Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Openvpn not working
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Gentoo on AMD64
View previous topic :: View next topic  
Author Message
unixbhaskar
Tux's lil' helper
Tux's lil' helper


Joined: 29 Nov 2007
Posts: 119
Location: India

PostPosted: Sun Mar 25, 2018 6:17 am    Post subject: Openvpn not working Reply with quote

I am stuck with this : tun device not creating ....ifconfig/ip doesn't show it....although kernel compile opton tuned to "y"

Here is my openvpn.conf
Code:

client
dev tun
proto udp
remote in.privateinternetaccess.com 1198
resolv-retry infinite
nobind
persist-key
persist-tun
cipher aes-128-cbc
auth sha1
tls-client
remote-cert-tls server
auth-user-pass
comp-lzo
verb 1
reneg-sec 0
crl-verify crl.rsa.2048.pem
ca ca.rsa.2048.crt
disable-occ
auth-nocache
auth-user-pass login.conf
log  /etc/openvpn/openvpn.log
verb 4
status openvpn-status.log
pull

This is what I am getting while starting the service :
Code:

root@GentooLinux_11:42:51_Sun Mar 25:/etc/openvpn # /etc/init.d/openvpn restart
 * Stopping openvpn ...
 * start-stop-daemon: no matching processes found                                                                                              [ ok ]
 * Starting openvpn ...                                                                                                                        [ ok ]
 * WARNING: openvpn has started, but is inactive



And here is the log says : missing cipher and few UNDEF stuff ...
Code:

root@GentooLinux_11:43:44_Sun Mar 25:/etc/openvpn # cat openvpn.log
Sun Mar 25 11:42:58 2018 us=437803 Current Parameter Settings:
Sun Mar 25 11:42:58 2018 us=437856   config = '/etc/openvpn/openvpn.conf'
Sun Mar 25 11:42:58 2018 us=437867   mode = 0
Sun Mar 25 11:42:58 2018 us=437874   persist_config = DISABLED
Sun Mar 25 11:42:58 2018 us=437881   persist_mode = 1
Sun Mar 25 11:42:58 2018 us=437887   show_ciphers = DISABLED
Sun Mar 25 11:42:58 2018 us=437893   show_digests = DISABLED
Sun Mar 25 11:42:58 2018 us=437899   show_engines = DISABLED
Sun Mar 25 11:42:58 2018 us=437905   genkey = DISABLED
Sun Mar 25 11:42:58 2018 us=437911   key_pass_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=437917   show_tls_ciphers = DISABLED
Sun Mar 25 11:42:58 2018 us=437923   connect_retry_max = 0
Sun Mar 25 11:42:58 2018 us=437929 Connection profiles [0]:
Sun Mar 25 11:42:58 2018 us=437935   proto = udp
Sun Mar 25 11:42:58 2018 us=437940   local = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=437947   local_port = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=437953   remote = 'in.privateinternetaccess.com'
Sun Mar 25 11:42:58 2018 us=437959   remote_port = '1198'
Sun Mar 25 11:42:58 2018 us=437967   remote_float = DISABLED
Sun Mar 25 11:42:58 2018 us=437974   bind_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=437997   bind_local = DISABLED
Sun Mar 25 11:42:58 2018 us=438008   bind_ipv6_only = DISABLED
Sun Mar 25 11:42:58 2018 us=438014   connect_retry_seconds = 5
Sun Mar 25 11:42:58 2018 us=438020   connect_timeout = 120
Sun Mar 25 11:42:58 2018 us=438026   socks_proxy_server = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438032   socks_proxy_port = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438038   tun_mtu = 1500
Sun Mar 25 11:42:58 2018 us=438044   tun_mtu_defined = ENABLED
Sun Mar 25 11:42:58 2018 us=438050   link_mtu = 1500
Sun Mar 25 11:42:58 2018 us=438055   link_mtu_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=438061   tun_mtu_extra = 0
Sun Mar 25 11:42:58 2018 us=438067   tun_mtu_extra_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=438073   mtu_discover_type = -1
Sun Mar 25 11:42:58 2018 us=438079   fragment = 0
Sun Mar 25 11:42:58 2018 us=438085   mssfix = 1450
Sun Mar 25 11:42:58 2018 us=438090   explicit_exit_notification = 0
Sun Mar 25 11:42:58 2018 us=438096 Connection profiles END
Sun Mar 25 11:42:58 2018 us=438102   remote_random = DISABLED
Sun Mar 25 11:42:58 2018 us=438108   ipchange = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438114   dev = 'tun'
Sun Mar 25 11:42:58 2018 us=438120   dev_type = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438126   dev_node = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438131   lladdr = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438137   topology = 1
Sun Mar 25 11:42:58 2018 us=438143   ifconfig_local = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438149   ifconfig_remote_netmask = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438155   ifconfig_noexec = DISABLED
Sun Mar 25 11:42:58 2018 us=438160   ifconfig_nowarn = DISABLED
Sun Mar 25 11:42:58 2018 us=438166   ifconfig_ipv6_local = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438172   ifconfig_ipv6_netbits = 0
Sun Mar 25 11:42:58 2018 us=438178   ifconfig_ipv6_remote = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438183   shaper = 0
Sun Mar 25 11:42:58 2018 us=438189   mtu_test = 0
Sun Mar 25 11:42:58 2018 us=438195   mlock = DISABLED
Sun Mar 25 11:42:58 2018 us=438201   keepalive_ping = 0
Sun Mar 25 11:42:58 2018 us=438206   keepalive_timeout = 0
Sun Mar 25 11:42:58 2018 us=438212   inactivity_timeout = 0
Sun Mar 25 11:42:58 2018 us=438218   ping_send_timeout = 0
Sun Mar 25 11:42:58 2018 us=438224   ping_rec_timeout = 0
Sun Mar 25 11:42:58 2018 us=438229   ping_rec_timeout_action = 0
Sun Mar 25 11:42:58 2018 us=438235   ping_timer_remote = DISABLED
Sun Mar 25 11:42:58 2018 us=438241   remap_sigusr1 = 0
Sun Mar 25 11:42:58 2018 us=438246   persist_tun = ENABLED
Sun Mar 25 11:42:58 2018 us=438252   persist_local_ip = DISABLED
Sun Mar 25 11:42:58 2018 us=438257   persist_remote_ip = DISABLED
Sun Mar 25 11:42:58 2018 us=438263   persist_key = ENABLED
Sun Mar 25 11:42:58 2018 us=438269   passtos = DISABLED
Sun Mar 25 11:42:58 2018 us=438274   resolve_retry_seconds = 1000000000
Sun Mar 25 11:42:58 2018 us=438280   resolve_in_advance = DISABLED
Sun Mar 25 11:42:58 2018 us=438290   username = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438297   groupname = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438303   chroot_dir = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438309   cd_dir = '/etc/openvpn'
Sun Mar 25 11:42:58 2018 us=438315   writepid = '/var/run/openvpn.pid'
Sun Mar 25 11:42:58 2018 us=438321   up_script = '/etc/openvpn/up.sh'
Sun Mar 25 11:42:58 2018 us=438327   down_script = '/etc/openvpn/down.sh'
Sun Mar 25 11:42:58 2018 us=438333   down_pre = ENABLED
Sun Mar 25 11:42:58 2018 us=438339   up_restart = ENABLED
Sun Mar 25 11:42:58 2018 us=438345   up_delay = ENABLED
Sun Mar 25 11:42:58 2018 us=438351   daemon = ENABLED
Sun Mar 25 11:42:58 2018 us=438357   inetd = 0
Sun Mar 25 11:42:58 2018 us=438363   log = ENABLED
Sun Mar 25 11:42:58 2018 us=438368   suppress_timestamps = DISABLED
Sun Mar 25 11:42:58 2018 us=438374   machine_readable_output = DISABLED
Sun Mar 25 11:42:58 2018 us=438380   nice = 0
Sun Mar 25 11:42:58 2018 us=438386   verbosity = 4
Sun Mar 25 11:42:58 2018 us=438392   mute = 0
Sun Mar 25 11:42:58 2018 us=438398   gremlin = 0
Sun Mar 25 11:42:58 2018 us=438403   status_file = 'openvpn-status.log'
Sun Mar 25 11:42:58 2018 us=438409   status_file_version = 1
Sun Mar 25 11:42:58 2018 us=438415   status_file_update_freq = 60
Sun Mar 25 11:42:58 2018 us=438421   occ = DISABLED
Sun Mar 25 11:42:58 2018 us=438426   rcvbuf = 0
Sun Mar 25 11:42:58 2018 us=438432   sndbuf = 0
Sun Mar 25 11:42:58 2018 us=438438   mark = 0
Sun Mar 25 11:42:58 2018 us=438444   sockflags = 0
Sun Mar 25 11:42:58 2018 us=438450   fast_io = DISABLED
Sun Mar 25 11:42:58 2018 us=438456   comp.alg = 2
Sun Mar 25 11:42:58 2018 us=438461   comp.flags = 1
Sun Mar 25 11:42:58 2018 us=438467   route_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438474   route_default_gateway = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438480   route_default_metric = 0
Sun Mar 25 11:42:58 2018 us=438485   route_noexec = DISABLED
Sun Mar 25 11:42:58 2018 us=438491   route_delay = 0
Sun Mar 25 11:42:58 2018 us=438497   route_delay_window = 30
Sun Mar 25 11:42:58 2018 us=438503   route_delay_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=438509   route_nopull = DISABLED
Sun Mar 25 11:42:58 2018 us=438515   route_gateway_via_dhcp = DISABLED
Sun Mar 25 11:42:58 2018 us=438521   allow_pull_fqdn = DISABLED
Sun Mar 25 11:42:58 2018 us=438527   management_addr = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438533   management_port = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438539   management_user_pass = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438545   management_log_history_cache = 250
Sun Mar 25 11:42:58 2018 us=438551   management_echo_buffer_size = 100
Sun Mar 25 11:42:58 2018 us=438557   management_write_peer_info_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438562   management_client_user = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438569   management_client_group = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438575   management_flags = 0
Sun Mar 25 11:42:58 2018 us=438580   shared_secret_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438586   key_direction = 0
Sun Mar 25 11:42:58 2018 us=438592   ciphername = 'aes-128-cbc'
Sun Mar 25 11:42:58 2018 us=438598   ncp_enabled = ENABLED
Sun Mar 25 11:42:58 2018 us=438604   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Sun Mar 25 11:42:58 2018 us=438610   authname = 'sha1'
Sun Mar 25 11:42:58 2018 us=438616   prng_hash = 'SHA1'
Sun Mar 25 11:42:58 2018 us=438622   prng_nonce_secret_len = 16
Sun Mar 25 11:42:58 2018 us=438628   keysize = 0
Sun Mar 25 11:42:58 2018 us=438634   replay = ENABLED
Sun Mar 25 11:42:58 2018 us=438639   mute_replay_warnings = DISABLED
Sun Mar 25 11:42:58 2018 us=438645   replay_window = 64
Sun Mar 25 11:42:58 2018 us=438651   replay_time = 15
Sun Mar 25 11:42:58 2018 us=438657   packet_id_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438663   use_iv = ENABLED
Sun Mar 25 11:42:58 2018 us=438669   test_crypto = DISABLED
Sun Mar 25 11:42:58 2018 us=438675   use_prediction_resistance = DISABLED
Sun Mar 25 11:42:58 2018 us=438680   tls_server = DISABLED
Sun Mar 25 11:42:58 2018 us=438689   tls_client = ENABLED
Sun Mar 25 11:42:58 2018 us=438696   key_method = 2
Sun Mar 25 11:42:58 2018 us=438702   ca_file = 'ca.rsa.2048.crt'
Sun Mar 25 11:42:58 2018 us=438708   ca_path = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438714   dh_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438720   cert_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438726   extra_certs_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438732   priv_key_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438738   cipher_list = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438744   tls_verify = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438750   tls_export_cert = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438756   verify_x509_type = 0
Sun Mar 25 11:42:58 2018 us=438762   verify_x509_name = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438767   crl_file = 'crl.rsa.2048.pem'
Sun Mar 25 11:42:58 2018 us=438773   ns_cert_type = 0
Sun Mar 25 11:42:58 2018 us=438779   remote_cert_ku[i] = 65535
Sun Mar 25 11:42:58 2018 us=438785   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438791   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438797   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438802   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438808   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438813   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438819   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438824   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438830   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438836   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438841   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438847   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438853   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438858   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438864   remote_cert_ku[i] = 0
Sun Mar 25 11:42:58 2018 us=438870   remote_cert_eku = 'TLS Web Server Authentication'
Sun Mar 25 11:42:58 2018 us=438876   ssl_flags = 0
Sun Mar 25 11:42:58 2018 us=438882   tls_timeout = 2
Sun Mar 25 11:42:58 2018 us=438888   renegotiate_bytes = -1
Sun Mar 25 11:42:58 2018 us=438894   renegotiate_packets = 0
Sun Mar 25 11:42:58 2018 us=438900   renegotiate_seconds = 0
Sun Mar 25 11:42:58 2018 us=438906   handshake_window = 60
Sun Mar 25 11:42:58 2018 us=438911   transition_window = 3600
Sun Mar 25 11:42:58 2018 us=438917   single_session = DISABLED
Sun Mar 25 11:42:58 2018 us=438923   push_peer_info = DISABLED
Sun Mar 25 11:42:58 2018 us=438929   tls_exit = DISABLED
Sun Mar 25 11:42:58 2018 us=438935   tls_auth_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438941   tls_crypt_file = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=438950   server_network = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=438957   server_netmask = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=438968   server_network_ipv6 = ::
Sun Mar 25 11:42:58 2018 us=438975   server_netbits_ipv6 = 0
Sun Mar 25 11:42:58 2018 us=438995   server_bridge_ip = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439008   server_bridge_netmask = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439016   server_bridge_pool_start = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439022   server_bridge_pool_end = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439028   ifconfig_pool_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=439037   ifconfig_pool_start = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439045   ifconfig_pool_end = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439051   ifconfig_pool_netmask = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439057   ifconfig_pool_persist_filename = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439063   ifconfig_pool_persist_refresh_freq = 600
Sun Mar 25 11:42:58 2018 us=439069   ifconfig_ipv6_pool_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=439075   ifconfig_ipv6_pool_base = ::
Sun Mar 25 11:42:58 2018 us=439082   ifconfig_ipv6_pool_netbits = 0
Sun Mar 25 11:42:58 2018 us=439088   n_bcast_buf = 256
Sun Mar 25 11:42:58 2018 us=439094   tcp_queue_limit = 64
Sun Mar 25 11:42:58 2018 us=439100   real_hash_size = 256
Sun Mar 25 11:42:58 2018 us=439106   virtual_hash_size = 256
Sun Mar 25 11:42:58 2018 us=439112   client_connect_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439121   learn_address_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439128   client_disconnect_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439134   client_config_dir = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439141   ccd_exclusive = DISABLED
Sun Mar 25 11:42:58 2018 us=439147   tmp_dir = '/tmp'
Sun Mar 25 11:42:58 2018 us=439152   push_ifconfig_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=439159   push_ifconfig_local = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439165   push_ifconfig_remote_netmask = 0.0.0.0
Sun Mar 25 11:42:58 2018 us=439171   push_ifconfig_ipv6_defined = DISABLED
Sun Mar 25 11:42:58 2018 us=439177   push_ifconfig_ipv6_local = ::/0
Sun Mar 25 11:42:58 2018 us=439184   push_ifconfig_ipv6_remote = ::
Sun Mar 25 11:42:58 2018 us=439190   enable_c2c = DISABLED
Sun Mar 25 11:42:58 2018 us=439196   duplicate_cn = DISABLED
Sun Mar 25 11:42:58 2018 us=439202   cf_max = 0
Sun Mar 25 11:42:58 2018 us=439208   cf_per = 0
Sun Mar 25 11:42:58 2018 us=439214   max_clients = 1024
Sun Mar 25 11:42:58 2018 us=439220   max_routes_per_client = 256
Sun Mar 25 11:42:58 2018 us=439225   auth_user_pass_verify_script = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439231   auth_user_pass_verify_script_via_file = DISABLED
Sun Mar 25 11:42:58 2018 us=439237   auth_token_generate = DISABLED
Sun Mar 25 11:42:58 2018 us=439243   auth_token_lifetime = 0
Sun Mar 25 11:42:58 2018 us=439249   port_share_host = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439255   port_share_port = '[UNDEF]'
Sun Mar 25 11:42:58 2018 us=439261   client = ENABLED
Sun Mar 25 11:42:58 2018 us=439267   pull = ENABLED
Sun Mar 25 11:42:58 2018 us=439273   auth_user_pass_file = 'login.conf'
Sun Mar 25 11:42:58 2018 us=439280 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (mbed TLS)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 25 2018
Sun Mar 25 11:42:58 2018 us=439293 library versions: mbed TLS 2.7.1, LZO 2.09
Sun Mar 25 11:42:58 2018 us=439725 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Sun Mar 25 11:42:58 2018 us=440103 Cipher algorithm 'aes-128-cbc' not found
Sun Mar 25 11:42:58 2018 us=440128 Cipher aes-128-cbc not supported
Sun Mar 25 11:42:58 2018 us=440143 Exiting due to fatal error


Hope someone pinpoint me the inssue. Thank you.
_________________
Musing with GNU/Linux :)

Lenovo Thinkpad x250
x86_64 Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz GenuineIntel GNU/Linux
RAM : 8 GB
Kernel :Latest customized kernel
OS: Gentoo/Arch/Slackware/Debian/openSUSE/Fedora
Intel 965GM Chipset
Back to top
View user's profile Send private message
bbgermany
Veteran
Veteran


Joined: 21 Feb 2005
Posts: 1844
Location: Oranienburg/Germany

PostPosted: Mon Mar 26, 2018 6:26 am    Post subject: Reply with quote

Hi,

1st: do you have sys-apps/usermode-utilities installed?
2nd: do you have a net.tun0 link in /etc/init.d which is installed in default runlevel?

greets, bb
_________________
Desktop: Ryzen 5 5600G, 32GB, 2TB, RX7600
Notebook: Dell XPS 13 9370, 16GB, 1TB
Server #1: Ryzen 5 Pro 4650G, 64GB, 16.5TB
Server #2: Ryzen 4800H, 32GB, 22TB
Back to top
View user's profile Send private message
unixbhaskar
Tux's lil' helper
Tux's lil' helper


Joined: 29 Nov 2007
Posts: 119
Location: India

PostPosted: Mon Mar 26, 2018 7:33 am    Post subject: Reply with quote

bbgermany wrote:
Hi,

1st: do you have sys-apps/usermode-utilities installed?
2nd: do you have a net.tun0 link in /etc/init.d which is installed in default runlevel?

greets, bb


Thanks man for the heads up...here are stuff I did

Code:

root@GentooLinux_12:57:59_Mon Mar 26:~ # genlop -t sys-apps/usermode-utilities
 * sys-apps/usermode-utilities
                                                                                                                                                     
     Tue Jul 18 15:36:14 2017 >>> sys-apps/usermode-utilities-20070815-r3
       merge time: 10 seconds.                                                                                                                       

     Fri Jan 12 21:52:23 2018 >>> sys-apps/usermode-utilities-20070815-r3                                                                           
       merge time: 14 seconds.



Next :

Well it was not there ..so I created it

Code:


root@GentooLinux_13:00:01_Mon Mar 26:/etc/init.d # ls -al net.tun0
lrwxrwxrwx 1 root root 6 Mar 26 13:00 net.tun0 -> net.lo

_________________
Musing with GNU/Linux :)

Lenovo Thinkpad x250
x86_64 Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz GenuineIntel GNU/Linux
RAM : 8 GB
Kernel :Latest customized kernel
OS: Gentoo/Arch/Slackware/Debian/openSUSE/Fedora
Intel 965GM Chipset
Back to top
View user's profile Send private message
guitou
Guru
Guru


Joined: 02 Oct 2003
Posts: 534
Location: France

PostPosted: Mon Mar 26, 2018 10:16 am    Post subject: Reply with quote

Hello.

Don't know anything about vpn setup, but looking at error message, I wonder if it could be as simple as a missing kernel option (CONFIG_CRYPTO_CBC).

++
Gi)
Back to top
View user's profile Send private message
bbgermany
Veteran
Veteran


Joined: 21 Feb 2005
Posts: 1844
Location: Oranienburg/Germany

PostPosted: Mon Mar 26, 2018 1:14 pm    Post subject: Reply with quote

unixbhaskar wrote:

Next :

Well it was not there ..so I created it

Code:


root@GentooLinux_13:00:01_Mon Mar 26:/etc/init.d # ls -al net.tun0
lrwxrwxrwx 1 root root 6 Mar 26 13:00 net.tun0 -> net.lo


Did you start the interface and restart the openvpn daemon and checked again?

greets, bb
_________________
Desktop: Ryzen 5 5600G, 32GB, 2TB, RX7600
Notebook: Dell XPS 13 9370, 16GB, 1TB
Server #1: Ryzen 5 Pro 4650G, 64GB, 16.5TB
Server #2: Ryzen 4800H, 32GB, 22TB
Back to top
View user's profile Send private message
unixbhaskar
Tux's lil' helper
Tux's lil' helper


Joined: 29 Nov 2007
Posts: 119
Location: India

PostPosted: Tue Mar 27, 2018 10:47 am    Post subject: Reply with quote

guitou wrote:
Hello.

Don't know anything about vpn setup, but looking at error message, I wonder if it could be as simple as a missing kernel option (CONFIG_CRYPTO_CBC).

++
Gi)


Spot on man! thanks a bunch...
_________________
Musing with GNU/Linux :)

Lenovo Thinkpad x250
x86_64 Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz GenuineIntel GNU/Linux
RAM : 8 GB
Kernel :Latest customized kernel
OS: Gentoo/Arch/Slackware/Debian/openSUSE/Fedora
Intel 965GM Chipset
Back to top
View user's profile Send private message
guitou
Guru
Guru


Joined: 02 Oct 2003
Posts: 534
Location: France

PostPosted: Tue Mar 27, 2018 11:57 am    Post subject: Reply with quote

Hey.
Glad to know I managed to be a little help for once at least :D

++
Gi)
Back to top
View user's profile Send private message
unixbhaskar
Tux's lil' helper
Tux's lil' helper


Joined: 29 Nov 2007
Posts: 119
Location: India

PostPosted: Tue Mar 27, 2018 12:04 pm    Post subject: Reply with quote

guitou wrote:
Hey.
Glad to know I managed to be a little help for once at least :D

++
Gi)


Look like , I celebrate too early...inspite of recompiling ker with options enable ...still getting this

Code:


root@GentooLinux_17:28:58_Tue Mar 27:/etc/openvpn # openvpn India.ovpn
Tue Mar 27 17:29:11 2018 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (mbed TLS)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 25 2018             
Tue Mar 27 17:29:11 2018 library versions: mbed TLS 2.7.1, LZO 2.09
Enter Auth Username:x83054                                                                                                                       
Enter Auth Password:
Tue Mar 27 17:30:08 2018 Cipher aes-256-cbc not supported                                                                                           
Tue Mar 27 17:30:08 2018 Exiting due to fatal error
root@GentooLinux_17:30:08_Tue Mar 27:/etc/openvpn # cd /usr/src
root@GentooLinux_17:31:39_Tue Mar 27:/usr/src # ls
.config  .keep  gentoo_custom_kernel.sh  linux  linux-4.15.13                                                                                       
root@GentooLinux_17:31:40_Tue Mar 27:/usr/src # grep CONFIG_CRYPTO_CBC linux-4.15.13/.config
CONFIG_CRYPTO_CBC=y                     


_________________
Musing with GNU/Linux :)

Lenovo Thinkpad x250
x86_64 Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz GenuineIntel GNU/Linux
RAM : 8 GB
Kernel :Latest customized kernel
OS: Gentoo/Arch/Slackware/Debian/openSUSE/Fedora
Intel 965GM Chipset
Back to top
View user's profile Send private message
guitou
Guru
Guru


Joined: 02 Oct 2003
Posts: 534
Location: France

PostPosted: Tue Mar 27, 2018 1:11 pm    Post subject: Reply with quote

Well, looks like I did as well, sorry.

After some reading around, I found posts on forums telling TLS not supporting aes-cbc... Have you compiled openvpn with TLS? If yes, then maybe try with openssl.

++
Gi)
Back to top
View user's profile Send private message
unixbhaskar
Tux's lil' helper
Tux's lil' helper


Joined: 29 Nov 2007
Posts: 119
Location: India

PostPosted: Tue Mar 27, 2018 1:41 pm    Post subject: Reply with quote

guitou wrote:
Well, looks like I did as well, sorry.

After some reading around, I found posts on forums telling TLS not supporting aes-cbc... Have you compiled openvpn with TLS? If yes, then maybe try with openssl.

++
Gi)


Yes you are spot on again...Yes I did ...with mbed TLS ,which basically bypass openssl ...heck...it seems I need to re-emerge openvpn with excluded tls stuff ...:(

Thanks for pointing that...let me give it a shot...come back to you .....
_________________
Musing with GNU/Linux :)

Lenovo Thinkpad x250
x86_64 Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz GenuineIntel GNU/Linux
RAM : 8 GB
Kernel :Latest customized kernel
OS: Gentoo/Arch/Slackware/Debian/openSUSE/Fedora
Intel 965GM Chipset
Back to top
View user's profile Send private message
unixbhaskar
Tux's lil' helper
Tux's lil' helper


Joined: 29 Nov 2007
Posts: 119
Location: India

PostPosted: Wed Mar 28, 2018 6:04 am    Post subject: Resolved..do not compile openvpn with mbedtls flag Reply with quote

Yay! working ....

Code:


root@GentooLinux_11:29:14_Wed Mar 28:/etc/openvpn # openvpn India.ovpn                                                                               
Wed Mar 28 11:29:58 2018 OpenVPN 2.4.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD] built on Mar 28 2018
Wed Mar 28 11:29:58 2018 library versions: OpenSSL 1.0.2n  7 Dec 2017, LZO 2.09                                                                     
Enter Auth Username:x8305462
Enter Auth Password:                                                                                                                                 
Wed Mar 28 11:30:16 2018 TCP/UDP: Preserving recently used remote address: [AF_INET]138.128.180.194:1197
Wed Mar 28 11:30:16 2018 UDP link local: (not bound)                                                                                                 
Wed Mar 28 11:30:16 2018 UDP link remote: [AF_INET]138.128.180.194:1197
Wed Mar 28 11:30:16 2018 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this                   
Wed Mar 28 11:30:17 2018 [8ba17a40d40a1cf8af7891dade844abe] Peer Connection Initiated with [AF_INET]138.128.180.194:1197
Wed Mar 28 11:30:23 2018 TUN/TAP device tun0 opened                                                                                                 
Wed Mar 28 11:30:23 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Wed Mar 28 11:30:23 2018 /bin/ip link set dev tun0 up mtu 1500                                                                                       
Wed Mar 28 11:30:23 2018 /bin/ip addr add dev tun0 local 10.45.10.6 peer 10.45.10.5
Wed Mar 28 11:30:23 2018 Initialization Sequence Completed   

_________________
Musing with GNU/Linux :)

Lenovo Thinkpad x250
x86_64 Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz GenuineIntel GNU/Linux
RAM : 8 GB
Kernel :Latest customized kernel
OS: Gentoo/Arch/Slackware/Debian/openSUSE/Fedora
Intel 965GM Chipset
Back to top
View user's profile Send private message
guitou
Guru
Guru


Joined: 02 Oct 2003
Posts: 534
Location: France

PostPosted: Wed Mar 28, 2018 2:18 pm    Post subject: Reply with quote

Great :)

++
Gi)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Gentoo on AMD64 All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum