OpenVPN TAP is crashing after connect



  • Hi,

    I've set up an openVPN Tunnel using TAP/TLS-Client.
    Pull is enabled for config.

    This is my openVPN config:

    
    Server Mode: PeerToPeer (SSL/TLS)
    Protocol: TCP
    Device Mode: TAP
    Remote mydyndns.no-ip.org
    Port 4733
    TLS-Auth of Packets: NO
    Crypto: AES-128-CBC
    
    Advanced Settings:
    >dev tap
    >proto tcp-client
    >tls-client
    >cipher AES-128-CBC
    >pull
    >auth SHA1
    >verb 5
    >auth-user-pass /home/firewallconn
    >auth-nocache
    
    

    Log Output on Connection:

    
    Oct 21 10:01:01	openvpn[47597]: WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    Oct 21 10:01:01	openvpn[47597]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Oct 21 10:01:01	openvpn[47597]: Initializing OpenSSL support for engine 'cryptodev'
    Oct 21 10:01:01	openvpn[47597]: Control Channel MTU parms [ L:1591 D:140 EF:40 EB:0 ET:0 EL:0 ]
    Oct 21 10:01:01	openvpn[47597]: Socket Buffers: R=[65228->65536] S=[65228->65536]
    Oct 21 10:01:01	openvpn[47597]: Data Channel MTU parms [ L:1591 D:1450 EF:59 EB:4 ET:32 EL:0 ]
    Oct 21 10:01:01	openvpn[47597]: Local Options String: 'V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_CLIENT,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-client'
    Oct 21 10:01:01	openvpn[47597]: Expected Remote Options String: 'V4,dev-type tap,link-mtu 1591,tun-mtu 1532,proto TCPv4_SERVER,cipher AES-128-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
    Oct 21 10:01:01	openvpn[47597]: Local Options hash (VER=V4): 'c288c4ff'
    Oct 21 10:01:01	openvpn[47597]: Expected Remote Options hash (VER=V4): '6a9bf004'
    Oct 21 10:01:01	openvpn[47778]: Attempting to establish TCP connection with [AF_INET]***.***.82.35:4733 [nonblock]
    Oct 21 10:01:02	openvpn[47778]: TCP connection established with [AF_INET]***.***.82.35:4733
    Oct 21 10:01:02	openvpn[47778]: TCPv4_CLIENT link local (bound): [AF_INET]***.***.22.211
    Oct 21 10:01:02	openvpn[47778]: TCPv4_CLIENT link remote: [AF_INET]***.***.82.35:4733
    Oct 21 10:01:02	openvpn[47778]: TLS: Initial packet from [AF_INET]***.***.82.35:4733, sid=de714a64 aa9c39a7
    Oct 21 10:01:04	openvpn[47778]: VERIFY OK: depth=1, C=DE, ST=[...]
    Oct 21 10:01:04	openvpn[47778]: VERIFY OK: depth=0, C=DE, ST=[...]
    Oct 21 10:01:05	openvpn[47778]: Data Channel Encrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Oct 21 10:01:05	openvpn[47778]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Oct 21 10:01:05	openvpn[47778]: Data Channel Decrypt: Cipher 'AES-128-CBC' initialized with 128 bit key
    Oct 21 10:01:05	openvpn[47778]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Oct 21 10:01:05	openvpn[47778]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
    Oct 21 10:01:05	openvpn[47778]: [jupiter.home] Peer Connection Initiated with [AF_INET]***.***.82.35:4733
    Oct 21 10:01:07	openvpn[47778]: SENT CONTROL [jupiter.home]: 'PUSH_REQUEST' (status=1)
    Oct 21 10:01:12	openvpn[47778]: SENT CONTROL [jupiter.home]: 'PUSH_REQUEST' (status=1)
    Oct 21 10:01:18	openvpn[47778]: SENT CONTROL [jupiter.home]: 'PUSH_REQUEST' (status=1)
    Oct 21 10:01:18	openvpn[47778]: PUSH: Received control message: 'PUSH_REPLY,dhcp-option DNS 10.178.2.1,dhcp-option WINS 10.178.2.1,ping 20,ping-restart 60,route-gateway 10.178.2.1,ifconfig 10.178.2.2 255.255.255.0'
    Oct 21 10:01:18	openvpn[47778]: OPTIONS IMPORT: timers and/or timeouts modified
    Oct 21 10:01:18	openvpn[47778]: OPTIONS IMPORT: --ifconfig/up options modified
    Oct 21 10:01:18	openvpn[47778]: OPTIONS IMPORT: route-related options modified
    Oct 21 10:01:18	openvpn[47778]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
    Oct 21 10:01:18	openvpn[47778]: TUN/TAP device /dev/tap2 opened
    Oct 21 10:01:18	openvpn[47778]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Oct 21 10:01:18	openvpn[47778]: /sbin/ifconfig tap 10.178.2.2 netmask 255.255.255.0 mtu 1500 up
    Oct 21 10:01:18	openvpn[47778]: FreeBSD ifconfig failed: external program exited with error status: 1
    Oct 21 10:01:18	openvpn[47778]: Exiting due to fatal error
    
    

    Can anybody help, please?



  • Hi together,

    As i remember,
    there was an fix-package available for openvpn-tap. Never needed to use tap before on pfSense.
    The System is a fresh and clean 2.1-installation, even one day ago.
    Peer is an mikrotik device with RouterOS 6.4, where other windows-clients are able to connect successfully.

    Thanks in advance for replies.


Log in to reply