diff --git a/vpnsetup_alpine.sh b/vpnsetup_alpine.sh
index 59c13d3..885916a 100755
--- a/vpnsetup_alpine.sh
+++ b/vpnsetup_alpine.sh
@@ -194,7 +194,7 @@ install_fail2ban() {
   (
     set -x
     apk add -U -q fail2ban
-  ) || exiterr2
+  )
 }
 
 get_helper_scripts() {
@@ -487,7 +487,7 @@ EOF
   chmod +x /etc/network/if-pre-up.d/iptablesload
   sed -i '1c\#!/sbin/openrc-run' /etc/init.d/ipsec
   for svc in fail2ban ipsec xl2tpd; do
-    rc-update add "$svc" default >/dev/null
+    rc-update add "$svc" default >/dev/null 2>&1
   done
 }
 
diff --git a/vpnsetup_amzn.sh b/vpnsetup_amzn.sh
index 19d6a57..a10d839 100755
--- a/vpnsetup_amzn.sh
+++ b/vpnsetup_amzn.sh
@@ -189,12 +189,26 @@ install_vpn_pkgs_2() {
   ) || exiterr2
 }
 
+create_f2b_config() {
+  F2B_FILE=/etc/fail2ban/jail.local
+  if [ ! -f "$F2B_FILE" ]; then
+    bigecho "Creating basic Fail2Ban rules..."
+cat > "$F2B_FILE" <<'EOF'
+[ssh-iptables]
+enabled = true
+filter = sshd
+logpath = /var/log/secure
+action = iptables[name=SSH, port=ssh, protocol=tcp]
+EOF
+  fi
+}
+
 install_fail2ban() {
   bigecho "Installing Fail2Ban to protect SSH..."
   (
     set -x
     yum --enablerepo=epel -y -q install fail2ban >/dev/null
-  ) || exiterr2
+  ) && create_f2b_config
 }
 
 get_helper_scripts() {
@@ -410,20 +424,6 @@ $VPN_USER:$VPN_PASSWORD_ENC:xauth-psk
 EOF
 }
 
-create_f2b_config() {
-  F2B_FILE=/etc/fail2ban/jail.local
-  if [ ! -f "$F2B_FILE" ]; then
-    bigecho "Creating basic Fail2Ban rules..."
-cat > "$F2B_FILE" <<'EOF'
-[ssh-iptables]
-enabled = true
-filter = sshd
-logpath = /var/log/secure
-action = iptables[name=SSH, port=ssh, protocol=tcp]
-EOF
-  fi
-}
-
 update_sysctl() {
   bigecho "Updating sysctl settings..."
   if ! grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
@@ -490,7 +490,8 @@ update_iptables() {
 enable_on_boot() {
   bigecho "Enabling services on boot..."
   systemctl --now mask firewalld 2>/dev/null
-  systemctl enable iptables fail2ban 2>/dev/null
+  systemctl enable iptables 2>/dev/null
+  systemctl enable fail2ban 2>/dev/null
   if ! grep -qs "hwdsl2 VPN script" /etc/rc.local; then
     if [ -f /etc/rc.local ]; then
       conf_bk "/etc/rc.local"
@@ -606,7 +607,6 @@ vpnsetup() {
   get_libreswan
   install_libreswan
   create_vpn_config
-  create_f2b_config
   update_sysctl
   update_iptables
   enable_on_boot
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index ec789fc..89cce4c 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -279,12 +279,36 @@ install_vpn_pkgs_3() {
   fi
 }
 
+create_f2b_config() {
+  F2B_FILE=/etc/fail2ban/jail.local
+  if [ ! -f "$F2B_FILE" ]; then
+    bigecho "Creating basic Fail2Ban rules..."
+cat > "$F2B_FILE" <<'EOF'
+[ssh-iptables]
+enabled = true
+filter = sshd
+logpath = /var/log/secure
+EOF
+
+    if [ "$use_nft" = "1" ]; then
+cat >> "$F2B_FILE" <<'EOF'
+port = ssh
+banaction = nftables-multiport[blocktype=drop]
+EOF
+    else
+cat >> "$F2B_FILE" <<'EOF'
+action = iptables[name=SSH, port=ssh, protocol=tcp]
+EOF
+    fi
+  fi
+}
+
 install_fail2ban() {
   bigecho "Installing Fail2Ban to protect SSH..."
   (
     set -x
     yum "$rp1" -y -q install fail2ban >/dev/null
-  ) || exiterr2
+  ) && create_f2b_config
 }
 
 get_helper_scripts() {
@@ -500,30 +524,6 @@ $VPN_USER:$VPN_PASSWORD_ENC:xauth-psk
 EOF
 }
 
-create_f2b_config() {
-  F2B_FILE=/etc/fail2ban/jail.local
-  if [ ! -f "$F2B_FILE" ]; then
-    bigecho "Creating basic Fail2Ban rules..."
-cat > "$F2B_FILE" <<'EOF'
-[ssh-iptables]
-enabled = true
-filter = sshd
-logpath = /var/log/secure
-EOF
-
-    if [ "$use_nft" = "1" ]; then
-cat >> "$F2B_FILE" <<'EOF'
-port = ssh
-banaction = nftables-multiport[blocktype=drop]
-EOF
-    else
-cat >> "$F2B_FILE" <<'EOF'
-action = iptables[name=SSH, port=ssh, protocol=tcp]
-EOF
-    fi
-  fi
-}
-
 update_sysctl() {
   bigecho "Updating sysctl settings..."
   if ! grep -qs "hwdsl2 VPN script" /etc/sysctl.conf; then
@@ -650,9 +650,11 @@ enable_on_boot() {
   if [ "$os_type$os_ver" = "ol9" ]; then
     systemctl enable nftables 2>/dev/null
   elif [ "$use_nft" = "1" ]; then
-    systemctl enable nftables fail2ban 2>/dev/null
+    systemctl enable nftables 2>/dev/null
+    systemctl enable fail2ban 2>/dev/null
   else
-    systemctl enable iptables fail2ban 2>/dev/null
+    systemctl enable iptables 2>/dev/null
+    systemctl enable fail2ban 2>/dev/null
   fi
   if ! grep -qs "hwdsl2 VPN script" /etc/rc.local; then
     if [ -f /etc/rc.local ]; then
@@ -778,9 +780,6 @@ vpnsetup() {
   get_libreswan
   install_libreswan
   create_vpn_config
-  if [ "$os_type$os_ver" != "ol9" ]; then
-    create_f2b_config
-  fi
   update_sysctl
   update_iptables
   fix_nss_config
diff --git a/vpnsetup_ubuntu.sh b/vpnsetup_ubuntu.sh
index 186b2db..0e952e7 100755
--- a/vpnsetup_ubuntu.sh
+++ b/vpnsetup_ubuntu.sh
@@ -245,7 +245,7 @@ install_fail2ban() {
   (
     set -x
     apt-get -yqq install fail2ban >/dev/null
-  ) || exiterr2
+  )
 }
 
 get_helper_scripts() {