with two active interfaces.

I went back to my interfaces file and set each active interface to a static ip and then when I reboot my Pi the OpenVPN server starts automatically, without having to comment out the local option in the server.conf file. Hope this helps.


Return to “Troubleshooting”

Like this post? Please share to your friends:
  • Ophcrack скачать для windows 7 32 bit
  • Ophcrack скачать для windows 10 на флешку
  • Ophcrack скачать для windows 10 как пользоваться
  • Ophcrack скачать для windows 10 livecd
  • Ophcrack как пользоваться на windows 7 с флешки