Hi
I am unable to start the openVPN server if I add the following to the configuration file:
option management '127.0.0.1 17562'
In the log I find this:
openvpn(server_turris)[20982]: Options error: Unrecognized option or missing or extra parameter(s) in openvpn-server_turris.conf:11: management (2.5.3)
This parameter can also be inserted into the configuration file via the luci interface, but if it is specified, the OpenVPN server will not start.
Probably not compiled with this option.
@mvasilek, what are the compilation options for OpenVPN? How do we get such info?
root@staging-gw-prg:~# openvpn --version
OpenVPN 2.5.3 arm-openwrt-linux-muslgnueabi [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
library versions: OpenSSL 1.1.1t 7 Feb 2023, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2021 OpenVPN Inc <sales@openvpn.net>
vs on my laptop
hagrid@hogwarts:~/$ openvpn --version
OpenVPN 2.5.5 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Jul 14 2022
library versions: OpenSSL 3.0.2 15 Mar 2022, LZO 2.10
Originally developed by James Yonan
Copyright (C) 2002-2021 OpenVPN Inc <sales@openvpn.net>
Compile time defines: enable_async_push=no enable_comp_stub=no enable_crypto_ofb_cfb=yes enable_debug=yes enable_def_auth=yes enable_dependency_tracking=no enable_dlopen=unknown enable_dlopen_self=unknown enable_dlopen_self_static=unknown enable_fast_install=needless enable_fragment=yes enable_iproute2=no enable_libtool_lock=yes enable_lz4=yes enable_lzo=yes enable_maintainer_mode=no enable_management=yes enable_multihome=yes enable_option_checking=no enable_pam_dlopen=no enable_pedantic=no enable_pf=yes enable_pkcs11=yes enable_plugin_auth_pam=yes enable_plugin_down_root=yes enable_plugins=yes enable_port_share=yes enable_selinux=no enable_shared=yes enable_shared_with_static_runtimes=no enable_silent_rules=no enable_small=no enable_static=yes enable_strict=no enable_strict_options=no enable_systemd=yes enable_werror=no enable_win32_dll=yes enable_x509_alt_username=yes with_aix_soname=aix with_crypto_library=openssl with_gnu_ld=yes with_mem_check=no with_sysroot=no
OpenWrt compiles openvpn with the --disable-management option by default, this can be seen in packages/Makefile at 0b7b12d7075637d3ce3c4eb22b74b2f6d3054672 · openwrt/packages · GitHub and packages/Config-openssl.in at 0b7b12d7075637d3ce3c4eb22b74b2f6d3054672 · openwrt/packages · GitHub
As for why openvpn --version is not printing compile time defines, it’s because OpenWrt enables the small build option which excludes this: openvpn/options.c at 82e7d5cfd81f03f045ace2bf1d3590b79441ea17 · OpenVPN/openvpn · GitHub packages/Config-openssl.in at 0b7b12d7075637d3ce3c4eb22b74b2f6d3054672 · openwrt/packages · GitHub
Thank you for the information. I now know that no overview of connected devices will be available via the web interface. 
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.