Having SElinux enabled always make such things more "interesting".
Openvpn service has started up but in the logs I have found following alerts:
May 22 11:26:30 rhs333 setroubleshoot: SELinux is preventing the openvpn (openvpn_t) from connecting to port 5517. For complete SELinux messages. run sealert -l afe57636-f6d8-4df9-b9c3-1f2d25784025
You can find currently allowed ports by running:
# semanage port -l | grep openvpn_port_t
openvpn_port_t tcp 1194, 9997
openvpn_port_t udp 1194
Adding non-standard port is easy:
# semanage port -a -t openvpn_port_t -p tcp 5517
Finally restart openvpn service and it should work fine.
No comments:
Post a Comment