Gentoo Forums :: View topic - Openvpn not working

Openvpn not working

View unanswered posts
View posts from last 24 hours

Gentoo Forums Forum Index

Gentoo on AMD64

View previous topic :: View next topic

Author

Message

unixbhaskar
Tux's lil' helper

Joined: 29 Nov 2007
Posts: 119
Location: India

Posted: Sun Mar 25, 2018 6:17 am Post subject: Openvpn not working

I am stuck with this : tun device not creating ....ifconfig/ip doesn't show it....although kernel compile opton tuned to "y"

Here is my openvpn.conf

Code:

client
dev tun
proto udp
remote in.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 0
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt
disable-occ
auth-nocache
auth-user-pass login.conf
log /etc/openvpn/openvpn.log
verb 4
status openvpn-status.log
pull

This is what I am getting while starting the service :

Code:

root@GentooLinux_11:42:51_Sun Mar 25:/etc/openvpn # /etc/init.d/openvpn restart
* Stopping openvpn ...
* start-stop-daemon: no matching processes found [ ok ]
* Starting openvpn ... [ ok ]
* WARNING: openvpn has started, but is inactive

And here is the log says : missing cipher and few UNDEF stuff ...

Code:

root@GentooLinux_11:43:44_Sun Mar 25:/etc/openvpn # cat openvpn.log
Sun Mar 25 11:42:58 2018 us=437803 Current Parameter Settings:
Sun Mar 25 11:42:58 2018 us=437856 config = '/etc/openvpn/openvpn.conf'
Sun Mar 25 11:42:58 2018 us=437867 mode = 0
Sun Mar 25 11:42:58 2018 us=437874 persist_config = DISABLED
Sun Mar 25 11:42:58 2018 us=437881 persist_mode = 1
Sun Mar 25 11:42:58 2018 us=437887 show_ciphers = DISABLED
Sun Mar 25 11:42:58 2018 us=437893 show_digests = DISABLED
Sun Mar 25 11:42:58 2018 us=437899 show_engines = DISABLED
Sun Mar 25 11:42:58 2018 us=437905 genkey = DISABLED
Sun Mar 25 11:42:58 2018 us=437911 key_pass_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=437917 show_tls_ciphers = DISABLED
Sun Mar 25 11:42:58 2018 us=437923 connect_retry_max = 0
Sun Mar 25 11:42:58 2018 us=437929 Connection profiles [0]:
Sun Mar 25 11:42:58 2018 us=437935 proto = udp
Sun Mar 25 11:42:58 2018 us=437940 local = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=437947 local_port = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=437953 remote = 'in.privateinternetaccess.com'
Sun Mar 25 11:42:58 2018 us=437959 remote_port = '1198'
Sun Mar 25 11:42:58 2018 us=437967 remote_float = DISABLED
Sun Mar 25 11:42:58 2018 us=437974 bind_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=437997 bind_local = DISABLED
Sun Mar 25 11:42:58 2018 us=438008 bind_ipv6_only = DISABLED
Sun Mar 25 11:42:58 2018 us=438014 connect_retry_seconds = 5
Sun Mar 25 11:42:58 2018 us=438020 connect_timeout = 120
Sun Mar 25 11:42:58 2018 us=438026 socks_proxy_server = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438032 socks_proxy_port = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438038 tun_mtu = 1500
Sun Mar 25 11:42:58 2018 us=438044 tun_mtu_defined = ENABLED
Sun Mar 25 11:42:58 2018 us=438050 link_mtu = 1500
Sun Mar 25 11:42:58 2018 us=438055 link_mtu_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=438061 tun_mtu_extra = 0
Sun Mar 25 11:42:58 2018 us=438067 tun_mtu_extra_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=438073 mtu_discover_type = -1
Sun Mar 25 11:42:58 2018 us=438079 fragment = 0
Sun Mar 25 11:42:58 2018 us=438085 mssfix = 1450
Sun Mar 25 11:42:58 2018 us=438090 explicit_exit_notification = 0
Sun Mar 25 11:42:58 2018 us=438096 Connection profiles END
Sun Mar 25 11:42:58 2018 us=438102 remote_random = DISABLED
Sun Mar 25 11:42:58 2018 us=438108 ipchange = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438114 dev = 'tun'
Sun Mar 25 11:42:58 2018 us=438120 dev_type = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438126 dev_node = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438131 lladdr = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438137 topology = 1
Sun Mar 25 11:42:58 2018 us=438143 ifconfig_local = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438149 ifconfig_remote_netmask = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438155 ifconfig_noexec = DISABLED
Sun Mar 25 11:42:58 2018 us=438160 ifconfig_nowarn = DISABLED
Sun Mar 25 11:42:58 2018 us=438166 ifconfig_ipv6_local = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438172 ifconfig_ipv6_netbits = 0
Sun Mar 25 11:42:58 2018 us=438178 ifconfig_ipv6_remote = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438183 shaper = 0
Sun Mar 25 11:42:58 2018 us=438189 mtu_test = 0
Sun Mar 25 11:42:58 2018 us=438195 mlock = DISABLED
Sun Mar 25 11:42:58 2018 us=438201 keepalive_ping = 0
Sun Mar 25 11:42:58 2018 us=438206 keepalive_timeout = 0
Sun Mar 25 11:42:58 2018 us=438212 inactivity_timeout = 0
Sun Mar 25 11:42:58 2018 us=438218 ping_send_timeout = 0
Sun Mar 25 11:42:58 2018 us=438224 ping_rec_timeout = 0
Sun Mar 25 11:42:58 2018 us=438229 ping_rec_timeout_action = 0
Sun Mar 25 11:42:58 2018 us=438235 ping_timer_remote = DISABLED
Sun Mar 25 11:42:58 2018 us=438241 remap_sigusr1 = 0
Sun Mar 25 11:42:58 2018 us=438246 persist_tun = ENABLED
Sun Mar 25 11:42:58 2018 us=438252 persist_local_ip = DISABLED
Sun Mar 25 11:42:58 2018 us=438257 persist_remote_ip = DISABLED
Sun Mar 25 11:42:58 2018 us=438263 persist_key = ENABLED
Sun Mar 25 11:42:58 2018 us=438269 passtos = DISABLED
Sun Mar 25 11:42:58 2018 us=438274 resolve_retry_seconds = 1000000000
Sun Mar 25 11:42:58 2018 us=438280 resolve_in_advance = DISABLED
Sun Mar 25 11:42:58 2018 us=438290 username = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438297 groupname = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438303 chroot_dir = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438309 cd_dir = '/etc/openvpn'
Sun Mar 25 11:42:58 2018 us=438315 writepid = '/var/run/openvpn.pid'
Sun Mar 25 11:42:58 2018 us=438321 up_script = '/etc/openvpn/up.sh'
Sun Mar 25 11:42:58 2018 us=438327 down_script = '/etc/openvpn/down.sh'
Sun Mar 25 11:42:58 2018 us=438333 down_pre = ENABLED
Sun Mar 25 11:42:58 2018 us=438339 up_restart = ENABLED
Sun Mar 25 11:42:58 2018 us=438345 up_delay = ENABLED
Sun Mar 25 11:42:58 2018 us=438351 daemon = ENABLED
Sun Mar 25 11:42:58 2018 us=438357 inetd = 0
Sun Mar 25 11:42:58 2018 us=438363 log = ENABLED
Sun Mar 25 11:42:58 2018 us=438368 suppress_timestamps = DISABLED
Sun Mar 25 11:42:58 2018 us=438374 machine_readable_output = DISABLED
Sun Mar 25 11:42:58 2018 us=438380 nice = 0
Sun Mar 25 11:42:58 2018 us=438386 verbosity = 4
Sun Mar 25 11:42:58 2018 us=438392 mute = 0
Sun Mar 25 11:42:58 2018 us=438398 gremlin = 0
Sun Mar 25 11:42:58 2018 us=438403 status_file = 'openvpn-status.log'
Sun Mar 25 11:42:58 2018 us=438409 status_file_version = 1
Sun Mar 25 11:42:58 2018 us=438415 status_file_update_freq = 60
Sun Mar 25 11:42:58 2018 us=438421 occ = DISABLED
Sun Mar 25 11:42:58 2018 us=438426 rcvbuf = 0
Sun Mar 25 11:42:58 2018 us=438432 sndbuf = 0
Sun Mar 25 11:42:58 2018 us=438438 mark = 0
Sun Mar 25 11:42:58 2018 us=438444 sockflags = 0
Sun Mar 25 11:42:58 2018 us=438450 fast_io = DISABLED
Sun Mar 25 11:42:58 2018 us=438456 comp.alg = 2
Sun Mar 25 11:42:58 2018 us=438461 comp.flags = 1
Sun Mar 25 11:42:58 2018 us=438467 route_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438474 route_default_gateway = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438480 route_default_metric = 0
Sun Mar 25 11:42:58 2018 us=438485 route_noexec = DISABLED
Sun Mar 25 11:42:58 2018 us=438491 route_delay = 0
Sun Mar 25 11:42:58 2018 us=438497 route_delay_window = 30
Sun Mar 25 11:42:58 2018 us=438503 route_delay_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=438509 route_nopull = DISABLED
Sun Mar 25 11:42:58 2018 us=438515 route_gateway_via_dhcp = DISABLED
Sun Mar 25 11:42:58 2018 us=438521 allow_pull_fqdn = DISABLED
Sun Mar 25 11:42:58 2018 us=438527 management_addr = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438533 management_port = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438539 management_user_pass = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438545 management_log_history_cache = 250
Sun Mar 25 11:42:58 2018 us=438551 management_echo_buffer_size = 100
Sun Mar 25 11:42:58 2018 us=438557 management_write_peer_info_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438562 management_client_user = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438569 management_client_group = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438575 management_flags = 0
Sun Mar 25 11:42:58 2018 us=438580 shared_secret_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438586 key_direction = 0
Sun Mar 25 11:42:58 2018 us=438592 ciphername = 'aes-128-cbc'
Sun Mar 25 11:42:58 2018 us=438598 ncp_enabled = ENABLED
Sun Mar 25 11:42:58 2018 us=438604 ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Sun Mar 25 11:42:58 2018 us=438610 authname = 'sha1'
Sun Mar 25 11:42:58 2018 us=438616 prng_hash = 'SHA1'
Sun Mar 25 11:42:58 2018 us=438622 prng_nonce_secret_len = 16
Sun Mar 25 11:42:58 2018 us=438628 keysize = 0
Sun Mar 25 11:42:58 2018 us=438634 replay = ENABLED
Sun Mar 25 11:42:58 2018 us=438639 mute_replay_warnings = DISABLED
Sun Mar 25 11:42:58 2018 us=438645 replay_window = 64
Sun Mar 25 11:42:58 2018 us=438651 replay_time = 15
Sun Mar 25 11:42:58 2018 us=438657 packet_id_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438663 use_iv = ENABLED
Sun Mar 25 11:42:58 2018 us=438669 test_crypto = DISABLED
Sun Mar 25 11:42:58 2018 us=438675 use_prediction_resistance = DISABLED
Sun Mar 25 11:42:58 2018 us=438680 tls_server = DISABLED
Sun Mar 25 11:42:58 2018 us=438689 tls_client = ENABLED
Sun Mar 25 11:42:58 2018 us=438696 key_method = 2
Sun Mar 25 11:42:58 2018 us=438702 ca_file = 'ca.rsa.2048.crt'
Sun Mar 25 11:42:58 2018 us=438708 ca_path = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438714 dh_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438720 cert_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438726 extra_certs_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438732 priv_key_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438738 cipher_list = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438744 tls_verify = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438750 tls_export_cert = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438756 verify_x509_type = 0
Sun Mar 25 11:42:58 2018 us=438762 verify_x509_name = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438767 crl_file = 'crl.rsa.2048.pem'
Sun Mar 25 11:42:58 2018 us=438773 ns_cert_type = 0
Sun Mar 25 11:42:58 2018 us=438779 remote_cert_ku[i] = 65535
Sun Mar 25 11:42:58 2018 us=438785 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438791 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438797 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438802 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438808 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438813 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438819 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438824 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438830 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438836 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438841 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438847 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438853 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438858 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438864 remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438870 remote_cert_eku = 'TLS Web Server Authentication'
Sun Mar 25 11:42:58 2018 us=438876 ssl_flags = 0
Sun Mar 25 11:42:58 2018 us=438882 tls_timeout = 2
Sun Mar 25 11:42:58 2018 us=438888 renegotiate_bytes = -1
Sun Mar 25 11:42:58 2018 us=438894 renegotiate_packets = 0
Sun Mar 25 11:42:58 2018 us=438900 renegotiate_seconds = 0
Sun Mar 25 11:42:58 2018 us=438906 handshake_window = 60
Sun Mar 25 11:42:58 2018 us=438911 transition_window = 3600
Sun Mar 25 11:42:58 2018 us=438917 single_session = DISABLED
Sun Mar 25 11:42:58 2018 us=438923 push_peer_info = DISABLED
Sun Mar 25 11:42:58 2018 us=438929 tls_exit = DISABLED
Sun Mar 25 11:42:58 2018 us=438935 tls_auth_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438941 tls_crypt_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438950 server_network = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=438957 server_netmask = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=438968 server_network_ipv6 = ::
Sun Mar 25 11:42:58 2018 us=438975 server_netbits_ipv6 = 0
Sun Mar 25 11:42:58 2018 us=438995 server_bridge_ip = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439008 server_bridge_netmask = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439016 server_bridge_pool_start = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439022 server_bridge_pool_end = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439028 ifconfig_pool_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=439037 ifconfig_pool_start = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439045 ifconfig_pool_end = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439051 ifconfig_pool_netmask = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439057 ifconfig_pool_persist_filename = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439063 ifconfig_pool_persist_refresh_freq = 600
Sun Mar 25 11:42:58 2018 us=439069 ifconfig_ipv6_pool_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=439075 ifconfig_ipv6_pool_base = ::
Sun Mar 25 11:42:58 2018 us=439082 ifconfig_ipv6_pool_netbits = 0
Sun Mar 25 11:42:58 2018 us=439088 n_bcast_buf = 256
Sun Mar 25 11:42:58 2018 us=439094 tcp_queue_limit = 64
Sun Mar 25 11:42:58 2018 us=439100 real_hash_size = 256
Sun Mar 25 11:42:58 2018 us=439106 virtual_hash_size = 256
Sun Mar 25 11:42:58 2018 us=439112 client_connect_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439121 learn_address_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439128 client_disconnect_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439134 client_config_dir = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439141 ccd_exclusive = DISABLED
Sun Mar 25 11:42:58 2018 us=439147 tmp_dir = '/tmp'
Sun Mar 25 11:42:58 2018 us=439152 push_ifconfig_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=439159 push_ifconfig_local = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439165 push_ifconfig_remote_netmask = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439171 push_ifconfig_ipv6_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=439177 push_ifconfig_ipv6_local = ::/0
Sun Mar 25 11:42:58 2018 us=439184 push_ifconfig_ipv6_remote = ::
Sun Mar 25 11:42:58 2018 us=439190 enable_c2c = DISABLED
Sun Mar 25 11:42:58 2018 us=439196 duplicate_cn = DISABLED
Sun Mar 25 11:42:58 2018 us=439202 cf_max = 0
Sun Mar 25 11:42:58 2018 us=439208 cf_per = 0
Sun Mar 25 11:42:58 2018 us=439214 max_clients = 1024
Sun Mar 25 11:42:58 2018 us=439220 max_routes_per_client = 256
Sun Mar 25 11:42:58 2018 us=439225 auth_user_pass_verify_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439231 auth_user_pass_verify_script_via_file = DISABLED
Sun Mar 25 11:42:58 2018 us=439237 auth_token_generate = DISABLED
Sun Mar 25 11:42:58 2018 us=439243 auth_token_lifetime = 0
Sun Mar 25 11:42:58 2018 us=439249 port_share_host = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439255 port_share_port = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439261 client = ENABLED
Sun Mar 25 11:42:58 2018 us=439267 pull = ENABLED
Sun Mar 25 11:42:58 2018 us=439273 auth_user_pass_file = 'login.conf'
Sun Mar 25 11:42:58 2018 us=439280 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (mbed TLS)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 25 2018
Sun Mar 25 11:42:58 2018 us=439293 library versions: mbed TLS 2.7.1, LZO 2.09
Sun Mar 25 11:42:58 2018 us=439725 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Mar 25 11:42:58 2018 us=440103 Cipher algorithm 'aes-128-cbc' not found
Sun Mar 25 11:42:58 2018 us=440128 Cipher aes-128-cbc not supported
Sun Mar 25 11:42:58 2018 us=440143 Exiting due to fatal error

Hope someone pinpoint me the inssue. Thank you.
_________________
Musing with GNU/Linux

Lenovo Thinkpad x250
x86_64 Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz GenuineIntel GNU/Linux
RAM : 8 GB
Kernel :Latest customized kernel
OS: Gentoo/Arch/Slackware/Debian/openSUSE/Fedora
Intel 965GM Chipset

bbgermany
Veteran
Veteran

Joined: 21 Feb 2005
Posts: 1844
Location: Oranienburg/Germany

Posted: Mon Mar 26, 2018 6:26 am Post subject:

Hi, 1st: do you have sys-apps/usermode-utilities installed? 2nd: do you have a net.tun0 link in /etc/init.d which is installed in default runlevel? greets, bb _________________ Desktop: Ryzen 5 5600G, 32GB, 2TB, RX7600 Notebook: Dell XPS 13 9370, 16GB, 1TB Server #1: Ryzen 5 Pro 4650G, 64GB, 16.5TB Server #2: Ryzen 4800H, 32GB, 22TB

unixbhaskar
Tux's lil' helper

Joined: 29 Nov 2007
Posts: 119
Location: India

Posted: Mon Mar 26, 2018 7:33 am Post subject:

bbgermany wrote:

Hi,

1st: do you have sys-apps/usermode-utilities installed?
2nd: do you have a net.tun0 link in /etc/init.d which is installed in default runlevel?

greets, bb

Thanks man for the heads up...here are stuff I did

Code:

root@GentooLinux_12:57:59_Mon Mar 26:~ # genlop -t sys-apps/usermode-utilities
* sys-apps/usermode-utilities

Tue Jul 18 15:36:14 2017 >>> sys-apps/usermode-utilities-20070815-r3
merge time: 10 seconds.

Fri Jan 12 21:52:23 2018 >>> sys-apps/usermode-utilities-20070815-r3
merge time: 14 seconds.

Next :

Well it was not there ..so I created it

Code:

root@GentooLinux_13:00:01_Mon Mar 26:/etc/init.d # ls -al net.tun0
lrwxrwxrwx 1 root root 6 Mar 26 13:00 net.tun0 -> net.lo

_________________
Musing with GNU/Linux

guitou
Guru
Guru

Joined: 02 Oct 2003
Posts: 534
Location: France

Posted: Mon Mar 26, 2018 10:16 am Post subject:

Hello. Don't know anything about vpn setup, but looking at error message, I wonder if it could be as simple as a missing kernel option (CONFIG_CRYPTO_CBC). ++ Gi)

bbgermany
Veteran
Veteran

Joined: 21 Feb 2005
Posts: 1844
Location: Oranienburg/Germany

Posted: Mon Mar 26, 2018 1:14 pm Post subject:

unixbhaskar wrote:

Next :

Well it was not there ..so I created it

Code:

root@GentooLinux_13:00:01_Mon Mar 26:/etc/init.d # ls -al net.tun0
lrwxrwxrwx 1 root root 6 Mar 26 13:00 net.tun0 -> net.lo

Did you start the interface and restart the openvpn daemon and checked again?

greets, bb
_________________
Desktop: Ryzen 5 5600G, 32GB, 2TB, RX7600
Notebook: Dell XPS 13 9370, 16GB, 1TB
Server #1: Ryzen 5 Pro 4650G, 64GB, 16.5TB
Server #2: Ryzen 4800H, 32GB, 22TB

unixbhaskar
Tux's lil' helper

Joined: 29 Nov 2007
Posts: 119
Location: India

Posted: Tue Mar 27, 2018 10:47 am Post subject:

guitou wrote:

Hello.

Don't know anything about vpn setup, but looking at error message, I wonder if it could be as simple as a missing kernel option (CONFIG_CRYPTO_CBC).

++
Gi)

Spot on man! thanks a bunch...
_________________
Musing with GNU/Linux

guitou
Guru
Guru

Joined: 02 Oct 2003
Posts: 534
Location: France

Posted: Tue Mar 27, 2018 11:57 am Post subject:

Hey. Glad to know I managed to be a little help for once at least ++ Gi)

unixbhaskar
Tux's lil' helper

Joined: 29 Nov 2007
Posts: 119
Location: India

Posted: Tue Mar 27, 2018 12:04 pm Post subject:

guitou wrote:

Hey.
Glad to know I managed to be a little help for once at least

++
Gi)

Look like , I celebrate too early...inspite of recompiling ker with options enable ...still getting this

Code:

root@GentooLinux_17:28:58_Tue Mar 27:/etc/openvpn # openvpn India.ovpn
Tue Mar 27 17:29:11 2018 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (mbed TLS)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 25 2018
Tue Mar 27 17:29:11 2018 library versions: mbed TLS 2.7.1, LZO 2.09
Enter Auth Username:x83054
Enter Auth Password:
Tue Mar 27 17:30:08 2018 Cipher aes-256-cbc not supported
Tue Mar 27 17:30:08 2018 Exiting due to fatal error
root@GentooLinux_17:30:08_Tue Mar 27:/etc/openvpn # cd /usr/src
root@GentooLinux_17:31:39_Tue Mar 27:/usr/src # ls
.config .keep gentoo_custom_kernel.sh linux linux-4.15.13
root@GentooLinux_17:31:40_Tue Mar 27:/usr/src # grep CONFIG_CRYPTO_CBC linux-4.15.13/.config
CONFIG_CRYPTO_CBC=y

_________________
Musing with GNU/Linux

guitou
Guru
Guru

Joined: 02 Oct 2003
Posts: 534
Location: France

Posted: Tue Mar 27, 2018 1:11 pm Post subject:

Well, looks like I did as well, sorry. After some reading around, I found posts on forums telling TLS not supporting aes-cbc... Have you compiled openvpn with TLS? If yes, then maybe try with openssl. ++ Gi)

unixbhaskar
Tux's lil' helper

Joined: 29 Nov 2007
Posts: 119
Location: India

Posted: Tue Mar 27, 2018 1:41 pm Post subject:

guitou wrote:

Well, looks like I did as well, sorry.

After some reading around, I found posts on forums telling TLS not supporting aes-cbc... Have you compiled openvpn with TLS? If yes, then maybe try with openssl.

++
Gi)

Yes you are spot on again...Yes I did ...with mbed TLS ,which basically bypass openssl ...heck...it seems I need to re-emerge openvpn with excluded tls stuff ...

Thanks for pointing that...let me give it a shot...come back to you .....
_________________
Musing with GNU/Linux

unixbhaskar
Tux's lil' helper

Joined: 29 Nov 2007
Posts: 119
Location: India

Posted: Wed Mar 28, 2018 6:04 am Post subject: Resolved..do not compile openvpn with mbedtls flag

Yay! working ....

Code:

root@GentooLinux_11:29:14_Wed Mar 28:/etc/openvpn # openvpn India.ovpn
Wed Mar 28 11:29:58 2018 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 28 2018
Wed Mar 28 11:29:58 2018 library versions: OpenSSL 1.0.2n 7 Dec 2017, LZO 2.09
Enter Auth Username:x8305462
Enter Auth Password:
Wed Mar 28 11:30:16 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]138.128.180.194:1197
Wed Mar 28 11:30:16 2018 UDP link local: (not bound)
Wed Mar 28 11:30:16 2018 UDP link remote: [AF_INET]138.128.180.194:1197
Wed Mar 28 11:30:16 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Mar 28 11:30:17 2018 [8ba17a40d40a1cf8af7891dade844abe] Peer Connection Initiated with [AF_INET]138.128.180.194:1197
Wed Mar 28 11:30:23 2018 TUN/TAP device tun0 opened
Wed Mar 28 11:30:23 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Mar 28 11:30:23 2018 /bin/ip link set dev tun0 up mtu 1500
Wed Mar 28 11:30:23 2018 /bin/ip addr add dev tun0 local 10.45.10.6 peer 10.45.10.5
Wed Mar 28 11:30:23 2018 Initialization Sequence Completed

_________________
Musing with GNU/Linux

guitou
Guru
Guru

Joined: 02 Oct 2003
Posts: 534
Location: France

Posted: Wed Mar 28, 2018 2:18 pm Post subject:

Great ++ Gi)

Display posts from previous:

	Gentoo Forums Forum Index Gentoo on AMD64	All times are GMT
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy