Can't get an IP on tap interface



  • I followed this really good guide :
    https://forum.pfsense.org/index.php?topic=46984.0

    But when I connect to pfsense from my Windows 7 PC, I don't receive an IP address and it ends up reverting to a 169 address.

    Here is the client log :

    Wed Feb 04 22:09:51 2015 OpenVPN 2.3.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Dec  1 2014
    Wed Feb 04 22:09:51 2015 library versions: OpenSSL 1.0.1j 15 Oct 2014, LZO 2.08
    Wed Feb 04 22:09:59 2015 Control Channel Authentication: using 'udp-1195-testuser-tls.key' as a OpenVPN static key file
    Wed Feb 04 22:09:59 2015 UDPv4 link local (bound): [undef]
    Wed Feb 04 22:09:59 2015 UDPv4 link remote: [AF_INET]1.11.99.254:1195
    Wed Feb 04 22:09:59 2015 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
    Wed Feb 04 22:09:59 2015 [Epitiro] Peer Connection Initiated with [AF_INET]1.11.99.254:1195
    Wed Feb 04 22:10:02 2015 open_tun, tt->ipv6=0
    Wed Feb 04 22:10:02 2015 TAP-WIN32 device [Local Area Connection 2] opened: \.\Global{D0D49FFF-815A-4ED1-A8AA-8FA52C8E60DB}.tap
    Wed Feb 04 22:10:02 2015 Successful ARP Flush on interface [29] {D0D49FFF-815A-4ED1-A8AA-8FA52C8E60DB}
    Wed Feb 04 22:10:07 2015 NOTE: unable to redirect default gateway – VPN gateway parameter (--route-gateway or --ifconfig) is missing
    Wed Feb 04 22:10:07 2015 Initialization Sequence Completed

    My client conf is :

    dev tap
    persist-tun
    persist-key
    cipher AES-128-CBC
    auth SHA1
    tls-client
    client
    resolv-retry infinite
    remote 1.11.99.254 1195 udp
    lport 0
    verify-x509-name "MyVPN" name
    auth-user-pass
    pkcs12 udp-1195-testuser.p12
    tls-auth udp-1195-testuser-tls.key 1

    One thing I don't understand though....
    I created a new interface called ovpnint and then a bridge, ovpnbridge, combining this the int with my LAN. Where do I tell the openvpn to connect users to the openvpn interface, and therefore the bridge? The guide says under tunnel settings:

    Bridge Interface: Your LAN interface (or whatever interface you want remote clients to be on)

    Should this actually be the virtual interface created? Either way, I have tried both and I still get the same.

    Any ideas?