Hello,
I'm trying to run the OpenVPN in a jail. It "almost" works ;-)..
My problem: the TUN device number gets _sometimes_ increased, like "tun5" after the jail restart. But not always. As result, the service start fails like:
When I'm lucky, the TUN# stays between restarts and I can update the TUN# based on the "ifconfig" output into the openvpn server.conf (like "dev tun5").
I've read quite a lot now and it seems to boil down to new/old TUN kerner driver and persisting the TUN device etc. - but I'm not sure I didn't miss something much easier here, as this seems to be something pretty basic.
The optimal solution would be to have a TUN and not TUN#, so I can just say "dev tun" and not "dev tun8". It actually worked already a few times, when the X in "dev tunX" matched the ifconfing "tunX" number.
Thank you,
Andrej
I'm trying to run the OpenVPN in a jail. It "almost" works ;-)..
My problem: the TUN device number gets _sometimes_ increased, like "tun5" after the jail restart. But not always. As result, the service start fails like:
Code:
Jun 23 11:16:21 tasks openvpn[70584]: TUN/TAP device /dev/tun0 opened Jun 23 11:16:21 tasks openvpn[70584]: do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Jun 23 11:16:21 tasks openvpn[70584]: /sbin/ifconfig tun0 10.8.0.1 10.8.0.2 mtu 1500 netmask 255.255.255.255 up Jun 23 11:16:21 tasks openvpn[70584]: FreeBSD ifconfig failed: external program exited with error status: 1 Jun 23 11:16:21 tasks openvpn[70584]: Exiting due to fatal error
When I'm lucky, the TUN# stays between restarts and I can update the TUN# based on the "ifconfig" output into the openvpn server.conf (like "dev tun5").
I've read quite a lot now and it seems to boil down to new/old TUN kerner driver and persisting the TUN device etc. - but I'm not sure I didn't miss something much easier here, as this seems to be something pretty basic.
The optimal solution would be to have a TUN and not TUN#, so I can just say "dev tun" and not "dev tun8". It actually worked already a few times, when the X in "dev tunX" matched the ifconfing "tunX" number.
Thank you,
Andrej