|
From: Tim W. <ti...@th...> - 2007-01-10 14:01:27
|
Hi Mike The client machine is running an old linux kernel, 2.4.22, I don't see=20 anything tun or tap related after an 'lsmod' I don't seem to have any tun.o module, but there is an ethertap.o module th= at=20 I loaded this morning. I also created the tun character device as described= =20 in your post.=20 It has made no difference, I continue to get the same error. I looked at th= e=20 kernel's 'make xconfig' and don't see where I enable the tun module.=20 I tried commenting out /dev/tun and uncommenting /dev/tap in both the=20 client.conf and server.conf files to see if loading ethertap.o and trying t= o=20 use tap would make it better. Still no change in results... I'm starting to think I'm going to need to update this RHL7 box to somethin= g=20 more current, like CentOS 4.4, or Fedora Core 6 in order to get this to wor= k=20 (probly somethign I should do anyway). Regards,=20 Tim On Tuesday 09 January 2007 5:24 pm, Mike Hambidge wrote: > Hey Tim, a couple of things to check on the client machine: > > 1. Is TUN/TAP support enabled in the kernel (either compiled in or as a > module)? > 2. If as a module, is it loaded prior to starting OpenVPN? e.g. > modprobe tun > 3. Did you create the tun character device? e.g. > mkdir /dev/net > mknod /dev/net/tun c 10 200 > > -- Mike > > Tim Wunder wrote: > > Hi, > > I'm trying to make a VPN connection from openvpn 2.0.9 on RHL7 to openv= pn > > 2.0.7 on CentOS 4.4. I've attempted to follow the instructions from > > http://openvpn.net/howto.html#quick > > > > The CentOS box is the server in my environment and the RHL7 box is the > > client. I created the server keys and the client keys on the CentOS box > > and scp'd the client keys to the RHL7 box. > > > > I can start the server on the CentOS box and sorta get a connection from > > the RHL7 client. This is the text of the output when running > > # openvpn /etc/openvpn/server.conf > > Tue Jan 9 15:17:31 2007 OpenVPN 2.0.7 i386-redhat-linux-gnu [SSL] [LZO] > > [EPOLL] built on Apr 29 2006 > > Tue Jan 9 15:17:31 2007 Diffie-Hellman initialized with 1024 bit key > > Tue Jan 9 15:17:31 2007 TLS-Auth MTU parms [ L:1544 D:140 EF:40 EB:0 > > ET:0 EL:0 ] > > Tue Jan 9 15:17:31 2007 TUN/TAP device tun0 opened > > Tue Jan 9 15:17:31 2007 /sbin/ip link set dev tun0 up mtu 1500 > > Tue Jan 9 15:17:31 2007 /sbin/ip addr add dev tun0 local 10.8.0.1 peer > > 10.8.0.2Tue Jan 9 15:17:31 2007 /sbin/ip route add 10.8.0.0/24 via > > 10.8.0.2 Tue Jan 9 15:17:31 2007 Data Channel MTU parms [ L:1544 D:1450 > > EF:44 EB:135 ET:0 EL:0 AF:3/1 ] > > Tue Jan 9 15:17:31 2007 GID set to nobody > > Tue Jan 9 15:17:31 2007 UID set to nobody > > Tue Jan 9 15:17:31 2007 Listening for incoming TCP connection on > > [undef]:1194 Tue Jan 9 15:17:31 2007 TCPv4_SERVER link local (bound): > > [undef]:1194 Tue Jan 9 15:17:31 2007 TCPv4_SERVER link remote: [undef] > > Tue Jan 9 15:17:31 2007 MULTI: multi_init called, r=3D256 v=3D256 > > Tue Jan 9 15:17:31 2007 IFCONFIG POOL: base=3D10.8.0.4 size=3D62 > > Tue Jan 9 15:17:31 2007 IFCONFIG POOL LIST > > Tue Jan 9 15:17:31 2007 ServerName,10.8.0.4 > > Tue Jan 9 15:17:31 2007 MULTI: TCP INIT maxclients=3D1024 maxevents=3D= 1028 > > Tue Jan 9 15:17:31 2007 Initialization Sequence Completed > > > > > > # egrep -v "^(#|*$|;)" server.conf > > port 1194 > > proto tcp > > dev tun > > ca /etc/openvpn/easy-rsa/keys/ca.crt > > cert /etc/openvpn/easy-rsa/keys/server.crt > > key /etc/openvpn/server.key # This file should be kept secret > > dh /etc/openvpn/easy-rsa/keys/dh1024.pem > > server 10.8.0.0 255.255.255.0 > > ifconfig-pool-persist ipp.txt > > client-to-client > > keepalive 10 120 > > comp-lzo > > user nobody > > group nobody > > persist-key > > persist-tun > > status openvpn-status.log > > verb 3 > > > > > > > > and when running > > # openvpn ./client.conf > > Tue Jan 9 14:54:14 2007 VERIFY OK: > > depth=3D0, /C=3DUS/ST=3DNA/O=3DOrgName/CN=3DCommonName/Email=3Dmy@e-mai= l.com > > Tue Jan 9 14:54:14 2007 Data Channel Encrypt: Cipher 'BF-CBC' > > initialized with 128 bit key > > Tue Jan 9 14:54:14 2007 Data Channel Encrypt: Using 160 bit message > > hash 'SHA1' for HMAC authentication > > Tue Jan 9 14:54:14 2007 Data Channel Decrypt: Cipher 'BF-CBC' > > initialized with 128 bit key > > Tue Jan 9 14:54:14 2007 Data Channel Decrypt: Using 160 bit message > > hash 'SHA1' for HMAC authentication > > Tue Jan 9 14:54:14 2007 Control Channel: TLSv1, cipher TLSv1/SSLv3 > > EDH-RSA-DES-CBC3-SHA, 1024 bit RSA > > Tue Jan 9 14:54:14 2007 [ServerName] Peer Connection Initiated with > > 192.168.1.252:1194 > > Tue Jan 9 14:54:15 2007 SENT CONTROL [ServerName]: 'PUSH_REQUEST' > > (status=3D1)Tue Jan 9 14:54:15 2007 PUSH: Received control > > message: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,ping 10,ping-restart > > 120,ifconfig 10.8.0.6 10.8.0.5' > > Tue Jan 9 14:54:15 2007 OPTIONS IMPORT: timers and/or timeouts modified > > Tue Jan 9 14:54:15 2007 OPTIONS IMPORT: --ifconfig/up options modified > > Tue Jan 9 14:54:15 2007 OPTIONS IMPORT: route options modified > > Tue Jan 9 14:54:15 2007 Cannot allocate TUN/TAP dev dynamically > > Tue Jan 9 14:54:15 2007 Exiting > > > > # egrep -v "^(#|*$|;)" client.conf > > client > > dev tun > > proto tcp > > remote serverDomain 1194 > > resolv-retry infinite > > nobind > > user nobody > > group nobody > > persist-key > > persist-tun > > ca /etc/openvpn/clientkeys/ca.crt > > cert /etc/openvpn/clientkeys/client.crt > > key /etc/openvpn/clientkeys/client.key > > comp-lzo > > verb 3 > > > > What am I missing? > > > > Thanks, > > Tim > > > > > > > > ------------------------------------------------------------------------ > > > > -----------------------------------------------------------------------= =2D- > > Take Surveys. Earn Cash. Influence the Future of IT > > Join SourceForge.net's Techsay panel and you'll get the chance to share > > your opinions on IT & business topics through brief surveys - and earn > > cash > > http://www.techsay.com/default.php?page=3Djoin.php&p=3Dsourceforge&CID= =3DDEVDEV > > > > > > ------------------------------------------------------------------------ > > > > _______________________________________________ > > Openvpn-users mailing list > > Ope...@li... > > https://lists.sourceforge.net/lists/listinfo/openvpn-users |