Am 14.02.12 14:04, schrieb Jim Pingle: > There are a couple of bugs in the upgrade code from 1.2.3 to 2.0/2.0.1 > for OpenVPN. First, if you didn't have compression enabled, check to see > if it's on now. If the compression setting is mismatched between client > and server, it would connect but not pass traffic.
comp lzo was enabled before and after the upgrade. > Also tap doesn't work right on a stock 2.0/2.0.1, you can install the > tap fix package to help it a bit. tap works fine after adding "dev tap1" as configuration option. The openvpn server starts up fine: ############################################################### OpenVPN 2.2.0 i386-portbld-freebsd8.1 [SSL] [LZO2] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Aug 11 2011 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts TUN/TAP device /dev/tap1 opened do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 /sbin/ifconfig tap1 10.22.1.1 netmask 255.255.255.0 mtu 1500 up /usr/local/sbin/ovpn-linkup tap1 1500 1574 10.22.1.1 255.255.255.0 init UDPv4 link local (bound): [AF_INET]87.128.223.162:1194 UDPv4 link remote: [undef] Initialization Sequence Completed ############################################################### and the user can connect: ############################################################### openvpn[59171]: 91.97.38.89:33006 Re-using SSL/TLS context openvpn[59171]: 91.97.38.89:33006 LZO compression initialized openvpn: Found certificate /C=DE/ST=Niedersachsen/L=Oldenburg/O=Organisation/CN=Organisation_Root_CA/[email protected] with depth 1 openvpn: Found certificate /C=DE/ST=XXX/O=XXX/CN=udo.mueller/[email protected] with depth 0 openvpn: : Now Searching for udo.mueller in directory. openvpn: : Now Searching in server LDAP, container ou=okstaff,ou=Users,dc=openknowledge,dc=de with filter (uid=udo.mueller). openvpn: : Logged in successfully as udo.mueller via LDAP server LDAP with DN = uid=udo.mueller,ou=okstaff,ou=Users,dc=organisation,dc=de. openvpn: user udo.mueller authenticated openvpn[59171]: 91.97.38.89:33006 [udo.mueller] Peer Connection Initiated with [AF_INET]91.97.38.89:33006 openvpn[59171]: udo.mueller/91.97.38.89:33006 MULTI_sva: pool returned IPv4=10.22.1.2, IPv6=54da:bfbf:62:4528:d8d7:bfbf:391:608 openvpn[59171]: udo.mueller/91.97.38.89:33006 send_push_reply(): safe_cap=960 ############################################################### any other hints? _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
