All of my linux servers are connected over OpenVPN and now came the turn for my new FreeBSD droplet to join them.
Ran into one small issue. Upon installing and configuring OpenVPN I was getting this error:
Sun Jul 12 17:59:49 2015 us=222242 Cannot allocate TUN/TAP dev dynamically
Sun Jul 12 17:59:49 2015 us=222330 Exiting due to fatal error
Since I am using tun and not tap, tried manually loading tun module:
[fx@badger ~]$ sudo kldload if_tun
kldload: can't load if_tun: module already loaded or in kernel
But that just showed that this is not the problem.
Tried creating tun interface manually and no probs:
[fx@badger ~]$ sudo ifconfig tun0 create
[fx@badger ~]$ sudo ifconfig tun0
tun0: flags=8010<POINTOPOINT,MULTICAST> metric 0 mtu 1500
options=80000<LINKSTATE>
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
That pointed me to my openvpn.conf config and sure enough I had specified my VPN device as “VPN”:
dev VPN
Ths works great in Linux but apparently not in FreeBSD. Changed that to tun0 and problem resolved. Yay.
So just for the record, working OpenVPN installation steps:
sudo pkg install openvpn
Enable OpenVPN starting at boot by adding this to /etc/rc.conf:
openvpn_enable="yes"
Configure it, the default config file is /usr/local/etc/openvpn/openvpn.conf and looks like you have to create /usr/local/etc/openvpn directory manually.
Working config:
client
dev-type tun
dev tun0
proto tcp
remote openvpn.server.somewhere.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
# certs that you got from vpn server
ca /usr/local/etc/openvpn/keys/ca.crt
cert /usr/local/etc/openvpn/keys/vpn-client.crt
key /usr/local/etc/openvpn/keys/vpn-client.key
# don't forget to make sure this is rotated
log-append /var/log/openpvn.log
ns-cert-type server
verb 4
mute 20