OpenVPN site-to-site client not starting



  • 2.2-ALPHA (i386)
    built on Sun Apr 13 15:35:58 CDT 2014
    FreeBSD 10.0-STABLE

    OpenVPN site-to-site pre-shared key client setup to connect from home (this 2.2 system) to office OpenVPN server. The settings were working on 2.1.2 before I upgraded to 2.2.

    It does not come up on boot. On restarting from Status->Services, I get this in the system log:

    Apr 14 23:29:57 	check_reload_status: Reloading filter
    Apr 14 23:29:58 	kernel: tun1: link state changed to UP
    Apr 14 23:29:58 	kernel: tun1: link state changed to DOWN
    

    and OpenVPN log:

    Apr 14 23:29:58 	openvpn[45482]: OpenVPN 2.3.2 i386-portbld-freebsd10.0 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 19 2014
    Apr 14 23:29:58 	openvpn[45482]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Apr 14 23:29:58 	openvpn[45482]: TUN/TAP device /dev/tun1 opened
    Apr 14 23:29:58 	openvpn[45482]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
    Apr 14 23:29:58 	openvpn[45482]: /sbin/ifconfig ovpnc1 10.49.255.2 10.49.255.1 mtu 1500 netmask 255.255.255.255 up
    Apr 14 23:29:58 	openvpn[45482]: FreeBSD ifconfig failed: external program exited with error status: 1
    Apr 14 23:29:58 	openvpn[45482]: Exiting due to fatal error
    
    

    /var/etc/openvpn/client1.conf (with name and port changed in the "remote" line:

    dev ovpnc1
    dev-type tun
    tun-ipv6
    dev-node /dev/tun1
    writepid /var/run/openvpn_client1.pid
    #user nobody
    #group nobody
    script-security 3
    daemon
    keepalive 10 60
    ping-timer-rem
    persist-tun
    persist-key
    proto udp
    cipher AES-128-CBC
    auth SHA1
    up /usr/local/sbin/ovpn-linkup
    down /usr/local/sbin/ovpn-linkdown
    local 10.49.223.200
    lport 0
    management /var/etc/openvpn/client1.sock unix
    remote mainoffice.dyndns-ip.com 5134
    ifconfig 10.49.255.2 10.49.255.1
    route 10.49.0.0 255.255.0.0
    route 10.50.0.0 255.255.0.0
    route 10.51.0.0 255.255.0.0
    secret /var/etc/openvpn/client1.secret 
    

    and no mention of "ovpnc1" or even "vpn" in ifconfig output.

    Where to look next?



  • Fixed should be ok.
    gitsync or next snap.



  • 2.2-ALPHA (i386)
    built on Mon Apr 14 15:07:07 CDT 2014

    Site-to-site client is up and connected to main office.
    Working, thanks.


Log in to reply