Re: OpenVPN issues on 5.0

Thu, 22 Dec 2011 15:40:09 -0800 

On Thu, Dec 22, 2011 at 09:40:47AM +0100, Janne Johansson wrote:
> 2011/12/22 Erling Westenvik <erling.westen...@gmail.com>:
> > Sorry for bumping this here @ misc when my question propably belong to
> > some OpenVPN forum, but it seems like no-one out there can say much on
> > OpenVPN issues that appears to be OpenBSD spesific.
> >
> > What puzzles me is that I cannot make the tun-interface show up in the
> > route table on the server:
> >
> > Destination    Gateway           Flags Refs  Use   Mtu Prio Iface
> > default        AAA.BB.CCC.D      UGS      3 1101     -    8 url0
> > 127/8          127.0.0.1         UGRS     0    0 33196    8 lo0
> > 127.0.0.1      127.0.0.1         UH       2    0 33196    4 lo0
> > 192.168.2/24   link#5            UC       1    0     -    4 acx0
> > 192.168.2.200  00:16:ea:b3:65:d0 UHLc     1  400     -    4 acx0
> > 192.168.3/24   link#2            UC       2    0     -    4 bge0
> > 192.168.3.106  00:1e:4f:95:19:1d UHLc     1 1582     -    4 bge0
> > 192.168.3.200  fe:e1:ba:d7:c3:24 UHLc     0   28     -    4 bge0
> > 193.90.160/20  link#6            UC       1    0     -    4 url0
> > AAA.BB.CCC.D   00:90:1a:42:6d:81 UHLc     1    0     -    4 url0
> > AAA.BB.CCC.DDD 127.0.0.1         UGHS     0    0 33196    8 lo0
> > 224/4          127.0.0.1         URS      0    0 33196    8 lo0
> >
> > /etc/hostname.tun0 <<<
> > link0
> > up
> > !/usr/local/sbin/openvpn --config /etc/openvpn/server.conf
> >>>>
> >
> > /etc/hostname.bridge0 <<<
> > add bge0
> > add acx0
> > up
> >>>>
> 
> What does ifconfig tun0 say?
> 
> When I did openvpn before I mostly didn't start openvpn from the tun
> config file myself, but rather start openvpn and make that one bring
> up tuns for me, but I would assume that if the tunnel goes up and then
> down and if it takes the tun0 down until the tunnel can be taken up
> again, the network that tun0 belonged to would not show in the routing
> table until it gets back up again. Any interface that has an address
> and that is up would somehow make an entry in the routing tables.
> 

Thanks, but I gave up, re-installed OpenBSD 4.7 and now everything is
working. Beats me why but I'm pretty sure it had something to do with
routing when running OpenVPN in bridged mode.

For identical configurations as far as pf-, tun-, bridge- and OpenVPN
files are concerned, this works:

        server: OpenBSD 4.7/OpenVPN 2.1.0 (using keys from 2.1.4)
        client: OpenBSD 5.0/OpenVPN 2.1.4

while this don't:

        server: OpenBSD 5.0/OpenVPN 2.1.4
        client: OpenBSD 5.0/OpenVPN 2.1.4

I will try with OpenBSD 4.8 and 4.9 during the holidays.

-- 
Cheers,
Erling

Reply via email to