OpenVPN no tap-device after upgrade RC1
-
Hi,
Sorry for my poor english.
After upgrade my RC1 from 20.03.2011 to 24.03.2011 and later. I'm not able to create a openvpn working configuration with tap as device type. At webgui and In config.xml tap is set, but in generated /var/etc/openvpn/client1.conf it is always tun. In earlier releases it has worked.
Also it's not possible to create a bridge with RC1. Interfaces do not leave learning state.
are this know bugs?
sebastian -
It's a known issue. Tap was never officially supported, but it was possible to hack around it in 1.2.x.
There is an open ticket, someone has a patch there to try, but it's too late for that to make it into 2.0.
http://redmine.pfsense.org/issues/1222
-
Thanks for your answer.
Ticket is for the server part but I'll use pfSense as a client. It's also unsupported? In RC1 before 03/21 it seem to work - but I think my bridge configuration is broken.
thank
sebastian -
Ah, ok. I misread that part.
Looks like this commit may have broken the selection.
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/bf87b4d7d1e9c0064e59727afd7601c111f6f3da
-
wait a second;
could this be the reason for my issue ? i think it is.
well it looks like sebastian and i are sticking to the march 20th snap.http://forum.pfsense.org/index.php/topic,34858.0.html
-
I let the person who made that previous commit know and they're working on a fix.
-
excellent news jimp,
im so glad this has finally been resolved, or at least now we know the cause of the problem -
jimp; Luiz,
i noticed this:
http://redmine.pfsense.org/projects/pfsense/repository/revisions/681b43b0790694b737dc91573a233a8aa468b681the problem still persists however.
my vpn client calls for a TAP device, but despite what is selected in the WebUI, a TUN device is used.
the log of a working client (March 20th and before)
Mar 29 19:12:52 openvpn[16984]: Initialization Sequence Completed Mar 29 19:12:52 openvpn[16984]: /sbin/route add -net 128.0.0.0 88.126.75.1 128.0.0.0 Mar 29 19:12:52 openvpn[16984]: /sbin/route add -net 0.0.0.0 88.126.75.1 128.0.0.0 Mar 29 19:12:52 openvpn[16984]: /sbin/route add -net 78.73.215.170 192.68.1.1 255.255.255.255 Mar 29 19:12:50 openvpn[16984]: /usr/local/sbin/ovpn-linkup ovpnc2 1500 1574 88.126.75.98 255.255.255.128 init Mar 29 19:12:50 openvpn[16984]: /sbin/ifconfig ovpnc2 88.126.75.98 netmask 255.255.255.128 mtu 1500 up Mar 29 19:12:50 openvpn[16984]: do_ifconfig, tt->ipv6=0 Mar 29 19:12:50 openvpn[16984]: TUN/TAP device /dev/tap2 opened Mar 29 19:12:50 openvpn[16984]: ROUTE default_gateway=192.168.1.1
NOTE the TAP device โ-^
anything after March 20th this is the result:
Mar 29 19:01:47 openvpn[16905]: Initialization Sequence Completed Mar 29 19:01:47 openvpn[16905]: ERROR: FreeBSD route add command failed: external program exited with error status: 1 Mar 29 19:01:47 openvpn[16905]: /sbin/route add -net 128.0.0.0 88.126.74.129 128.0.0.0 Mar 29 19:01:47 openvpn[16905]: ERROR: FreeBSD route add command failed: external program exited with error status: 1 Mar 29 19:01:47 openvpn[16905]: /sbin/route add -net 0.0.0.0 88.126.74.129 128.0.0.0 Mar 29 19:01:47 openvpn[16905]: /sbin/route add -net 78.73.215.173 192.68.1.1 255.255.255.255 Mar 29 19:01:45 openvpn[16905]: /usr/local/sbin/ovpn-linkup ovpnc2 1532 1574 88.126.74.237 255.255.255.128 init Mar 29 19:01:45 openvpn[16905]: /sbin/ifconfig ovpnc2 88.126.74.237 255.255.255.128 mtu 1532 netmask 255.255.255.255 up Mar 29 19:01:45 openvpn[16905]: do_ifconfig, tt->ipv6=0 Mar 29 19:01:45 openvpn[16905]: TUN/TAP device /dev/tun2 opened Mar 29 19:01:45 openvpn[16905]: ROUTE default_gateway=192.168.1.1
NOTE the TUN device โ-^
note: IP's have been changed ;)
-
same her โฆ
I have found a manual workaround. Change <dev_mode>and</dev_mode> in /conf/config.xml to <device_mode>and</device_mode> and now it work ... I think the comiter forget to change vpn_openvpn_client.php (or which script create configuration?) - but I have no clue how to fix itย :(
thanks
Sebastian -
Yeah it really should have been standardized on dev_mode not device_mode, or else older configs will break. I'll check on the fix.
-
https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/4936ff53df99f9c3f7de42980b581d21c1838404
-
edit*
nevermind, it works just fine; just needed a reboot !
it was throwing this error at me:Apr 1 15:11:36 openvpn[35065]: Exiting Apr 1 15:11:36 openvpn[35065]: FreeBSD ifconfig failed: external program exited with error status: 1 ```' +1 jimp thanks !