Thanks, after adding if_tun_load="YES" to my /boot/loader.conf and rebooting, this message appears in dmesg:
can't re-use a leaf (if_tun_debug)! module_register: module if_tun already exists! Module if_tun failed to register: 17 So I think it is not required to add it to loader.conf. I replaced tun by tun1 in openvpn.conf, and the result is this: Sat Jul 25 15:09:46 2009 OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO] built on Jul 24 2009 Enter Auth Username:nico Enter Auth Password: Sat Jul 25 15:09:48 2009 WARNING: file '/usr/local/etc/openvpn/keys/key.key' is group or others accessible Sat Jul 25 15:09:48 2009 LZO compression initialized Sat Jul 25 15:09:48 2009 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ] Sat Jul 25 15:09:48 2009 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ] Sat Jul 25 15:09:48 2009 Local Options hash (VER=V4): '69109d17' Sat Jul 25 15:09:48 2009 Expected Remote Options hash (VER=V4): 'c0103fa8' Sat Jul 25 15:09:48 2009 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay Sat Jul 25 15:09:48 2009 Attempting to establish TCP connection with 200.80.219.194:443 Sat Jul 25 15:09:48 2009 TCP connection established with 200.80.219.194:443 Sat Jul 25 15:09:48 2009 TCPv4_CLIENT link local: [undef] Sat Jul 25 15:09:48 2009 TCPv4_CLIENT link remote: 200.80.219.194:443 Sat Jul 25 15:09:49 2009 Connection reset, restarting [0] Sat Jul 25 15:09:49 2009 TCP/UDP: Closing socket Sat Jul 25 15:09:49 2009 SIGUSR1[soft,connection-reset] received, process restarting Sat Jul 25 15:09:49 2009 Restart pause, 5 second(s) Sat Jul 25 15:09:50 2009 SIGINT[hard,init_instance] received, process exiting If I do ifconfig, the tun interface appears in the list: ndis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 ether 00:23:4d:64:d6:7a inet 192.168.0.100 netmask 0xffffff00 broadcast 192.168.0.255 media: IEEE 802.11 Wireless Ethernet autoselect status: associated ssid "" channel 1 (2412 Mhz 11b) authmode OPEN privacy OFF bmiss 7 scanvalid 60 roaming MANUAL bintval 0 fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=8<VLAN_MTU> ether 32:4f:c0:e1:55:e1 ch 1 dma -1 fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 lladdr 33.4f.c0.0.26.e1.55.e1.a.2.ff.fe.0.0.0.0 lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet6 ::1 prefixlen 128 inet 127.0.0.1 netmask 0xff000000 tun1: flags=8010<POINTOPOINT,MULTICAST> metric 0 mtu 1500 Any hint? --- On Sat, 7/25/09, chris scott <kra...@googlemail.com> wrote: > From: chris scott <kra...@googlemail.com> > Subject: Re: OpenVPN Client > To: "Leonardo M. Ramé" <martinr...@yahoo.com> > Cc: freebsd-questions@freebsd.org > Date: Saturday, July 25, 2009, 1:56 PM > 2009/7/25 Leonardo M. Ramé <martinr...@yahoo.com> > > > > > Hi, I'm trying to connect to an OpenVPN server in my > office. To do this, I > > installed "OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] > [LZO]" from ports, > > and looking at different tutorials I found it needs a > config file in > > /usr/local/etc/openvpn/openvpn.conf. The problem here, > is that our server > > provides an "client.ovpn" file containing all the > connection params needed > > by a client, in fact, we connect windows machines just > by installing > > "OpenVPN_Installer.exe", it configures a TAP device > and a client that reads > > the client.ovpn file. > > > > Now, in my FreeBSD 7.2 i386 machine, I did this: > > > > Created the /usr/local/etc/openvpn/openvpn.conf (the > port doesn't created > > it automatically) with this content: > > > > remote 200.80.219.194.static.techtelnet.net > > client > > proto tcp > > port 443 > > dev tun > > ns-cert-type server > > auth-user-pass > > auth-retry interact > > comp-lzo > > user nobody > > group nobody > > verb 3 > > ca /usr/local/etc/openvpn/keys/ca.key > > cert /usr/local/etc/openvpn/keys/cert.key > > key /usr/local/etc/openvpn/keys/key.key > > > > This contents are extracted from client.ovpn, and > "ca", "cert" and "key" > > files were extracted from the same file. > > > > I kldload tun, but when I do ifconfig, it doesn't > shows nothing related to > > tun or tap. > > > > Also, when I do "openvpn > /usr/local/etc/openvpn/openvpn.conf" the results > > are this: > > > > Sat Jul 25 11:24:09 2009 OpenVPN 2.0.6 > i386-portbld-freebsd7.2 [SSL] [LZO] > > built on Jul 24 2009 > > Enter Auth Username:nico > > Enter Auth Password:**** > > Sat Jul 25 11:24:13 2009 WARNING: you are using > user/group/chroot without > > persist-key/persist-tun -- this may cause restarts to > fail > > Sat Jul 25 11:24:13 2009 WARNING: file > > '/usr/local/etc/openvpn/keys/key.key' is group or > others accessible > > Sat Jul 25 11:24:13 2009 LZO compression initialized > > Sat Jul 25 11:24:13 2009 Control Channel MTU parms [ > L:1544 D:140 EF:40 > > EB:0 ET:0 EL:0 ] > > Sat Jul 25 11:24:13 2009 Data Channel MTU parms [ > L:1544 D:1450 EF:44 > > EB:135 ET:0 EL:0 AF:3/1 ] > > Sat Jul 25 11:24:13 2009 Local Options hash (VER=V4): > '69109d17' > > Sat Jul 25 11:24:13 2009 Expected Remote Options hash > (VER=V4): 'c0103fa8' > > Sat Jul 25 11:24:13 2009 NOTE: UID/GID downgrade will > be delayed because of > > --client, --pull, or --up-delay > > Sat Jul 25 11:24:13 2009 Attempting to establish TCP > connection with > > 200.80.219.194:443 > > Sat Jul 25 11:24:13 2009 TCP connection established > with > > 200.80.219.194:443 > > Sat Jul 25 11:24:13 2009 TCPv4_CLIENT link local: > [undef] > > Sat Jul 25 11:24:13 2009 TCPv4_CLIENT link remote: > 200.80.219.194:443 > > Sat Jul 25 11:24:13 2009 Connection reset, restarting > [0] > > Sat Jul 25 11:24:13 2009 TCP/UDP: Closing socket > > Sat Jul 25 11:24:13 2009 > SIGUSR1[soft,connection-reset] received, process > > restarting > > Sat Jul 25 11:24:13 2009 Restart pause, 5 second(s) > > > > In my /etc/rc.conf I have openvpn_if="tun", I don't > load the tun nor tap > > interface at boot, I just want to load it with > kldload. > > > > uname -a: > > FreeBSD inspiron.local 7.2-RELEASE FreeBSD 7.2-RELEASE > #0: Fri May 1 > > 08:49:13 UTC 2009 > > r...@walker.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC > > i386 > > > > ifconfig: > > ndis0: > flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> > metric 0 mtu 1500 > > ether 00:23:4d:64:d6:7a > > inet 192.168.0.100 netmask > 0xffffff00 broadcast 192.168.0.255 > > media: IEEE 802.11 Wireless > Ethernet autoselect > > status: associated > > ssid "" channel 1 (2412 Mhz > 11b) > > authmode OPEN privacy OFF > bmiss 7 scanvalid 60 roaming MANUAL > > bintval 0 > > fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> > metric 0 mtu 1500 > > options=8<VLAN_MTU> > > ether 32:4f:c0:e1:55:e1 > > ch 1 dma -1 > > fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> > metric 0 mtu 1500 > > lladdr > 33.4f.c0.0.26.e1.55.e1.a.2.ff.fe.0.0.0.0 > > lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> > metric 0 mtu 16384 > > inet6 fe80::1%lo0 prefixlen > 64 scopeid 0x4 > > inet6 ::1 prefixlen 128 > > inet 127.0.0.1 netmask > 0xff000000 > > > > Thanks in advance, > > Leonardo M. Ramé > > > > > > > > _______________________________________________ > > freebsd-questions@freebsd.org > mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > > To unsubscribe, send any mail to " > > freebsd-questions-unsubscr...@freebsd.org" > > > > > make sure you have the tap kernel module loaded > > kldload /boot/kernel/if_tap.ko > > to make sure its there after boot do add > if_tap_load="yes" > to your /boot/loader.conf > > When used openvpn i also added > > cloned_interfaces="tun1" > > to my rc.conf , then reinitialize the network stack > by running > /etc/netstart > > > I also set the open vpn client to explicitly use tun1 > _______________________________________________ > freebsd-questions@freebsd.org > mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org" > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"