Openvpn port is not acessible from outside server

Reference that I used: https://www.cyberciti.biz/faq/centos-7-0-set-up-openvpn-server-in-5-minutes/

I configured OPENVPN server on CentOS7. It seems up

[root@linux ~]# nmap -sU linux.domain.com -p 1194

Starting Nmap 6.40 ( http://nmap.org ) at 2023-05-16 18:34 CEST
Nmap scan report for linux.domain.com (163.179.xxx.xxx)
Host is up.
PORT     STATE         SERVICE
1194/udp open|filtered openvpn

Nmap done: 1 IP address (1 host up) scanned in 2.11 seconds
[root@linux ~]# 

When I check as following its active as [email protected]:

[root@linux ~]# systemctl status [email protected]
â [email protected] - OpenVPN service for server
   Loaded: loaded (/etc/systemd/system/[email protected]; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2023-05-16 17:42:29 CEST; 45min ago
     Docs: man:openvpn(8)
           https://community.openvpn.net/openvpn/wiki/Openvpn24ManPage
           https://community.openvpn.net/openvpn/wiki/HOWTO
 Main PID: 18917 (openvpn)
   Status: "Initialization Sequence Completed"
   CGroup: /system.slice/system-openvpn\x2dserver.slice/[email protected]
           ââ18917 /usr/sbin/openvpn --status /run/openvpn-server/status-server.log --status-version 2 --suppress-timestamps --config server.conf

And when I check as [email protected]

[root@linux ~]# sudo systemctl status [email protected]
â [email protected] - OpenVPN Robust And Highly Flexible Tunneling Application On server
   Loaded: loaded (/usr/lib/systemd/system/[email protected]; enabled; vendor preset: disabled)
   Active: failed (Result: exit-code) since Tue 2023-05-16 18:22:50 CEST; 3min 23s ago
  Process: 22518 ExecStart=/usr/sbin/openvpn --cd /etc/openvpn/ --config %i.conf (code=exited, status=1/FAILURE)
 Main PID: 22518 (code=exited, status=1/FAILURE)
   Status: "Pre-connection initialization successful"

I am checking the process and it says:

[root@linux ~]# netstat -tulp | grep openvpn
udp        0      0 0.0.0.0:openvpn         0.0.0.0:*                           18917/openvpn

I am checking its port https://ping.eu/port-chk/ says: Closed whereas I added it in my iptables:

iptables -A INPUT -p tcp -m tcp --dport 1194 -j ACCEPT
iptables -A INPUT -p udp -m udp --dport 1194 -j ACCEPT

Here is my server.conf file:

port 1194
proto udp
dev tun
user nobody
group nobody
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 94.xxx.xxx.xxx"
push "dhcp-option DNS 94.xxx.xxx.xxx"
push "redirect-gateway def1 bypass-dhcp"
dh none
ecdh-curve prime256v1
tls-crypt /etc/openvpn/tls-crypt.key
crl-verify /etc/openvpn/crl.pem
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server_szio3MfsApd8cnHE.crt
key /etc/openvpn/server_szio3MfsApd8cnHE.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3

Please advise why its not working

Best regards

There's many factors that could be affecting here and server configuration is just one part of it. For instance, the site used to check the port (https://ping.eu/port-chk/) is for TCP, while OpenVPN is listening through UDP. Try using nmap from a remote computer in order to test specifically for UDP.

Other elements like external firewalls should also be taken into consideration.

You're using a third party script to set up OpenVPN. The first systemctl status looks like the correct one according to the script. I'd suggest asking directly in the script repository for more specific details if other tests fail and point towards an error in configuration (https://github.com/Angristan/openvpn-install).