OpenVPN site-to-site client not starting

phil.davis

2.2-ALPHA (i386)
built on Sun Apr 13 15:35:58 CDT 2014
FreeBSD 10.0-STABLE

OpenVPN site-to-site pre-shared key client setup to connect from home (this 2.2 system) to office OpenVPN server. The settings were working on 2.1.2 before I upgraded to 2.2.

It does not come up on boot. On restarting from Status->Services, I get this in the system log:

Apr 14 23:29:57 	check_reload_status: Reloading filter
Apr 14 23:29:58 	kernel: tun1: link state changed to UP
Apr 14 23:29:58 	kernel: tun1: link state changed to DOWN

and OpenVPN log:

Apr 14 23:29:58 	openvpn[45482]: OpenVPN 2.3.2 i386-portbld-freebsd10.0 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 19 2014
Apr 14 23:29:58 	openvpn[45482]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Apr 14 23:29:58 	openvpn[45482]: TUN/TAP device /dev/tun1 opened
Apr 14 23:29:58 	openvpn[45482]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Apr 14 23:29:58 	openvpn[45482]: /sbin/ifconfig ovpnc1 10.49.255.2 10.49.255.1 mtu 1500 netmask 255.255.255.255 up
Apr 14 23:29:58 	openvpn[45482]: FreeBSD ifconfig failed: external program exited with error status: 1
Apr 14 23:29:58 	openvpn[45482]: Exiting due to fatal error

/var/etc/openvpn/client1.conf (with name and port changed in the "remote" line:

dev ovpnc1
dev-type tun
tun-ipv6
dev-node /dev/tun1
writepid /var/run/openvpn_client1.pid
#user nobody
#group nobody
script-security 3
daemon
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
proto udp
cipher AES-128-CBC
auth SHA1
up /usr/local/sbin/ovpn-linkup
down /usr/local/sbin/ovpn-linkdown
local 10.49.223.200
lport 0
management /var/etc/openvpn/client1.sock unix
remote mainoffice.dyndns-ip.com 5134
ifconfig 10.49.255.2 10.49.255.1
route 10.49.0.0 255.255.0.0
route 10.50.0.0 255.255.0.0
route 10.51.0.0 255.255.0.0
secret /var/etc/openvpn/client1.secret 

and no mention of "ovpnc1" or even "vpn" in ifconfig output.

Where to look next?

eri--

Fixed should be ok.
gitsync or next snap.

phil.davis

2.2-ALPHA (i386)
built on Mon Apr 14 15:07:07 CDT 2014

Site-to-site client is up and connected to main office.
Working, thanks.