OpenVPN client fails



  • Hi,

    I've been running 2.3 for the past few weeks now. It is configured as an openvpn client, and I route part of my traffic through.
    The last time I updated was 9 days ago and things were running smoothly. After updating today, openVPN refuses to come up with the following log:

    
    Jan 24 16:13:24	openvpn	42826	Exiting due to fatal error
    Jan 24 16:13:24	openvpn	42826	Cannot open TUN/TAP dev /dev/tun1: Device busy (errno=16)
    Jan 24 16:13:24	openvpn	42826	TUN/TAP device ovpnc1 exists previously, keep at program end
    Jan 24 16:13:24	openvpn	42826	OPTIONS IMPORT: route-related options modified
    Jan 24 16:13:24	openvpn	42826	OPTIONS IMPORT: --ifconfig/up options modified
    Jan 24 16:13:24	openvpn	42826	Socket Buffers: R=[66300->262144] S=[66300->66300]
    Jan 24 16:13:24	openvpn	42826	OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
    Jan 24 16:13:24	openvpn	42826	OPTIONS IMPORT: --explicit-exit-notify can only be used with --proto udp
    Jan 24 16:13:24	openvpn	42826	OPTIONS IMPORT: timers and/or timeouts modified
    Jan 24 16:13:24	openvpn	42826	Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
    Jan 24 16:13:24	openvpn	42826	Options error: option 'dhcp-option' cannot be used in this context ([PUSH-OPTIONS])
    Jan 24 16:13:24	openvpn	42826	Options error: option 'redirect-gateway' cannot be used in this context ([PUSH-OPTIONS])
    Jan 24 16:13:24	openvpn	42826	PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 198.18.0.1,dhcp-option DNS 198.18.0.2,rcvbuf 262144,explicit-exit-notify 5,route-gateway 172.20.24.1,topology subnet,ping 20,ping-restart 40,ifconfig 172.20.26.7 255.255.252.0'
    Jan 24 16:13:24	openvpn	42826	SENT CONTROL [ams-a02.ipvanish.com]: 'PUSH_REQUEST' (status=1)
    Jan 24 16:13:22	openvpn	42826	[ams-a02.ipvanish.com] Peer Connection Initiated with [AF_INET]81.171.98.3:443
    Jan 24 16:13:22	openvpn	42826	Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
    Jan 24 16:13:22	openvpn	42826	Data Channel Decrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
    Jan 24 16:13:22	openvpn	42826	Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Jan 24 16:13:22	openvpn	42826	Data Channel Encrypt: Using 256 bit message hash 'SHA256' for HMAC authentication
    Jan 24 16:13:22	openvpn	42826	Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Jan 24 16:13:21	openvpn	42826	VERIFY OK: depth=0, C=US, ST=FL, L=Winter Park, O=IPVanish, OU=IPVanish VPN, CN=ams-a02.ipvanish.com, emailAddress=support@ipvanish.com
    Jan 24 16:13:21	openvpn	42826	VERIFY OK: depth=1, C=US, ST=FL, L=Winter Park, O=IPVanish, OU=IPVanish VPN, CN=IPVanish CA, emailAddress=support@ipvanish.com
    Jan 24 16:13:21	openvpn	42826	WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
    Jan 24 16:13:21	openvpn	42826	TLS: Initial packet from [AF_INET]IP:443, sid=c3380634 c7610a14
    Jan 24 16:13:21	openvpn	42826	TCPv4_CLIENT link remote: [AF_INET]IP:443
    Jan 24 16:13:21	openvpn	42826	TCPv4_CLIENT link local (bound): [AF_INET]IP.190
    Jan 24 16:13:21	openvpn	42826	TCP connection established with [AF_INET]IP:443
    Jan 24 16:13:20	openvpn	42826	Attempting to establish TCP connection with [AF_INET]IP:443 [nonblock]
    Jan 24 16:13:20	openvpn	42826	Socket Buffers: R=[65228->65228] S=[65228->65228]
    Jan 24 16:13:20	openvpn	42826	NOTE: --fast-io is disabled since we are not using UDP
    Jan 24 16:13:20	openvpn	42826	NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
    Jan 24 16:13:20	openvpn	42826	WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
    Jan 24 16:13:20	openvpn	42826	MANAGEMENT: unix domain socket listening on /var/etc/openvpn/client1.sock
    Jan 24 16:13:20	openvpn	42760	WARNING: file '/conf/ipvanish.auth' is group or others accessible
    Jan 24 16:13:20	openvpn	42760	library versions: OpenSSL 1.0.1q-freebsd 3 Dec 2015, LZO 2.09
    Jan 24 16:13:20	openvpn	42760	OpenVPN 2.3.9 amd64-portbld-freebsd10.2 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jan 4 2016
    
    

    Did something change? Should I change my configuration, or did the update possibly break something?



  • Just tested mine. Works fine but did see an error in the logs.

    
    Time	Process	PID	Message
    Jan 24 14:34:21	openvpn	15867	brianc/172.101.16.149:62964 send_push_reply(): safe_cap=940
    Jan 24 14:34:21	openvpn	15867	brianc/172.101.16.149:62964 MULTI_sva: pool returned IPv4=10.10.10.2, IPv6=(Not enabled)
    Jan 24 14:34:21	openvpn	15867	172.101.16.149:62964 [brianc] Peer Connection Initiated with [AF_INET]172.101.16.149:62964
    Jan 24 14:34:21	openvpn		user 'brianc' authenticated
    Jan 24 14:33:44	openvpn	15867	brianc/172.101.16.149:62941 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #933 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Jan 24 14:33:44	openvpn	15867	brianc/172.101.16.149:62941 Authenticate/Decrypt packet error: bad packet ID (may be a replay): [ #926 ] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings
    Jan 24 14:32:53	openvpn	15867	brianc/172.101.16.149:62941 send_push_reply(): safe_cap=940
    Jan 24 14:32:53	openvpn	15867	brianc/172.101.16.149:62941 MULTI_sva: pool returned IPv4=10.10.10.2, IPv6=(Not enabled)
    Jan 24 14:32:53	openvpn	15867	172.101.16.149:62941 [brianc] Peer Connection Initiated with [AF_INET]172.101.16.149:62941
    Jan 24 14:32:53	openvpn		user 'brianc' authenticated
    
    

Log in to reply