Hello,
Love the work, so thank you! However, I'm having an issue getting OpenVPN to successfully start (error from jail /var/log/messages below) and I was hoping someone here may be able to help point me in the right direction. Any ideas what might be going on?
Also, OpenVPN fails earlier unless I create the "tun" interface (using 'ifconfig tun create') on the host. I doubt this is expected as I don't see it mentioned in the instructions.
Sat Jul 23 18:18:17 2016 OpenVPN 2.3.11 amd64-portbld-freebsd9.3 [SSL (OpenSSL)] [LZO] [MH] [IPv6] built on Jun 6 2016
Sat Jul 23 18:18:17 2016 library versions: OpenSSL 0.9.8za-freebsd 5 Jun 2014, LZO 2.09
Sat Jul 23 18:18:17 2016 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sat Jul 23 18:18:17 2016 Control Channel Authentication: tls-auth using INLINE static key file
Sat Jul 23 18:18:17 2016 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jul 23 18:18:17 2016 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jul 23 18:18:17 2016 Socket Buffers: R=[42080->524288] S=[9216->524288]
Sat Jul 23 18:18:17 2016 UDPv4 link local: [undef]
Sat Jul 23 18:18:17 2016 UDPv4 link remote: [AF_INET]XX.XX.XX.XX:1195
Sat Jul 23 18:18:17 2016 TLS: Initial packet from [AF_INET]XX.XX.XX.XX:1195, sid=1fd8b08c 3c11b001
Sat Jul 23 18:18:18 2016 VERIFY OK: depth=1, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=ExpressVPN CA, emailAddress=[email protected]
Sat Jul 23 18:18:18 2016 VERIFY OK: nsCertType=SERVER
Sat Jul 23 18:18:18 2016 VERIFY X509NAME OK: C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server, emailAddress=[email protected]
Sat Jul 23 18:18:18 2016 VERIFY OK: depth=0, C=VG, ST=BVI, O=ExpressVPN, OU=ExpressVPN, CN=Server, emailAddress=[email protected]
Sat Jul 23 18:18:18 2016 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Jul 23 18:18:18 2016 Data Channel Encrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jul 23 18:18:18 2016 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
Sat Jul 23 18:18:18 2016 Data Channel Decrypt: Using 512 bit message hash 'SHA512' for HMAC authentication
Sat Jul 23 18:18:18 2016 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Jul 23 18:18:18 2016 [Server] Peer Connection Initiated with [AF_INET]XX.XX.XX.XX:1195
Sat Jul 23 18:18:20 2016 SENT CONTROL [Server]: 'PUSH_REQUEST' (status=1)
Sat Jul 23 18:18:20 2016 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.13.0.1,route 10.13.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.13.3.138 10.13.3.137'
Sat Jul 23 18:18:20 2016 OPTIONS IMPORT: timers and/or timeouts modified
Sat Jul 23 18:18:20 2016 OPTIONS IMPORT: --ifconfig/up options modified
Sat Jul 23 18:18:20 2016 OPTIONS IMPORT: route options modified
Sat Jul 23 18:18:20 2016 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Jul 23 18:18:20 2016 Could not retrieve default gateway from route socket:: No such process (errno=3)
Sat Jul 23 18:18:20 2016 ROUTE: default_gateway=UNDEF
Sat Jul 23 18:18:20 2016 Cannot allocate TUN/TAP dev dynamically
Sat Jul 23 18:18:20 2016 Exiting due to fatal error