OpenVPN TAP Interface Problem.

Home » CentOS » OpenVPN TAP Interface Problem.
CentOS 2 Comments

Hi all.

I have an OpenVPN server:
2.2.1-1 x86_64

Server config:
port 11223
dev tap proto udp tls-server ca keys/ca.crt cert keys/server.crt key keys/server.key dh keys/dh1024.pem server 1.2.3.3 255.255.255.0
push “route 192.168.0.0 255.255.255.0 1.2.3.4”
keepalive 10 60
client-to-client duplicate-cn inactive 600
log /var/log/openvpn.log syslog status /var/log/openvpn-status.log user openvpn group openvpn persist-tun persist-key verb 4
comp-lzo

Server interface:
11: tap0: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
link/ether 56:73:e7:c9:c8:e5 brd ff:ff:ff:ff:ff:ff
inet 1.2.3.4/24 brd 1.2.3.255 scope global tap0

Client:
2.2.1-8ubuntu1
x86_64

Client config:
remote 1.2.3.3 port 11223
dev tap proto udp resolv-retry infinite
#nobind persist-key persist-tun tls-client ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/client.crt key /etc/openvpn/keys/client.key ns-cert-type server comp-lzo verb 4
log /var/log/openvpn.log
#syslog status /var/log/openvpn-status.log

After successful start of openvpn service (Tue Aug 21 16:12:24 2012
usd4993 Initialization Sequence Completed in logfile) I have:
Client interface:
9: tap0: mtu 1500 qdisc noop state DOWN qlen 100 link/ether 4a:3d:52:dc:51:c3 brd ff:ff:ff:ff:ff:ff

When I start the tunnel I am not able to ping 1.2.3.4 IP on server, the TAP interface is also in DOWN state. I have no firewall configured. My client log file is attached. Should I have an IP addres on my TAP interface?

Thanks for the help ;)

Best regards, Rafal.

2 thoughts on - OpenVPN TAP Interface Problem.

  • Rafał Radecki wrote:

    client

    I know nothing at all about OpenVPN, but the first thing I’d look at is why it’s in a DOWN state.

    mark

  • Am 21.08.2012 um 16:27 schrieb Rafał Radecki:

    What are your goals?

    A bridged setup (dev tap) or a routed network (dev tun)?

    LF

LEAVE A COMMENT