From owner-freebsd-questions@FreeBSD.ORG  Sat Jul 25 18:12:09 2009
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5EABF106566C
	for <freebsd-questions@freebsd.org>;
	Sat, 25 Jul 2009 18:12:09 +0000 (UTC)
	(envelope-from martinrame@yahoo.com)
Received: from web35606.mail.mud.yahoo.com (web35606.mail.mud.yahoo.com
	[66.163.179.145])
	by mx1.freebsd.org (Postfix) with SMTP id 1F4D68FC17
	for <freebsd-questions@freebsd.org>;
	Sat, 25 Jul 2009 18:12:08 +0000 (UTC)
	(envelope-from martinrame@yahoo.com)
Received: (qmail 45269 invoked by uid 60001); 25 Jul 2009 18:12:08 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024;
	t=1248545528; bh=i7nCLiWtSKl2xUzjXjf9xmE7jf2JvoBzqDITGDHIFkI=;
	h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
	b=alfMoo0F1FtvZ9U6jaj2DZjJD+pYJ+kdTrSyKi/DSxFpLRDUGHFBBdpmSv/cvuJ+w2hrWJbSaESWM7NziFYfHZgIjxbqgXNr9l50glVG9sWlLqRoZ3drr+4uBYlm+ou9XszbZQW7dhUBakpRT9LXExoOvm5EMtKe+LwgLZGL5Jo=
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com;
	h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding;
	b=LlqrwvOPysIPUVC/vSVlZ4Gk2I5Cc/Rqjglv7UCkfvrdNUSflmvt5byeY6j42NSNgfEdG6vv0raNWuSrRsT0Wx3ar8Hp7EbQjkUgPb+2cRV67J6AX1WA75RySCpD4dMkbvbtK2njhDhLwXEiCCE/sDLjbWfk9ZBv1Suhe86izjM=;
Message-ID: <484572.44978.qm@web35606.mail.mud.yahoo.com>
X-YMail-OSG: g2emhQkVM1l8mM3AeyKGtEzBqKrBDK2Y8IKZYUo2c55tUr2GQo.y1rgQzWv1G0uP_cx8ucJyowQ0HWoMOQITiJdpng0EcjERQI6Vx4T7iIPNAbow9Xo5sDpjUffspvbHLdmbAfFoNvWceGVlKw5ICtGhIMvzvOuHczccZQMtKUDj2v3UFmPV2_an.dyJVz1DAJ0peQQeRU3aMs1BtlBlwHqWb07tQefnXvnvcnzS5H2uS4lWAtVQzbg_JNnTYVRJH2Q_qhvFY5rmsLMXSkv5vm0a5Mfn1PktXrI7CzEFs19Fjf_kep5c6oyj1NjSTGf5IqUWlUg8qYA1L7wIUhhIlds5LJ4bStnDv5YvOkupI6Y-
Received: from [201.231.61.15] by web35606.mail.mud.yahoo.com via HTTP;
	Sat, 25 Jul 2009 11:12:07 PDT
X-Mailer: YahooMailClassic/6.0.19 YahooMailWebService/0.7.289.15
Date: Sat, 25 Jul 2009 11:12:07 -0700 (PDT)
From: =?iso-8859-1?Q?Leonardo_M=2E_Ram=E9?= <martinrame@yahoo.com>
To: freebsd-questions@freebsd.org
In-Reply-To: <d36406630907250956h455339c7u395efc3054d22bce@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
Subject: Re: OpenVPN Client
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Jul 2009 18:12:09 -0000


Thanks, after adding if_tun_load=3D"YES" to my /boot/loader.conf and reboot=
ing, this message appears in dmesg:=0A=0Acan't re-use a leaf (if_tun_debug)=
!=0Amodule_register: module if_tun already exists!=0AModule if_tun failed t=
o register: 17=0A=0ASo I think it is not required to add it to loader.conf.=
=0A=0AI replaced tun by tun1 in openvpn.conf, and the result is this:=0A=0A=
Sat Jul 25 15:09:46 2009 OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO] =
built on Jul 24 2009=0AEnter Auth Username:nico=0AEnter Auth Password:=0ASa=
t Jul 25 15:09:48 2009 WARNING: file '/usr/local/etc/openvpn/keys/key.key' =
is group or others accessible=0ASat Jul 25 15:09:48 2009 LZO compression in=
itialized=0ASat Jul 25 15:09:48 2009 Control Channel MTU parms [ L:1544 D:1=
40 EF:40 EB:0 ET:0 EL:0 ]=0ASat Jul 25 15:09:48 2009 Data Channel MTU parms=
 [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]=0ASat Jul 25 15:09:48 2009=
 Local Options hash (VER=3DV4): '69109d17'=0ASat Jul 25 15:09:48 2009 Expec=
ted Remote Options hash (VER=3DV4): 'c0103fa8'=0ASat Jul 25 15:09:48 2009 N=
OTE: UID/GID downgrade will be delayed because of --client, --pull, or --up=
-delay=0ASat Jul 25 15:09:48 2009 Attempting to establish TCP connection wi=
th 200.80.219.194:443=0ASat Jul 25 15:09:48 2009 TCP connection established=
 with 200.80.219.194:443=0ASat Jul 25 15:09:48 2009 TCPv4_CLIENT link local=
: [undef]=0ASat Jul 25 15:09:48 2009 TCPv4_CLIENT link remote: 200.80.219.1=
94:443=0ASat Jul 25 15:09:49 2009 Connection reset, restarting [0]=0ASat Ju=
l 25 15:09:49 2009 TCP/UDP: Closing socket=0ASat Jul 25 15:09:49 2009 SIGUS=
R1[soft,connection-reset] received, process restarting=0ASat Jul 25 15:09:4=
9 2009 Restart pause, 5 second(s)=0ASat Jul 25 15:09:50 2009 SIGINT[hard,in=
it_instance] received, process exiting=0A=0AIf I do ifconfig, the tun inter=
face appears in the list:=0A=0Andis0: flags=3D8843<UP,BROADCAST,RUNNING,SIM=
PLEX,MULTICAST> metric 0 mtu 1500=0A        ether 00:23:4d:64:d6:7a=0A     =
   inet 192.168.0.100 netmask 0xffffff00 broadcast 192.168.0.255=0A        =
media: IEEE 802.11 Wireless Ethernet autoselect=0A        status: associate=
d=0A        ssid "" channel 1 (2412 Mhz 11b)=0A        authmode OPEN privac=
y OFF bmiss 7 scanvalid 60 roaming MANUAL=0A        bintval 0=0Afwe0: flags=
=3D8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500=0A        options=3D=
8<VLAN_MTU>=0A        ether 32:4f:c0:e1:55:e1=0A        ch 1 dma -1=0Afwip0=
: flags=3D8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500=0A        lla=
ddr 33.4f.c0.0.26.e1.55.e1.a.2.ff.fe.0.0.0.0=0Alo0: flags=3D8049<UP,LOOPBAC=
K,RUNNING,MULTICAST> metric 0 mtu 16384=0A        inet6 fe80::1%lo0 prefixl=
en 64 scopeid 0x4 =0A        inet6 ::1 prefixlen 128 =0A        inet 127.0.=
0.1 netmask 0xff000000 =0Atun1: flags=3D8010<POINTOPOINT,MULTICAST> metric =
0 mtu 1500=0A=0AAny hint?=0A=0A--- On Sat, 7/25/09, chris scott <kraduk@goo=
glemail.com> wrote:=0A=0A> From: chris scott <kraduk@googlemail.com>=0A> Su=
bject: Re: OpenVPN Client=0A> To: "Leonardo M. Ram=E9" <martinrame@yahoo.co=
m>=0A> Cc: freebsd-questions@freebsd.org=0A> Date: Saturday, July 25, 2009,=
 1:56 PM=0A> 2009/7/25 Leonardo M. Ram=E9 <martinrame@yahoo.com>=0A> =0A> >=
=0A> > Hi, I'm trying to connect to an OpenVPN server in my=0A> office. To =
do this, I=0A> > installed "OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL]=0A>=
 [LZO]" from ports,=0A> > and looking at different tutorials I found it nee=
ds a=0A> config file in=0A> > /usr/local/etc/openvpn/openvpn.conf. The prob=
lem here,=0A> is that our server=0A> > provides an "client.ovpn" file conta=
ining all the=0A> connection params needed=0A> > by a client, in fact, we c=
onnect windows machines just=0A> by installing=0A> > "OpenVPN_Installer.exe=
", it configures a TAP device=0A> and a client that reads=0A> > the client.=
ovpn file.=0A> >=0A> > Now, in my FreeBSD 7.2 i386 machine, I did this:=0A>=
 >=0A> > Created the /usr/local/etc/openvpn/openvpn.conf (the=0A> port does=
n't created=0A> > it automatically) with this content:=0A> >=0A> > remote 2=
00.80.219.194.static.techtelnet.net=0A> > client=0A> > proto tcp=0A> > port=
 443=0A> > dev tun=0A> > ns-cert-type server=0A> > auth-user-pass=0A> > aut=
h-retry interact=0A> > comp-lzo=0A> > user nobody=0A> > group nobody=0A> > =
verb 3=0A> > ca /usr/local/etc/openvpn/keys/ca.key=0A> > cert /usr/local/et=
c/openvpn/keys/cert.key=0A> > key /usr/local/etc/openvpn/keys/key.key=0A> >=
=0A> > This contents are extracted from client.ovpn, and=0A> "ca", "cert" a=
nd "key"=0A> > files were extracted from the same file.=0A> >=0A> > I kldlo=
ad tun, but when I do ifconfig, it doesn't=0A> shows nothing related to=0A>=
 > tun or tap.=0A> >=0A> > Also, when I do "openvpn=0A> /usr/local/etc/open=
vpn/openvpn.conf" the results=0A> > are this:=0A> >=0A> > Sat Jul 25 11:24:=
09 2009 OpenVPN 2.0.6=0A> i386-portbld-freebsd7.2 [SSL] [LZO]=0A> > built o=
n Jul 24 2009=0A> > Enter Auth Username:nico=0A> > Enter Auth Password:****=
=0A> > Sat Jul 25 11:24:13 2009 WARNING: you are using=0A> user/group/chroo=
t without=0A> > persist-key/persist-tun -- this may cause restarts to=0A> f=
ail=0A> > Sat Jul 25 11:24:13 2009 WARNING: file=0A> > '/usr/local/etc/open=
vpn/keys/key.key' is group or=0A> others accessible=0A> > Sat Jul 25 11:24:=
13 2009 LZO compression initialized=0A> > Sat Jul 25 11:24:13 2009 Control =
Channel MTU parms [=0A> L:1544 D:140 EF:40=0A> > EB:0 ET:0 EL:0 ]=0A> > Sat=
 Jul 25 11:24:13 2009 Data Channel MTU parms [=0A> L:1544 D:1450 EF:44=0A> =
> EB:135 ET:0 EL:0 AF:3/1 ]=0A> > Sat Jul 25 11:24:13 2009 Local Options ha=
sh (VER=3DV4):=0A> '69109d17'=0A> > Sat Jul 25 11:24:13 2009 Expected Remot=
e Options hash=0A> (VER=3DV4): 'c0103fa8'=0A> > Sat Jul 25 11:24:13 2009 NO=
TE: UID/GID downgrade will=0A> be delayed because of=0A> > --client, --pull=
, or --up-delay=0A> > Sat Jul 25 11:24:13 2009 Attempting to establish TCP=
=0A> connection with=0A> > 200.80.219.194:443=0A> > Sat Jul 25 11:24:13 200=
9 TCP connection established=0A> with=0A> > 200.80.219.194:443=0A> > Sat Ju=
l 25 11:24:13 2009 TCPv4_CLIENT link local:=0A> [undef]=0A> > Sat Jul 25 11=
:24:13 2009 TCPv4_CLIENT link remote:=0A> 200.80.219.194:443=0A> > Sat Jul =
25 11:24:13 2009 Connection reset, restarting=0A> [0]=0A> > Sat Jul 25 11:2=
4:13 2009 TCP/UDP: Closing socket=0A> > Sat Jul 25 11:24:13 2009=0A> SIGUSR=
1[soft,connection-reset] received, process=0A> > restarting=0A> > Sat Jul 2=
5 11:24:13 2009 Restart pause, 5 second(s)=0A> >=0A> > In my /etc/rc.conf I=
 have openvpn_if=3D"tun", I don't=0A> load the tun nor tap=0A> > interface =
at boot, I just want to load it with=0A> kldload.=0A> >=0A> > uname -a:=0A>=
 > FreeBSD inspiron.local 7.2-RELEASE FreeBSD 7.2-RELEASE=0A> #0: Fri May=
=A0 1=0A> > 08:49:13 UTC 2009=A0 =A0=A0=A0root@walker.cse.buffalo.edu:/usr/=
obj/usr/src/sys/GENERIC=0A> >=A0 i386=0A> >=0A> > ifconfig:=0A> > ndis0:=0A=
> flags=3D8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST>=0A> metric 0 mtu 150=
0=0A> >=A0 =A0 =A0 =A0 ether 00:23:4d:64:d6:7a=0A> >=A0 =A0 =A0 =A0 inet 19=
2.168.0.100 netmask=0A> 0xffffff00 broadcast 192.168.0.255=0A> >=A0 =A0 =A0=
 =A0 media: IEEE 802.11 Wireless=0A> Ethernet autoselect=0A> >=A0 =A0 =A0 =
=A0 status: associated=0A> >=A0 =A0 =A0 =A0 ssid "" channel 1 (2412 Mhz=0A>=
 11b)=0A> >=A0 =A0 =A0 =A0 authmode OPEN privacy OFF=0A> bmiss 7 scanvalid =
60 roaming MANUAL=0A> >=A0 =A0 =A0 =A0 bintval 0=0A> > fwe0: flags=3D8802<B=
ROADCAST,SIMPLEX,MULTICAST>=0A> metric 0 mtu 1500=0A> >=A0 =A0 =A0 =A0 opti=
ons=3D8<VLAN_MTU>=0A> >=A0 =A0 =A0 =A0 ether 32:4f:c0:e1:55:e1=0A> >=A0 =A0=
 =A0 =A0 ch 1 dma -1=0A> > fwip0: flags=3D8802<BROADCAST,SIMPLEX,MULTICAST>=
=0A> metric 0 mtu 1500=0A> >=A0 =A0 =A0 =A0 lladdr=0A> 33.4f.c0.0.26.e1.55.=
e1.a.2.ff.fe.0.0.0.0=0A> > lo0: flags=3D8049<UP,LOOPBACK,RUNNING,MULTICAST>=
=0A> metric 0 mtu 16384=0A> >=A0 =A0 =A0 =A0 inet6 fe80::1%lo0 prefixlen=0A=
> 64 scopeid 0x4=0A> >=A0 =A0 =A0 =A0 inet6 ::1 prefixlen 128=0A> >=A0 =A0 =
=A0 =A0 inet 127.0.0.1 netmask=0A> 0xff000000=0A> >=0A> > Thanks in advance=
,=0A> > Leonardo M. Ram=E9=0A> >=0A> >=0A> >=0A> > ________________________=
_______________________=0A> > freebsd-questions@freebsd.org=0A> mailing lis=
t=0A> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions=0A> > T=
o unsubscribe, send any mail to "=0A> > freebsd-questions-unsubscribe@freeb=
sd.org"=0A> >=0A> =0A> =0A> make sure you have the tap kernel module loaded=
=0A> =0A> kldload /boot/kernel/if_tap.ko=0A> =0A> to make sure its there af=
ter boot do add=0A> if_tap_load=3D"yes"=0A> to your /boot/loader.conf=0A> =
=0A> When used openvpn i also added=0A> =0A> cloned_interfaces=3D"tun1"=0A>=
 =0A> to my rc.conf , then=A0 reinitialize the network stack=0A> by=A0 runn=
ing=0A> /etc/netstart=0A> =0A> =0A> I also set the open vpn client to expli=
citly use tun1=0A> _______________________________________________=0A> free=
bsd-questions@freebsd.org=0A> mailing list=0A> http://lists.freebsd.org/mai=
lman/listinfo/freebsd-questions=0A> To unsubscribe, send any mail to "freeb=
sd-questions-unsubscribe@freebsd.org"=0A> =0A=0A=0A