OpenVPN Client

Sat Jul 25 14:28:44 UTC 2009

Hi, I'm trying to connect to an OpenVPN server in my office. To do this, I installed "OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO]" from ports, and looking at different tutorials I found it needs a config file in /usr/local/etc/openvpn/openvpn.conf. The problem here, is that our server provides an "client.ovpn" file containing all the connection params needed by a client, in fact, we connect windows machines just by installing "OpenVPN_Installer.exe", it configures a TAP device and a client that reads the client.ovpn file.

Now, in my FreeBSD 7.2 i386 machine, I did this:

Created the /usr/local/etc/openvpn/openvpn.conf (the port doesn't created it automatically) with this content:

remote 200.80.219.194.static.techtelnet.net
client
proto tcp 
port 443
dev tun 
ns-cert-type server
auth-user-pass
auth-retry interact
comp-lzo
user nobody
group nobody
verb 3
ca /usr/local/etc/openvpn/keys/ca.key
cert /usr/local/etc/openvpn/keys/cert.key
key /usr/local/etc/openvpn/keys/key.key

This contents are extracted from client.ovpn, and "ca", "cert" and "key" files were extracted from the same file.

I kldload tun, but when I do ifconfig, it doesn't shows nothing related to tun or tap.

Also, when I do "openvpn /usr/local/etc/openvpn/openvpn.conf" the results are this:

Sat Jul 25 11:24:09 2009 OpenVPN 2.0.6 i386-portbld-freebsd7.2 [SSL] [LZO] built on Jul 24 2009
Enter Auth Username:nico
Enter Auth Password:****
Sat Jul 25 11:24:13 2009 WARNING: you are using user/group/chroot without persist-key/persist-tun -- this may cause restarts to fail
Sat Jul 25 11:24:13 2009 WARNING: file '/usr/local/etc/openvpn/keys/key.key' is group or others accessible
Sat Jul 25 11:24:13 2009 LZO compression initialized
Sat Jul 25 11:24:13 2009 Control Channel MTU parms [ L:1544 D:140 EF:40 EB:0 ET:0 EL:0 ]
Sat Jul 25 11:24:13 2009 Data Channel MTU parms [ L:1544 D:1450 EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Jul 25 11:24:13 2009 Local Options hash (VER=V4): '69109d17'
Sat Jul 25 11:24:13 2009 Expected Remote Options hash (VER=V4): 'c0103fa8'
Sat Jul 25 11:24:13 2009 NOTE: UID/GID downgrade will be delayed because of --client, --pull, or --up-delay
Sat Jul 25 11:24:13 2009 Attempting to establish TCP connection with 200.80.219.194:443
Sat Jul 25 11:24:13 2009 TCP connection established with 200.80.219.194:443
Sat Jul 25 11:24:13 2009 TCPv4_CLIENT link local: [undef]
Sat Jul 25 11:24:13 2009 TCPv4_CLIENT link remote: 200.80.219.194:443
Sat Jul 25 11:24:13 2009 Connection reset, restarting [0]
Sat Jul 25 11:24:13 2009 TCP/UDP: Closing socket
Sat Jul 25 11:24:13 2009 SIGUSR1[soft,connection-reset] received, process restarting
Sat Jul 25 11:24:13 2009 Restart pause, 5 second(s)

In my /etc/rc.conf I have openvpn_if="tun", I don't load the tun nor tap interface at boot, I just want to load it with kldload.

uname -a:
FreeBSD inspiron.local 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Fri May  1 08:49:13 UTC 2009     root at walker.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC  i386

ifconfig:
ndis0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        ether 00:23:4d:64:d6:7a
        inet 192.168.0.100 netmask 0xffffff00 broadcast 192.168.0.255
        media: IEEE 802.11 Wireless Ethernet autoselect
        status: associated
        ssid "" channel 1 (2412 Mhz 11b)
        authmode OPEN privacy OFF bmiss 7 scanvalid 60 roaming MANUAL
        bintval 0
fwe0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=8<VLAN_MTU>
        ether 32:4f:c0:e1:55:e1
        ch 1 dma -1
fwip0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
        lladdr 33.4f.c0.0.26.e1.55.e1.a.2.ff.fe.0.0.0.0
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 
        inet6 ::1 prefixlen 128 
        inet 127.0.0.1 netmask 0xff000000 

Thanks in advance,
Leonardo M. Ramé