Where are the OpenVPN connection logs and configuration files?
I have problem connecting to OpenVPN server. Where are OpenVPN log files and how do I find the connection details?
25 Answers
If you are using the network manager plugin (network-manager-openvpn), look into /var/log/syslog
This should give you the last logs of openvpn:
$ grep VPN /var/log/syslogConnection details are to be found in /etc/openvpn/
3By default, in most distros, OpenVPN log output goes to the syslog, which is usually at /var/log/syslog
However, your config files can set the logfile location explicitly, e.g.:
log-append /var/log/openvpn.logThis works for both OpenVPN clients and servers. OpenVPN config files are usually located in /etc/openvpn and usually named *.conf. server.conf is canonical; client config filenames are usually like <client name/>.conf.
Log file location
On servers, OpenVPN is usually run as a system service, i.e., started with the--daemon option. According to the OpenVPN man page, using the --daemon [progname]option has the following effect:
Become a daemon after all initialization functions are completed. This option will cause all message and error output to be sent to the syslog file (such as
/var/log/messages), except for the output of scripts and ifconfig commands, which will go to/dev/nullunless otherwise redirected. The syslog redirection occurs immediately at the point that--daemonis parsed on the command line even though the daemonization point occurs later. If one of the--logoptions is present, it will supercede (sic) syslog redirection.
Use either of the --log file or --log-append file options if you want OpenVPN
messages to be logged to a different file. The --log option causes the
specified log file to be over-written each time the OpenVPN daemon starts
while the --log-append option adds new entries to the log file. These
options can also be set in the OpenVPN configuration file, e.g.,
log /var/log/openvpn.logVerbosity
The --verb option can be used to set the log file verbosity from 0 (no
output except for fatal errors) to 11 (for maximum debugging information).
The man page specifies levels of 1 to 4 as the appropriate range for normal
usage. This behaviour can be set in the OpenVPN configuration file, e.g.,
verb 3Use the -l or --syslog argument calling openconnect. Now you can check with tail -f /var/log/syslog
It is supposed to be in your home directory (home directory of the user whom executing it), eg ~. Running an ls -l command will perhaps reveal it. On the other hand, you may start openvpn with --debug option to capture what's happening realtime on the terminal.
