[nas-2000] Re: OpenVPN Server

  • From: Codebotcher <codebotcher@xxxxxx>
  • To: nas-2000@xxxxxxxxxxxxx
  • Date: Sat, 17 Nov 2007 16:19:09 +0100

Hi Flip,

thanks for the information. I don't think that it is necessary to create
the tunnel device manually, as openvpn is usually taking care of this. I
got one step ahead by creating a node for /dev/net/tun by:

mkdir /dev/net
mknod /dev/net/tun c 10 200

Now I get the following messages when I start openvpn:

root@tuxbox:/~ # /system/overlay/openvpn/S50OpenVPN.sh
starting OpenVPN ...
Sat Nov 17 16:14:26 2007 OpenVPN 2.0.7 armv4l-unknown-linux-gnu [SSL]
[LZO] [EPOLL] built on Aug 16 2007
Sat Nov 17 16:14:26 2007 Diffie-Hellman initialized with 1024 bit key
Sat Nov 17 16:14:26 2007 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0
ET:0 EL:0 ]
Sat Nov 17 16:14:26 2007 Note: Cannot open TUN/TAP dev /dev/net/tun: No
such device (errno=19)
Sat Nov 17 16:14:26 2007 Note: Attempting fallback to kernel 2.2 TUN/TAP
interface
Sat Nov 17 16:14:26 2007 Cannot open TUN/TAP dev /dev/tun0: No such file
or directory (errno=2)
Sat Nov 17 16:14:26 2007 Exiting

which looks pretty much the same as before, except for the fact that the
error number is 19 now instead of 2.

I didn't come up with a solution for this problem when searching the
web, but found several hints that this problem occurs when the "tun"
module is not loaded. How can I check if "tun" is statically compiled in
the kernel?

Thanks,

CB

-------- Original Message  --------
Subject: [nas-2000] Re: OpenVPN Server
From: philipp Wehrheim <flipstar@xxxxxxx>
To: nas-2000@xxxxxxxxxxxxx
Date: Sat Nov 17 2007 14:41:49 GMT+0100

> 
> philipp Wehrheim wrote:
>> Hey,
>>
>> codebotcher@xxxxxx wrote:
>>> Hi Flip,
>>>
>>> I now managed to install all files so that they "survive" a reboot. Also I 
>>> have been able to adjust the server.conf file of OpenVPN to the NAS 
>>> requirements and a simple startup-script is also under way. I built the 
>>> required keys and certificates on my linux box and copied them to the new 
>>> configuration folder. So far so good...
>>>
>>> Now I have hit a problem which I cannot overcome. It seems that the kernel 
>>> module for the TUN device is missing, which is required for OpenVPN. Can 
>>> you give me a hint on how to build / get it?
>>>
>> If i remember right its staticly compiled into the kernel.
>>
>> try:
>>
>> brctl addif <bla>
>> brctl addbr <blub>
>>
>>
>> As far as I know you have to do:
>>
>> - start eth0 in promisc mode 0.0.0.0
>> - create a br0 bridge
>> - create a tun0 interface
>> - add eth0 and tun0 (virtual interface) to br0
>> - configure tun0 with your default values you usualy use for eth0.
>>
>> Hope you have a serial cable ;-)
>>
>> Otherwise you'll have to script the steps above and debugging will be a
>> pain.
> 
> ah and make sure the dir /dev/net exists!
> 
>>
>> Good luck
>> --
>> flip
>>
>>> Here's what I get:
>>>
>>> root@tuxbox:/system/overlay/rc.d # ./S50OpenVPN.sh
>>> starting OpenVPN ...
>>> Sat Nov 17 14:07:03 2007 OpenVPN 2.0.7 armv4l-unknown-linux-gnu [SSL] [LZO] 
>>> [EPOLL] built on Aug 16 2007
>>> Sat Nov 17 14:07:04 2007 Diffie-Hellman initialized with 1024 bit key
>>> Sat Nov 17 14:07:04 2007 TLS-Auth MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 
>>> EL:0 ]
>>> Sat Nov 17 14:07:04 2007 Note: Cannot open TUN/TAP dev /dev/net/tun: No 
>>> such file or directory (errno=2)
>>> Sat Nov 17 14:07:04 2007 Note: Attempting fallback to kernel 2.2 TUN/TAP 
>>> interface
>>> Sat Nov 17 14:07:04 2007 Cannot allocate TUN/TAP dev dynamically
>>> Sat Nov 17 14:07:04 2007 Exiting
>>>
>>>
>>> Cheers,
>>>
>>> CB
>>>
>>> -------- Original-Nachricht --------
>>>> Datum: Wed, 14 Nov 2007 22:53:53 +0100
>>>> Von: "flipstar@xxxxxxx" <flipstar@xxxxxxx>
>>>> An: nas-2000@xxxxxxxxxxxxx
>>>> Betreff: [nas-2000] Re: NAS problem
>>>> Hey Codebotcher,
>>>>
>>>> [..] 
>>>>> At the moment it seems that I can start the openvpn manually from the
>>>>> command line, but I'm not familiar with the linux system of the NAS,
>>>> yet.
>>>>> Where do I have to put the liblzo.* files to make sure they survive a
>>>>> reboot. At the moment I'm putting them manually from you archive folder
>>>>> to /usr/lib.
>>>> /system/overlay/lib/
>>>>
>>>> is the right place for libs
>>>> they are linked at boottime to /lib/
>>>>
>>>>> Where would you recommend to put the openvpn binary to make it
>>>>> persistant? is the /system/hddapp/bin a good place for it?
>>>> better use:
>>>>
>>>> /system/overlay/bin/
>>>>
>>>>> Is /system/hddapp/etc/ the right place to put the openvpn configuration
>>>> in order to keep things clean place the config in:
>>>>
>>>>  /system/overlay/openvpn/openvpn.conf
>>>>
>>>>> files and /system/hddapp/etc/rc.d the right folder to put the
>>>>> startup-scripts?
>>>> the "best"? thing is to put the startup script in
>>>>
>>>> /system/overlay/openvpn/<script>
>>>>
>>>> and create a symlink (ln -s) to
>>>>
>>>> /system/overlay/rc.d/S<XY>openvpn.sh
>>>>
>>>>
>>>> Thanks and have fun.
>>>>
>>>> --
>>>> flip

Other related posts: