Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN no tap-device after upgrade RC1

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    12 Posts 3 Posters 8.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      sebastian
      last edited by

      Hi,

      Sorry for my poor english.

      After upgrade my RC1 from 20.03.2011 to 24.03.2011 and later. I'm not able to create a openvpn working configuration with tap as device type. At webgui and In config.xml tap is set, but in generated /var/etc/openvpn/client1.conf it is always tun. In earlier releases it has worked.

      Also it's not possible to create a bridge with RC1. Interfaces do not leave learning state.

      are this know bugs?
      sebastian

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        It's a known issue. Tap was never officially supported, but it was possible to hack around it in 1.2.x.

        There is an open ticket, someone has a patch there to try, but it's too late for that to make it into 2.0.

        http://redmine.pfsense.org/issues/1222

        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • S
          sebastian
          last edited by

          Thanks for your answer.

          Ticket is for the server part but I'll use pfSense as a client. It's also unsupported? In RC1 before 03/21 it seem to work - but I think my bridge configuration is broken.

          thank
          sebastian

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            Ah, ok. I misread that part.

            Looks like this commit may have broken the selection.

            https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/bf87b4d7d1e9c0064e59727afd7601c111f6f3da

            Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • E
              ericab
              last edited by

              wait a second;

              could this be the reason for my issue ? i think it is.
              well it looks like sebastian and i are sticking to the march 20th snap.

              http://forum.pfsense.org/index.php/topic,34858.0.html

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                I let the person who made that previous commit know and they're working on a fix.

                Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • E
                  ericab
                  last edited by

                  excellent news jimp,
                  im so glad this has finally been resolved, or at least now we know the cause of the problem

                  1 Reply Last reply Reply Quote 0
                  • E
                    ericab
                    last edited by

                    jimp; Luiz,
                    i noticed this:
                    http://redmine.pfsense.org/projects/pfsense/repository/revisions/681b43b0790694b737dc91573a233a8aa468b681

                    the problem still persists however.

                    my vpn client calls for a TAP device, but despite what is selected in the WebUI, a TUN device is used.

                    the log of a working client (March 20th and before)

                    Mar 29 19:12:52 	openvpn[16984]: Initialization Sequence Completed
                    Mar 29 19:12:52 	openvpn[16984]: /sbin/route add -net 128.0.0.0 88.126.75.1 128.0.0.0
                    Mar 29 19:12:52 	openvpn[16984]: /sbin/route add -net 0.0.0.0 88.126.75.1 128.0.0.0
                    Mar 29 19:12:52 	openvpn[16984]: /sbin/route add -net 78.73.215.170 192.68.1.1 255.255.255.255
                    Mar 29 19:12:50 	openvpn[16984]: /usr/local/sbin/ovpn-linkup ovpnc2 1500 1574 88.126.75.98 255.255.255.128 init
                    Mar 29 19:12:50 	openvpn[16984]: /sbin/ifconfig ovpnc2 88.126.75.98 netmask 255.255.255.128 mtu 1500 up
                    Mar 29 19:12:50 	openvpn[16984]: do_ifconfig, tt->ipv6=0
                    Mar 29 19:12:50 	openvpn[16984]: TUN/TAP device /dev/tap2 opened
                    Mar 29 19:12:50 	openvpn[16984]: ROUTE default_gateway=192.168.1.1
                    

                    NOTE the TAP device โ€“-^

                    anything after March 20th this is the result:

                    Mar 29 19:01:47 	openvpn[16905]: Initialization Sequence Completed
                    Mar 29 19:01:47 	openvpn[16905]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
                    Mar 29 19:01:47 	openvpn[16905]: /sbin/route add -net 128.0.0.0 88.126.74.129 128.0.0.0
                    Mar 29 19:01:47 	openvpn[16905]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
                    Mar 29 19:01:47 	openvpn[16905]: /sbin/route add -net 0.0.0.0 88.126.74.129 128.0.0.0
                    Mar 29 19:01:47 	openvpn[16905]: /sbin/route add -net 78.73.215.173 192.68.1.1 255.255.255.255
                    Mar 29 19:01:45 	openvpn[16905]: /usr/local/sbin/ovpn-linkup ovpnc2 1532 1574 88.126.74.237 255.255.255.128 init
                    Mar 29 19:01:45 	openvpn[16905]: /sbin/ifconfig ovpnc2 88.126.74.237 255.255.255.128 mtu 1532 netmask 255.255.255.255 up
                    Mar 29 19:01:45 	openvpn[16905]: do_ifconfig, tt->ipv6=0
                    Mar 29 19:01:45 	openvpn[16905]: TUN/TAP device /dev/tun2 opened
                    Mar 29 19:01:45 	openvpn[16905]: ROUTE default_gateway=192.168.1.1
                    

                    NOTE the TUN device โ€“-^

                    note: IP's have been changed ;)

                    1 Reply Last reply Reply Quote 0
                    • S
                      sebastian
                      last edited by

                      same her โ€ฆ

                      I have found a manual workaround. Change <dev_mode>and</dev_mode> in /conf/config.xml to <device_mode>and</device_mode> and now it work ... I think the comiter forget to change vpn_openvpn_client.php (or which script create configuration?) - but I have no clue how to fix itย  :(

                      thanks
                      Sebastian

                      1 Reply Last reply Reply Quote 0
                      • jimpJ
                        jimp Rebel Alliance Developer Netgate
                        last edited by

                        Yeah it really should have been standardized on dev_mode not device_mode, or else older configs will break. I'll check on the fix.

                        Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                        Need help fast? Netgate Global Support!

                        Do not Chat/PM for help!

                        1 Reply Last reply Reply Quote 0
                        • jimpJ
                          jimp Rebel Alliance Developer Netgate
                          last edited by

                          https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/4936ff53df99f9c3f7de42980b581d21c1838404

                          Remember: Upvote with the ๐Ÿ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

                          Need help fast? Netgate Global Support!

                          Do not Chat/PM for help!

                          1 Reply Last reply Reply Quote 0
                          • E
                            ericab
                            last edited by

                            edit*

                            nevermind, it works just fine; just needed a reboot !
                            it was throwing this error at me:

                            Apr 1 15:11:36 	openvpn[35065]: Exiting
                            Apr 1 15:11:36 	openvpn[35065]: FreeBSD ifconfig failed: external program exited with error status: 1
                            ```'
                            
                            +1 jimp
                            thanks !
                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.