Skip to content

Instantly share code, notes, and snippets.

@cpburnz

cpburnz/README.md

Last active December 30, 2023 17:17
Show Gist options
  • Save cpburnz/fee9e4471a9c2f3301a3803c05cd547a to your computer and use it in GitHub Desktop.
Save cpburnz/fee9e4471a9c2f3301a3803c05cd547a to your computer and use it in GitHub Desktop.
Download ZIP
Upgrade OpenVPN Access Server from 2.5.2 to 2.8.8 on Ubuntu 16.04 Xenial
Raw
README.md

OpenVPN Access Server 2.5.2 on Ubuntu 16.04 can no longer connect to the OpenVPN licence server (as of some time in 2023). This can be temporarily fixed by upgrading to 2.8.8 which still works (as of 2023-12-30 at least). According to OpenVPN's Keeping Access Server Updated, the openvpn-as package is not installed through the repositories until 2.7.5. If you happen to be on an earlier version, say 2.5.2, you need to setup the repository. The instructions for Ubuntu 16.04 are out-of-date if you can find them.

OpenVPN Repo for Ubuntu 16.04 Xenial

NOTE: All commands are assumed to be run as root. If not running as root, use the sudo command where appropriate.

Download the OpenVPN repo signing key (The curl command can be used, but only wget was available on my machine):

wget 'https://as-repository.openvpn.net/as-repo-public.asc'

Install OpenVPN signing key:

apt-key add as-repo-public.asc

Add OpenVPN repo by creating /etc/apt/sources.list.d/openvpn.list:

echo 'deb [arch=amd64] http://as-repository.openvpn.net/as/debian xenial main' > /etc/apt/sources.list.d/openvpn.list

Refresh APT sources:

apt-get update

Verify openvpn-as 2.8.8 is available:

apt-cache show openvpn-as | grep 'Version'

At the top of the output should be:

Version: 2.8.8-cbf850a0-Ubuntu16

If everything looks good, perform a distribution upgrade (openvpn-as would not upgrade for me otherwise):

apt-get dist-upgrade

The upgrade may prompt you about /etc/issue being changed. I kept the original because it was going to be changed from "OpenVPN ..." to "Ubuntu 16.04 ...". During the upgrade, your VPN connection may break (only upgrade the VPN remotely if you like to live dangerously on the weekend). Give it a couple minutes to finish upgrading, and reconnect. Then reboot the system as recommended:

reboot

Give it a couple minutes again to boot. The system should automatically reverify with the OpenVPN license server. You can verify the license by running:

/usr/local/openvpn_as/scripts/liman info

If OpenVPN was able to verify the license, the output should look like:

INFO {'apc': False, 'concurrent_connections': 123}

Where 123 is any number greater than 2. Enjoy not having to build a new VPN server over the holidays.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment