TCP: connect to [AF_INET]209.xxx.xxx.xxx:7494 failed: Unknown error
-
TCP: connect to [AF_INET]209.xxx.xxx.xxx:7494 failed: Unknown error
SIGUSR1[connection failed(soft),init_instance] received, process restarting
MANAGEMENT: >STATE:1615008963,RECONNECTING,init_instance,,,,,
Restart pause, 40 second(s)
MANAGEMENT: >STATE:1615009003,RESOLVE,,,,,,
TCP/UDP: Preserving recently used remote address: [AF_INET]209.xxx.xxx.xxx:7494
Socket Buffers: R=[8192->8192] S=[8192->8192]
Attempting to establish TCP connection with [AF_INET]209.xxx.xxx.xxx:7494 [nonblock]
MANAGEMENT: >STATE:1615009006,TCP_CONNECT,,,,,,- VPS has no firewall blocking 7494 port
- I use cloudflare it was working before no change but recent updates and I searched forum and have whitelisted 7494 as below:
OpenVPN port 7494
sudo -u yellowtent
touch ports.json
vi ports.json
{
"allowed_tcp_ports": [ 7494 ],
"allowed_udp_ports": [ ]
}Esc
:wq
sudo -u root
systemctl restart cloudron-firewall
- Should I check my ISP might be blocking the IP but it is not the case as cloudron panel is reachable?
I will end up uninstall/reinstall OpenVPN app in case no solution.
Any idea? Thanks!
-
- Are you proxying via cloudflare? If so, cloudflare cannot proxy VPN, only http(s).
- You can also check if
telnet <cloudron-server-ip> 7494connects. - You don't (and shouldn't) need to white list port 7494. Cloudron will do this automatically for apps. The ports.json is only required for apps that you run outside Cloudron. So, in fact, I recommend removing this because I don't know what side effect it has on internal routing.
-
@girish Yes I use Cloudflare and OpenVPN was working well I don't know why maybe I should not update unless a stable version of Cloudron.
I mean I do not proxy for OpenVPN only for the https for the my. domain. com panel and another app both works.
Just removed ports.json
$ telnet 209.xxx.xxx.xxx 7494
Trying 209.xxx.xxx.xxx...
Connected to 209.xxx.xxx.xxx.
Escape character is '^]'.
Connection closed by foreign host.
(after a little while)Seemingly my ISP ... and connect error, guess where I'm living
-
@hasan You can try
- doing the same telnet stuff but from a shell on the server itself, to see if the problem comes from the server or the connectivity.
- changing the port for the VPN on cloudron's management dashboard, then try the telnet stuff again with the new port
-
-
Recognizing TCP OpenVPN traffic is really not easy, as it kinda looks like any other TLS encrypted stream. As far as I know, doing so requires advanced Deep Packet Inspection capabilities that are only available to few countries, and even this is not foolproof.
May I ask, @hasan, where are you based?
?