Knowledge Base

Issue with openvpn-admin and waiting for response from OpenVPN server

View full discussion in GitHub

Answer

I have set up a new OpenVPN server using the terraform-aws-openvpn/modules/openvpn-sever module. I'm are now trying to set up a new connection with Viscocity. I'm using the latest version of openvpn-admin: 0.24.3 We use aws-vault for authentication so I'm running this command: ``` aws-vault exec stage -- openvpn-admin request --aws-region us-east-1 --username MY-USER ``` The actual `--username` value is a valid user with full access. The request is failing while it waits for a reply from the OpenVPN server. I used the `--debug` flag and got this result: (username and account obfuscated out) ``` aws-vault exec stage -- openvpn-admin request --aws-region us-east-1 --username MY-USER --debug [openvpn-admin] INFO[2022-08-30T11:16:23-04:00] Looking up AWS username [openvpn-admin] DEBU[2022-08-30T11:16:23-04:00] Using AWS Region: us-east-1 [openvpn-admin] DEBU[2022-08-30T11:16:23-04:00] Using Username: MY-USER [openvpn-admin] INFO[2022-08-30T11:16:23-04:00] Looking up SQS queue [openvpn-admin] DEBU[2022-08-30T11:16:23-04:00] Locating Request URL in us-east-1 [openvpn-admin] DEBU[2022-08-30T11:16:23-04:00] Using Request URL: https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-requests-openvpn-request-queue [openvpn-admin] DEBU[2022-08-30T11:16:23-04:00] Value not set for mssfix argument, setting correct MTU for OpenVPN [openvpn-admin] DEBU[2022-08-30T11:16:23-04:00] Using mssfix host: 1.1.1.1 [] INFO[2022-08-30T11:16:23-04:00] Running command: ping -D -v -s 1400 -t 2 -c 1 1.1.1.1 PING 1.1.1.1 (1.1.1.1): 1400 data bytes 1408 bytes from 1.1.1.1: icmp_seq=0 ttl=56 time=16.131 ms --- 1.1.1.1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 16.131/16.131/16.131/0.000 ms [] INFO[2022-08-30T11:16:23-04:00] Running command: ping -D -v -s 1500 -t 2 -c 1 1.1.1.1 PING 1.1.1.1 (1.1.1.1): 1500 data bytes ping: sendto: Message too long --- 1.1.1.1 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss [] INFO[2022-08-30T11:16:25-04:00] Running command: ping -D -v -s 1450 -t 2 -c 1 1.1.1.1 PING 1.1.1.1 (1.1.1.1): 1450 data bytes 1458 bytes from 1.1.1.1: icmp_seq=0 ttl=56 time=18.409 ms --- 1.1.1.1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 18.409/18.409/18.409/0.000 ms [] INFO[2022-08-30T11:16:25-04:00] Running command: ping -D -v -s 1470 -t 2 -c 1 1.1.1.1 PING 1.1.1.1 (1.1.1.1): 1470 data bytes 1478 bytes from 1.1.1.1: icmp_seq=0 ttl=56 time=15.610 ms --- 1.1.1.1 ping statistics --- 1 packets transmitted, 1 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 15.610/15.610/15.610/0.000 ms [] INFO[2022-08-30T11:16:25-04:00] Running command: ping -D -v -s 1480 -t 2 -c 1 1.1.1.1 PING 1.1.1.1 (1.1.1.1): 1480 data bytes ping: sendto: Message too long --- 1.1.1.1 ping statistics --- 1 packets transmitted, 0 packets received, 100.0% packet loss [openvpn-admin] DEBU[2022-08-30T11:16:27-04:00] Optimal mssfix value depending on your system is 1430 [aws_helper] DEBU[2022-08-30T11:16:27-04:00] Creating randomly named SQS queue with prefix openvpn-response [openvpn-admin] INFO[2022-08-30T11:16:27-04:00] Submitting request for new certificate to https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 [aws_helper] DEBU[2022-08-30T11:16:27-04:00] Sending message {"Username":"MY-USER","ResponseQueue":"https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00"} to queue https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-requests-openvpn-request-queue [aws_helper] DEBU[2022-08-30T11:16:27-04:00] Message id %!s(*string=0x1400071b888) sent to queue https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-requests-openvpn-request-queue [openvpn-admin] INFO[2022-08-30T11:16:27-04:00] Waiting for response from OpenVPN server [aws_helper] DEBU[2022-08-30T11:16:27-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (0s) [aws_helper] DEBU[2022-08-30T11:16:47-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (20s) [aws_helper] DEBU[2022-08-30T11:17:07-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (40s) [aws_helper] DEBU[2022-08-30T11:17:27-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (60s) [aws_helper] DEBU[2022-08-30T11:17:47-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (80s) [aws_helper] DEBU[2022-08-30T11:18:07-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (100s) [aws_helper] DEBU[2022-08-30T11:18:27-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (120s) [aws_helper] DEBU[2022-08-30T11:18:47-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (140s) [aws_helper] DEBU[2022-08-30T11:19:07-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (160s) [aws_helper] DEBU[2022-08-30T11:19:27-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (180s) [aws_helper] DEBU[2022-08-30T11:19:47-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (200s) [aws_helper] DEBU[2022-08-30T11:20:08-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (220s) [aws_helper] DEBU[2022-08-30T11:20:28-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (240s) [aws_helper] DEBU[2022-08-30T11:20:48-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (260s) [aws_helper] DEBU[2022-08-30T11:21:08-04:00] Waiting for message on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 (280s) [aws_helper] DEBU[2022-08-30T11:21:28-04:00] Deleting SQS Queue https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 ERROR: Failed to receive messages on https://sqs.us-east-1.amazonaws.com/4**********8/openvpn-response-b7d1ed64-2876-11ed-89dc-faa922a1da00 within 300 seconds ``` Any ideas what I've done wrong? Thank you --- <ins datetime="2022-08-30T15:26:18Z"> <p><a href="https://support.gruntwork.io/hc/requests/109183">Tracked in ticket #109183</a></p> </ins>

Hi @erictompkins, Your inquiry struck me as somewhat similar to [this report](https://github.com/gruntwork-io/knowledge-base/discussions/547) which I've just written up - as regards both the timeouts and the `ping: sendto: Message too long` errors you're seeing. I also don't understand yet why your SQS is being deleted at the end. Are you able to find anything else interesting in the OpenVPN logs `var/log/user-data.log`? as per [this comment](https://github.com/gruntwork-io/knowledge-base/discussions/547#discussioncomment-3511004)?