Václav Haisman
2006-Sep-22 05:41 UTC
Problems with OpenVPN+routing and creating tun0 interface
Hi, I want to set up OpenVPN to create and configure tun0 interface and connect to OpenVPN server. The main obstacle seems to be my inability to configure either OpenVPN or FreeBSD to actually create that tun0 interface. If I try to create it manually I get this: $ ifconfig -v tun create inet 192.168.23.203 192.168.23.1 ifconfig: SIOCIFCREATE: Invalid argument The kernel config has the "device tun" line and there are tun[0-3] in /dev. So what am I doing wrong? -- Vaclav Haisman -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 542 bytes Desc: OpenPGP digital signature Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20060922/a1ef8ba7/signature.pgp
Dominic Marks
2006-Sep-22 05:55 UTC
Problems with OpenVPN+routing and creating tun0 interface
V?clav Haisman wrote:> Hi, > I want to set up OpenVPN to create and configure tun0 interface and > connect to OpenVPN server. The main obstacle seems to be my inability to > configure either OpenVPN or FreeBSD to actually create that tun0 interface. > > If I try to create it manually I get this: > > $ ifconfig -v tun create inet 192.168.23.203 192.168.23.1 > ifconfig: SIOCIFCREATE: Invalid argument > > The kernel config has the "device tun" line and there are tun[0-3] in /dev. > > So what am I doing wrong? > > -- > Vaclav Haisman >I always let OpenVPN create them for me. Just starting the openvpn process seems to do the magic. What happens when you try and do that? Thanks, Dominic
Jussi, Petteri Nummikko
2006-Sep-22 06:25 UTC
Problems with OpenVPN+routing and creating tun0 interface
V?clav Haisman wrote:> Hi, > I want to set up OpenVPN to create and configure tun0 interface and > connect to OpenVPN server. The main obstacle seems to be my inability to > configure either OpenVPN or FreeBSD to actually create that tun0 interface. > > If I try to create it manually I get this: > > $ ifconfig -v tun create inet 192.168.23.203 192.168.23.1 > ifconfig: SIOCIFCREATE: Invalid argument > > The kernel config has the "device tun" line and there are tun[0-3] in /dev. > > So what am I doing wrong? > > -- > Vaclav Haisman >I had the same problem in 6.0 but not anymore in 6.1. If I remember correctly how I fixed it in 6.0, I just echoed null to /dev/tun0. But if you already have those devices I'm not sure anymore. Are you specifying the device in openvpn.con as "dev tun" or "dev tun[n]"? In 6.1 releng I have only "dev tun" and it creates the device by itself. But in OpenBSD I have to specify the device number also, even if there was just one of them.
Václav Haisman
2006-Sep-22 07:23 UTC
Problems with OpenVPN+routing and creating tun0 interface
V?clav Haisman wrote, On 22.9.2006 14:41:> Hi, > I want to set up OpenVPN to create and configure tun0 interface and > connect to OpenVPN server. The main obstacle seems to be my inability to > configure either OpenVPN or FreeBSD to actually create that tun0 interface. > > If I try to create it manually I get this: > > $ ifconfig -v tun create inet 192.168.23.203 192.168.23.1 > ifconfig: SIOCIFCREATE: Invalid argument > > The kernel config has the "device tun" line and there are tun[0-3] in /dev. > > So what am I doing wrong? > > -- > Vaclav Haisman >The problme was on the server, it had my address restricted in firewall. I managed to make the tunnel. And I could ping the 192.168.23.1 address from mine 192.168.23.4. I had to restart the serivce because I did some changes to the OpenVPN client configuraton. Now I cannot ping again. But according to tcpdump the connection is there. And I cannot even ping mine 192.168.23.4. Missing routes or someting, after I restarted the serice? -- VH -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 542 bytes Desc: OpenPGP digital signature Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20060922/3e7fb800/signature.pgp
Mike Tancsa
2006-Sep-22 07:52 UTC
Problems with OpenVPN+routing and creating tun0 interface
At 10:22 AM 9/22/2006, V??clav Haisman wrote:> > >The problme was on the server, it had my address restricted in firewall. > >I managed to make the tunnel. And I could ping the 192.168.23.1 address >from mine 192.168.23.4. I had to restart the serivce because I did some >changes to the OpenVPN client configuraton. Now I cannot ping again. But >according to tcpdump the connection is there. And I cannot even ping >mine 192.168.23.4. Missing routes or someting, after I restarted the serice?Perhaps a better question to ask on the openvpn mailling list. But provide more details as to your config. One FreeBSD tip with openvpn that I find helpful is to specify which tun device to use-- especially if you have other tun users like ppp or pppoe, is to create a specific interface and tell openvpn to use it. On my boxes I do the following prior to starting up openvpn cat /dev/null > /dev/tun101 and in openvpn, I tell it to use dev tun101 ---Mike