[OpenVPN home]	[Date Prev]	[Date Index]	[Date Next]
[OpenVPN mailing lists]	[Thread Prev]	[Thread Index]	[Thread Next]

Re: [Openvpn-users] Cannot allocate TUN/TAP dev dynamically

Subject: Re: [Openvpn-users] Cannot allocate TUN/TAP dev dynamically
From: Tim Wunder <tim@xxxxxxxxxxxxxx>
Date: Wed, 10 Jan 2007 09:01:01 -0500

Hi Mike

The client machine is running an old linux kernel, 2.4.22, I don't see 
anything tun or tap related after an 'lsmod'
I don't seem to have any tun.o module, but there is an ethertap.o module that 
I loaded this morning. I also created the tun character device as described 
in your post. 

It has made no difference, I continue to get the same error. I looked at the 
kernel's 'make xconfig' and don't see where I enable the tun module. 

I tried commenting out /dev/tun and uncommenting /dev/tap in both the 
client.conf and server.conf files to see if loading ethertap.o and trying to 
use tap would make it better. Still no change in results...

I'm starting to think I'm going to need to update this RHL7 box to something 
more current, like CentOS 4.4, or Fedora Core 6 in order to get this to work 
(probly somethign I should do anyway).

Regards, 
Tim

On Tuesday 09 January 2007 5:24 pm, Mike Hambidge wrote:
> Hey Tim, a couple of things to check on the client machine:
>
> 1. Is TUN/TAP support enabled in the kernel (either compiled in or as a
> module)?
> 2. If as a module, is it loaded prior to starting OpenVPN? e.g.
> 	modprobe tun
> 3. Did you create the tun character device? e.g.
> 	mkdir /dev/net
> 	mknod /dev/net/tun c 10 200
>
> -- Mike
>
> Tim Wunder wrote:
> > Hi,
> > I'm trying to make a VPN connection from openvpn 2.0.9 on RHL7 to openvpn
> > 2.0.7 on CentOS 4.4. I've attempted to follow the instructions from
> > http://openvpn.net/howto.html#quick
> >
> > The CentOS box is the server in my environment and the RHL7 box is the
> > client. I created the server keys and the client keys on the CentOS box
> > and scp'd the client keys to the RHL7 box.
> >
> > I can start the server on the CentOS box and sorta get a connection from
> > the RHL7 client. This is the text of the output when running
> > # openvpn  /etc/openvpn/server.conf
> > Tue Jan  9 15:17:31 2007 OpenVPN 2.0.7 i386-redhat-linux-gnu [SSL] [LZO]
> > [EPOLL] built on Apr 29 2006
> > Tue Jan  9 15:17:31 2007 Diffie-Hellman initialized with 1024 bit key
> > Tue Jan  9 15:17:31 2007 TLS-Auth MTU parms [ L:1544 D:140 EF:40 EB:0
> > ET:0 EL:0 ]
> > Tue Jan  9 15:17:31 2007 TUN/TAP device tun0 opened
> > Tue Jan  9 15:17:31 2007 /sbin/ip link set dev tun0 up mtu 1500
> > Tue Jan  9 15:17:31 2007 /sbin/ip addr add dev tun0 local 10.8.0.1 peer
> > 10.8.0.2Tue Jan  9 15:17:31 2007 /sbin/ip route add 10.8.0.0/24 via
> > 10.8.0.2 Tue Jan  9 15:17:31 2007 Data Channel MTU parms [ L:1544 D:1450
> > EF:44 EB:135 ET:0 EL:0 AF:3/1 ]
> > Tue Jan  9 15:17:31 2007 GID set to nobody
> > Tue Jan  9 15:17:31 2007 UID set to nobody
> > Tue Jan  9 15:17:31 2007 Listening for incoming TCP connection on
> > [undef]:1194 Tue Jan  9 15:17:31 2007 TCPv4_SERVER link local (bound):
> > [undef]:1194 Tue Jan  9 15:17:31 2007 TCPv4_SERVER link remote: [undef]
> > Tue Jan  9 15:17:31 2007 MULTI: multi_init called, r=256 v=256
> > Tue Jan  9 15:17:31 2007 IFCONFIG POOL: base=10.8.0.4 size=62
> > Tue Jan  9 15:17:31 2007 IFCONFIG POOL LIST
> > Tue Jan  9 15:17:31 2007 ServerName,10.8.0.4
> > Tue Jan  9 15:17:31 2007 MULTI: TCP INIT maxclients=1024 maxevents=1028
> > Tue Jan  9 15:17:31 2007 Initialization Sequence Completed
> >
> >
> > # egrep -v "^(#|*$|;)" server.conf
> > port 1194
> > proto tcp
> > dev tun
> > ca /etc/openvpn/easy-rsa/keys/ca.crt
> > cert /etc/openvpn/easy-rsa/keys/server.crt
> > key /etc/openvpn/server.key  # This file should be kept secret
> > dh /etc/openvpn/easy-rsa/keys/dh1024.pem
> > server 10.8.0.0 255.255.255.0
> > ifconfig-pool-persist ipp.txt
> > client-to-client
> > keepalive 10 120
> > comp-lzo
> > user nobody
> > group nobody
> > persist-key
> > persist-tun
> > status openvpn-status.log
> > verb 3
> >
> >
> >
> > and when running
> > # openvpn ./client.conf
> > Tue Jan  9 14:54:14 2007 VERIFY OK:
> > depth=0, /C=US/ST=NA/O=OrgName/CN=CommonName/Email=my@xxxxxxxxxx
> > Tue Jan  9 14:54:14 2007 Data Channel Encrypt: Cipher 'BF-CBC'
> > initialized with 128 bit key
> > Tue Jan  9 14:54:14 2007 Data Channel Encrypt: Using 160 bit message
> > hash 'SHA1' for HMAC authentication
> > Tue Jan  9 14:54:14 2007 Data Channel Decrypt: Cipher 'BF-CBC'
> > initialized with 128 bit key
> > Tue Jan  9 14:54:14 2007 Data Channel Decrypt: Using 160 bit message
> > hash 'SHA1' for HMAC authentication
> > Tue Jan  9 14:54:14 2007 Control Channel: TLSv1, cipher TLSv1/SSLv3
> > EDH-RSA-DES-CBC3-SHA, 1024 bit RSA
> > Tue Jan  9 14:54:14 2007 [ServerName] Peer Connection Initiated with
> > 192.168.1.252:1194
> > Tue Jan  9 14:54:15 2007 SENT CONTROL [ServerName]: 'PUSH_REQUEST'
> > (status=1)Tue Jan  9 14:54:15 2007 PUSH: Received control
> > message: 'PUSH_REPLY,route 10.8.0.0 255.255.255.0,ping 10,ping-restart
> > 120,ifconfig 10.8.0.6 10.8.0.5'
> > Tue Jan  9 14:54:15 2007 OPTIONS IMPORT: timers and/or timeouts modified
> > Tue Jan  9 14:54:15 2007 OPTIONS IMPORT: --ifconfig/up options modified
> > Tue Jan  9 14:54:15 2007 OPTIONS IMPORT: route options modified
> > Tue Jan  9 14:54:15 2007 Cannot allocate TUN/TAP dev dynamically
> > Tue Jan  9 14:54:15 2007 Exiting
> >
> > # egrep -v "^(#|*$|;)" client.conf
> > client
> > dev tun
> > proto tcp
> > remote serverDomain 1194
> > resolv-retry infinite
> > nobind
> > user nobody
> > group nobody
> > persist-key
> > persist-tun
> > ca /etc/openvpn/clientkeys/ca.crt
> > cert /etc/openvpn/clientkeys/client.crt
> > key /etc/openvpn/clientkeys/client.key
> > comp-lzo
> > verb 3
> >
> > What am I missing?
> >
> > Thanks,
> > Tim
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > -------------------------------------------------------------------------
> > Take Surveys. Earn Cash. Influence the Future of IT
> > Join SourceForge.net's Techsay panel and you'll get the chance to share
> > your opinions on IT & business topics through brief surveys - and earn
> > cash
> > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
> >
> >
> > ------------------------------------------------------------------------
> >
> > _______________________________________________
> > Openvpn-users mailing list
> > Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> > https://lists.sourceforge.net/lists/listinfo/openvpn-users

Attachment: pgpbETmG7F19D.pgp
Description: PGP signature

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV

_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Follow-Ups:
- Re: [Openvpn-users] Cannot allocate TUN/TAP dev dynamically
  - From: Mike Hambidge
- [Openvpn-users] HELP-ME OpenVPN x iptables
  - From: cristiano furtado

References:
- [Openvpn-users] Cannot allocate TUN/TAP dev dynamically
  - From: Tim Wunder
- Re: [Openvpn-users] Cannot allocate TUN/TAP dev dynamically
  - From: Mike Hambidge

Prev by Date: [Openvpn-users] Newbie question: Samba with OpenVPN and DNS names
Next by Date: Re: [Openvpn-users] Newbie question: Samba with OpenVPN and DNS names
Previous by thread: Re: [Openvpn-users] Cannot allocate TUN/TAP dev dynamically
Next by thread: Re: [Openvpn-users] Cannot allocate TUN/TAP dev dynamically
Index(es):
- Date
- Thread