Date: Sat, 25 Jul 2009 17:56:11 +0100 From: chris scott <kraduk@googlemail.com> To: =?ISO-8859-1?Q?Leonardo_M=2E_Ram=E9?= <martinrame@yahoo.com> Cc: freebsd-questions@freebsd.org Subject: Re: OpenVPN Client Message-ID: <d36406630907250956h455339c7u395efc3054d22bce@mail.gmail.com> In-Reply-To: <288826.64593.qm@web35603.mail.mud.yahoo.com> References: <288826.64593.qm@web35603.mail.mud.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
2009/7/25 Leonardo M. Ram=E9 <martinrame@yahoo.com> > > Hi, I'm trying to connect to an OpenVPN server in my office. To do this, = I > installed "OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO]" from ports, > and looking at different tutorials I found it needs a config file in > /usr/local/etc/openvpn/openvpn.conf. The problem here, is that our server > provides an "client.ovpn" file containing all the connection params neede= d > by a client, in fact, we connect windows machines just by installing > "OpenVPN_Installer.exe", it configures a TAP device and a client that rea= ds > the client.ovpn file. > > Now, in my FreeBSD 7.2 i386 machine, I did this: > > Created the /usr/local/etc/openvpn/openvpn.conf (the port doesn't created > it automatically) with this content: > > remote 200.80.219.194.static.techtelnet.net > client > proto tcp > port 443 > dev tun > ns-cert-type server > auth-user-pass > auth-retry interact > comp-lzo > user nobody > group nobody > verb 3 > ca /usr/local/etc/openvpn/keys/ca.key > cert /usr/local/etc/openvpn/keys/cert.key > key /usr/local/etc/openvpn/keys/key.key > > This contents are extracted from client.ovpn, and "ca", "cert" and "key" > files were extracted from the same file. > > I kldload tun, but when I do ifconfig, it doesn't shows nothing related t= o > tun or tap. > > Also, when I do "openvpn /usr/local/etc/openvpn/openvpn.conf" the results > are this: > > Sat Jul 25 11:24:09 2009 OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO= ] > built on Jul 24 2009 > Enter Auth Username:nico > Enter Auth Password:**** > Sat Jul 25 11:24:13 2009 WARNING: you are using user/group/chroot without > persist-key/persist-tun -- this may cause restarts to fail > Sat Jul 25 11:24:13 2009 WARNING: file > '/usr/local/etc/openvpn/keys/key.key' is group or others accessible > Sat Jul 25 11:24:13 2009 LZO compression initialized > Sat Jul 25 11:24:13 2009 Control Channel MTU parms [ L:1544 D:140 EF:40 > EB:0 ET:0 EL:0 ] > Sat Jul 25 11:24:13 2009 Data Channel MTU parms [ L:1544 D:1450 EF:44 > EB:135 ET:0 EL:0 AF:3/1 ] > Sat Jul 25 11:24:13 2009 Local Options hash (VER=3DV4): '69109d17' > Sat Jul 25 11:24:13 2009 Expected Remote Options hash (VER=3DV4): 'c0103f= a8' > Sat Jul 25 11:24:13 2009 NOTE: UID/GID downgrade will be delayed because = of > --client, --pull, or --up-delay > Sat Jul 25 11:24:13 2009 Attempting to establish TCP connection with > 200.80.219.194:443 > Sat Jul 25 11:24:13 2009 TCP connection established with > 200.80.219.194:443 > Sat Jul 25 11:24:13 2009 TCPv4_CLIENT link local: [undef] > Sat Jul 25 11:24:13 2009 TCPv4_CLIENT link remote: 200.80.219.194:443 > Sat Jul 25 11:24:13 2009 Connection reset, restarting [0] > Sat Jul 25 11:24:13 2009 TCP/UDP: Closing socket > Sat Jul 25 11:24:13 2009 SIGUSR1[soft,connection-reset] received, process > restarting > Sat Jul 25 11:24:13 2009 Restart pause, 5 second(s) > > In my /etc/rc.conf I have openvpn_if=3D"tun", I don't load the tun nor ta= p > interface at boot, I just want to load it with kldload. > > uname -a: > FreeBSD inspiron.local 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Fri May 1 > 08:49:13 UTC 2009 root@walker.cse.buffalo.edu:/usr/obj/usr/src/sys/GE= NERIC > i386 > > ifconfig: > ndis0: flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu = 1500 > ether 00:23:4d:64:d6:7a > inet 192.168.0.100 netmask 0xffffff00 broadcast 192.168.0.255 > media: IEEE 802.11 Wireless Ethernet autoselect > status: associated > ssid "" channel 1 (2412 Mhz 11b) > authmode OPEN privacy OFF bmiss 7 scanvalid 60 roaming MANUAL > bintval 0 > fwe0: flags=3D8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 > options=3D8<VLAN_MTU> > ether 32:4f:c0:e1:55:e1 > ch 1 dma -1 > fwip0: flags=3D8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 > lladdr 33.4f.c0.0.26.e1.55.e1.a.2.ff.fe.0.0.0.0 > lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 > inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 > inet6 ::1 prefixlen 128 > inet 127.0.0.1 netmask 0xff000000 > > Thanks in advance, > Leonardo M. Ram=E9 > > > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to " > freebsd-questions-unsubscribe@freebsd.org" > make sure you have the tap kernel module loaded kldload /boot/kernel/if_tap.ko to make sure its there after boot do add if_tap_load=3D"yes" to your /boot/loader.conf When used openvpn i also added cloned_interfaces=3D"tun1" to my rc.conf , then reinitialize the network stack by running /etc/netstart I also set the open vpn client to explicitly use tun1
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?d36406630907250956h455339c7u395efc3054d22bce>