Hi There, It's my first post at that mailing list, so I would like say "Hello" to all of us! :)
I have a problem with running one OpenVPN tunnel with TAP driver under OpenSolaris (SunOS 5.11 snv_96). TUN driver works well for me for my another OpenVPN tunnels, but for that one unfortunately I need TAP. I have installed Blastwave's IPSopenvpn, IPStun and IPStap packages. BTW, thanks a lot, Blastwave people for your work! :) It seems that OpenVPN is 2.0.9 and probably it has been applied against Solaris/TAP patch [1]. When I try to run that tunnel, then it fails with the following messages: [EMAIL PROTECTED]:~# /opt/csw/sbin/openvpn --config /etc/csw/openvpn/MyTunnel.conf Wed Oct 1 10:30:05 2008 OpenVPN 2.0.9 i386-pc-solaris2.8 [SSL] [LZO] built on Aug 9 2007 Wed Oct 1 10:30:05 2008 LZO compression initialized Wed Oct 1 10:30:05 2008 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ] Wed Oct 1 10:30:05 2008 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ] Wed Oct 1 10:30:05 2008 Local Options hash (VER=V4): 'd79ca330' Wed Oct 1 10:30:05 2008 Expected Remote Options hash (VER=V4): 'f7df56b8' Wed Oct 1 10:30:05 2008 UDPv4 link local: [undef] Wed Oct 1 10:30:05 2008 UDPv4 link remote: 111.222.333.161:1195 Wed Oct 1 10:30:05 2008 TLS: Initial packet from 111.222.333.161:1195, sid=3c2822fc ac09731f Wed Oct 1 10:30:05 2008 VERIFY OK: depth=1, /C=PL/ST=NA/L=MyCity/O=MyUnit-VPNs/[EMAIL PROTECTED] Wed Oct 1 10:30:05 2008 VERIFY OK: nsCertType=SERVER Wed Oct 1 10:30:05 2008 VERIFY OK: depth=0, /C=PL/ST=NA/O=MyUnit-VPNs/CN=MySrv/[EMAIL PROTECTED] Wed Oct 1 10:30:05 2008 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Oct 1 10:30:05 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Oct 1 10:30:05 2008 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key Wed Oct 1 10:30:05 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Wed Oct 1 10:30:05 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA Wed Oct 1 10:30:05 2008 [MySrv] Peer Connection Initiated with 111.222.333.161:1195 Wed Oct 1 10:30:06 2008 SENT CONTROL [MySrv]: 'PUSH_REQUEST' (status=1) Wed Oct 1 10:30:06 2008 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,ping 5,ping-restart 30,route-gateway 111.222.333.193,ping 10,ping-restart 120,ifconfig 111.222.333.196 255.255.255.224' Wed Oct 1 10:30:06 2008 OPTIONS IMPORT: timers and/or timeouts modified Wed Oct 1 10:30:06 2008 OPTIONS IMPORT: --ifconfig/up options modified Wed Oct 1 10:30:06 2008 OPTIONS IMPORT: route options modified Wed Oct 1 10:30:06 2008 I_POP failed : Invalid argument (errno=22) Wed Oct 1 10:30:06 2008 Exiting [EMAIL PROTECTED]:~# I was googling about that "I_POP failed" error, but I've not found any interesting results :( Below is the configuration of my tunnel: [EMAIL PROTECTED]:~# cat /etc/csw/openvpn/MyTunnel.conf client remote 111.222.333.161 pull port 1195 proto udp dev tap ca /etc/csw/openvpn/MyTunnel/MyTunnel-ca.crt cert /etc/csw/openvpn/MyTunnel/my.crt key /etc/csw/openvpn/MyTunnel/my.key resolv-retry infinite nobind persist-key persist-tun keepalive 10 120 comp-lzo verb 3 ns-cert-type server I have checked that I have /dev/tap device on my OpenSolaris box and appropriate driver is loaded: [EMAIL PROTECTED]:~# ls -l /dev/tap lrwxrwxrwx 1 root root 29 2008-09-30 14:05 /dev/tap -> ../devices/pseudo/[EMAIL PROTECTED]:tap [EMAIL PROTECTED]:~# [EMAIL PROTECTED]:~# ls -l /devices/pseudo/[EMAIL PROTECTED]:tap crw------- 1 root sys 11, 265 2008-10-01 10:30 /devices/pseudo/[EMAIL PROTECTED]:tap [EMAIL PROTECTED]:~# modinfo |grep tap 249 fa6b9000 16e4 265 1 tap (TUN/TAP driver 1.1 08/09/2007) [EMAIL PROTECTED]:~# Do you have any ideas how to resolve that issue? My best regards, Pawel Tecza [1] http://www.whiteboard.ne.jp/~admin2/tuntap/ _______________________________________________ networking-discuss mailing list [email protected]
