i’ve change port in this string. but server doesnt run with same error(port occupied)…
By default openvpn binds to all interfaces. But you really only need this to bind on the wan side. Use the command “local put-your-ddns-name-here” in the server config to do this. Then edit the vpn-service script to not trip that error, and see if it starts.
I did some testing on my router (GL-MV1000W) and got the same results as @pavelgruz.
Unfortunately, the GL.iNet → VPN → OpenVPN Server webpage does not run /etc/init.d/vpn-service directly and calls another function (non-open source in cgi-bin/api???) that gives an error message with slightly different wording.
Instead of clicking on the Start button on the OpenVPN Server webpage, I exited and logged into SSH. I edited /etc/config/vpn_service and changed in the global section:
enabled = 1
When I run the following that had 443 removed, the OpenVpn server started up:
/etc/init.d/vpn-service start
Yes. Pls use try start the service manually.
The UI is stupid.
Server start. it is good. client connect) thanks
but the solution is like a crutch
Is it necessary to use SSH if I want to start at 443? Does the update fix this?
It is a 2-year old post.
Yes you have to use ssh. Firmware update does not deal with this issue.
Okay one time or like SSH every time might be required?
asking cause I am not a software engineer and not familiar with SSH, I will need to learn…
Okay … it was
option enable ‘0’
int my file which I changed to
option enable ‘1’
Is that Okay?
I was not able to start vpn with the command after that though … this was my output:
uci: Entry not found
uci: Entry not found
uci: Entry not found
uci: Entry not found
uci: Entry not found
uci: Entry not found
uci: Entry not found
uci: Entry not found
Warning: Section @zone[1] (wan) cannot resolve device of network ‘wan6’
Warning: Option ‘vpn_server_zone’.masq6 is unknown
Warning: Option ‘sambasharewan’.dest_proto is unknown
Warning: Option ‘sambasharelan’.dest_proto is unknown
does not specify a protocol, assuming TCP+UDP
does not specify a protocol, assuming TCP+UDP
- Clearing IPv4 filter table
- Clearing IPv4 nat table
- Clearing IPv4 mangle table
- Clearing IPv4 raw table
- Populating IPv4 filter table
- Zone ‘lan’
- Zone ‘wan’
- Zone ‘guestzone’
- Zone ‘vpn-server’
Warning: fw3_ipt_rule_append(): Can’t find target ‘input_vpn-server_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘output_vpn-server_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘forwarding_vpn-server_rule’ - Rule ‘Allow-DHCP-Renew’
- Rule ‘Allow-Ping’
- Rule ‘Allow-IGMP’
- Rule #7
- Rule #8
- Rule ‘guestzone_DHCP’
- Rule ‘guestzone_DNS’
- Rule #11
- Rule #12
- Rule ‘Allow-OpenVPN-Inbound’
- Forward ‘lan’ → ‘wan’
- Forward ‘guestzone’ → ‘wan’
- Forward ‘lan’ → ‘vpn-server’
- Forward ‘vpn-server’ → ‘wan’
- Forward ‘vpn-server’ → ‘guestzone’
- Populating IPv4 nat table
- Zone ‘lan’
- Zone ‘wan’
- Zone ‘guestzone’
- Zone ‘vpn-server’
Warning: fw3_ipt_rule_append(): Can’t find target ‘prerouting_vpn-server_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘postrouting_vpn-server_rule’
- Populating IPv4 mangle table
- Zone ‘lan’
- Zone ‘wan’
- Zone ‘guestzone’
- Zone ‘vpn-server’
- Populating IPv4 raw table
- Zone ‘lan’
- Zone ‘wan’
- Zone ‘guestzone’
- Zone ‘vpn-server’
- Clearing IPv6 filter table
- Clearing IPv6 nat table
- Clearing IPv6 mangle table
- Clearing IPv6 raw table
- Populating IPv6 filter table
- Zone ‘lan’
- Zone ‘wan’
- Zone ‘guestzone’
- Zone ‘vpn-server’
Warning: fw3_ipt_rule_append(): Can’t find target ‘input_vpn-server_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘output_vpn-server_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘forwarding_vpn-server_rule’ - Rule ‘Allow-DHCPv6’
- Rule ‘Allow-MLD’
- Rule ‘Allow-ICMPv6-Input’
- Rule ‘Allow-ICMPv6-Forward’
- Rule #7
- Rule #8
- Rule ‘guestzone_DHCP’
- Rule ‘guestzone_DNS’
- Rule #11
- Rule #12
- Rule ‘Allow-OpenVPN-Inbound’
- Forward ‘lan’ → ‘wan’
- Forward ‘guestzone’ → ‘wan’
- Forward ‘lan’ → ‘vpn-server’
- Forward ‘vpn-server’ → ‘wan’
- Forward ‘vpn-server’ → ‘guestzone’
- Populating IPv6 nat table
- Zone ‘lan’
Warning: fw3_ipt_rule_append(): Can’t find target ‘prerouting_lan_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘postrouting_lan_rule’ - Zone ‘wan’
Warning: fw3_ipt_rule_append(): Can’t find target ‘prerouting_wan_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘postrouting_wan_rule’ - Zone ‘guestzone’
Warning: fw3_ipt_rule_append(): Can’t find target ‘prerouting_guestzone_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘postrouting_guestzone_rule’ - Zone ‘vpn-server’
Warning: fw3_ipt_rule_append(): Can’t find target ‘prerouting_vpn-server_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘postrouting_vpn-server_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘delegate_prerouting’
Warning: fw3_ipt_rule_append(): Can’t find target ‘delegate_postrouting’
Warning: fw3_ipt_rule_append(): Can’t find target ‘prerouting_rule’
Warning: fw3_ipt_rule_append(): Can’t find target ‘postrouting_rule’
- Zone ‘lan’
- Populating IPv6 mangle table
- Zone ‘lan’
- Zone ‘wan’
- Zone ‘guestzone’
- Zone ‘vpn-server’
- Populating IPv6 raw table
- Zone ‘lan’
- Zone ‘wan’
- Zone ‘guestzone’
- Zone ‘vpn-server’
- Set tcp_ecn to off
- Set tcp_syncookies to on
- Set tcp_window_scaling to on
- Running script ‘/etc/firewall.user’
uci: Entry not found
uci: Entry not found
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
ipset v6.24: The set with the given name does not exist
iptables: No chain/target/match by that name. - Running script ‘/var/etc/gls2s.include’
! Skipping due to path error: No such file or directory - Running script ‘/usr/bin/glfw.sh’
- Running script ‘/usr/sbin/glqos.sh’
! Skipping due to path error: No such file or directory - Flushing conntrack table …
2023-09-27 07:35:57 DEPRECATED OPTION: ncp-disable. Disabling dynamic cipher negotiation is a deprecated debug feature that will be removed in OpenVPN 2.6
I have another issue now, after applying this change. The router is not starting.
I suggest that you reset the firmware and don’t do it.
Just don’t try if you are not sure, especially a solution for 2 years old.
Okay… but I want to run openvpn on 443, is there any other solution? My ISP is blocking other ports…
If you ovpn use port 443 and tcp, that just works.
Hi, i have upgraded software two days ago. And in new version software, you needed only is change tls port of web server. And openvpn server start
Thats can be done via console
Okay, what version are you running?
in new firmware at this moment, you must change port in file /etc/nginx/conf.d/gl.conf
in string listen 443 ssl. any numbers
it last at this moment. 4.1.0 realese 6