Right now I'm only interested in setting up a VPN client. I've done that using openVPN and I'm connecting to the swissvpn.com site. My local LAN is 192.168.0.x
Here is the complete sequence shown /var/log/messages log:
note the error "ERROR: FreeBSD route add command failed: external program exited with error status: 1"
Is this line "ROUTE default_gateway=192.168.0.1" coming from the swissVPN openVPN server? So there's a conflict between it and my local LAN?
I really don't have a good grasp on the concept of routing, so be gentle here. Knowing that I have no control over the openVPN server, and that I'd prefer to keep using the TUN interface rather than a bridge, is there something that I can add to the client.conf file to make this conflict go away?
Is this error even hurting anything? the VPN seems to work.
Here is the complete sequence shown /var/log/messages log:
Code:
Nov 11 14:27:50 draco openvpn[1786]: OpenVPN 2.1_rc20 amd64-portbld-freebsd7.2 [SSL] [LZO2] built on Nov 11 2009
Nov 11 14:27:50 draco openvpn[1786]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Nov 11 14:27:50 draco openvpn[1786]: Control Channel MTU parms [ L:1543 D:140 EF:40 EB:0 ET:0 EL:0 ]
Nov 11 14:27:50 draco openvpn[1786]: Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ]
Nov 11 14:27:50 draco openvpn[1786]: Local Options String: 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_CLIENT,cipher BF-CBC,auth
SHA1,keysize 128,key-method 2,tls-client'
Nov 11 14:27:50 draco openvpn[1786]: Expected Remote Options String: 'V4,dev-type tun,link-mtu 1543,tun-mtu 1500,proto TCPv4_SERVER,cipher
BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Nov 11 14:27:50 draco openvpn[1786]: Local Options hash (VER=V4): 'db02a8f8'
Nov 11 14:27:50 draco openvpn[1786]: Expected Remote Options hash (VER=V4): '7e068940'
Nov 11 14:27:50 draco openvpn[1787]: Attempting to establish TCP connection with 80.254.79.87:443 [nonblock]
Nov 11 14:27:51 draco openvpn[1787]: TCP connection established with 80.254.79.87:443
Nov 11 14:27:51 draco openvpn[1787]: Socket Buffers: R=[65572->65536] S=[33124->65536]
Nov 11 14:27:51 draco openvpn[1787]: TCPv4_CLIENT link local: [undef]
Nov 11 14:27:51 draco openvpn[1787]: TCPv4_CLIENT link remote: 80.254.79.87:443
Nov 11 14:27:51 draco openvpn[1787]: TLS: Initial packet from 80.254.79.87:443, sid=6403cc73 9e244097
Nov 11 14:27:51 draco openvpn[1787]: WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Nov 11 14:27:54 draco openvpn[1787]: VERIFY OK: depth=1, /C=CH/ST=ZH/L=Regensdorf/O=Monzoon_Networks_AG/OU=OpenVPN_CA/CN=OpenVPN-
CA/emailAddress=operations@monzoon.net
Nov 11 14:27:54 draco openvpn[1787]: VERIFY OK: nsCertType=SERVER
Nov 11 14:27:54 draco openvpn[1787]: VERIFY OK: depth=0, /C=CH/ST=ZH/O=Monzoon_Networks_AG/OU=OpenVPN_server/CN=server
/emailAddress=operations@monzoon.net
Nov 11 14:27:56 draco openvpn[1787]: Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Nov 11 14:27:56 draco openvpn[1787]: Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 11 14:27:56 draco openvpn[1787]: Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Nov 11 14:27:56 draco openvpn[1787]: Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Nov 11 14:27:56 draco openvpn[1787]: Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Nov 11 14:27:56 draco openvpn[1787]: [server] Peer Connection Initiated with 80.254.79.87:443
Nov 11 14:27:59 draco openvpn[1787]: SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Nov 11 14:27:59 draco openvpn[1787]: PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
80.254.79.157,dhcp-option DNS 80.254.77.39,route-gateway 80.254.76.129,topology subnet,ping 10,ping-restart 60,socket-flags
TCP_NODELAY,ifconfig 80.254.76.210 255.255.255.128'
Nov 11 14:27:59 draco openvpn[1787]: OPTIONS IMPORT: timers and/or timeouts modified
Nov 11 14:27:59 draco openvpn[1787]: OPTIONS IMPORT: --socket-flags option modified
Nov 11 14:27:59 draco openvpn[1787]: NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
Nov 11 14:27:59 draco openvpn[1787]: OPTIONS IMPORT: --ifconfig/up options modified
Nov 11 14:27:59 draco openvpn[1787]: OPTIONS IMPORT: route options modified
Nov 11 14:27:59 draco openvpn[1787]: OPTIONS IMPORT: route-related options modified
Nov 11 14:27:59 draco openvpn[1787]: OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Nov 11 14:27:59 draco openvpn[1787]: ROUTE default_gateway=192.168.0.1
Nov 11 14:27:59 draco openvpn[1787]: TUN/TAP device /dev/tun0 opened
Nov 11 14:27:59 draco openvpn[1787]: /sbin/ifconfig tun0 80.254.76.210 netmask 255.255.255.128 mtu 1500 up
Nov 11 14:27:59 draco openvpn[1787]: /sbin/route add -net 80.254.76.128 80.254.76.210 255.255.255.128
Nov 11 14:27:59 draco openvpn[1787]: ERROR: FreeBSD route add command failed: external program exited with error status: 1
Nov 11 14:27:59 draco openvpn[1787]: /sbin/route add -net 80.254.79.87 192.168.0.1 255.255.255.255
Nov 11 14:27:59 draco openvpn[1787]: /sbin/route add -net 0.0.0.0 80.254.76.129 128.0.0.0
Nov 11 14:27:59 draco openvpn[1787]: /sbin/route add -net 128.0.0.0 80.254.76.129 128.0.0.0
Nov 11 14:27:59 draco openvpn[1787]: Initialization Sequence Completed
note the error "ERROR: FreeBSD route add command failed: external program exited with error status: 1"
Is this line "ROUTE default_gateway=192.168.0.1" coming from the swissVPN openVPN server? So there's a conflict between it and my local LAN?
I really don't have a good grasp on the concept of routing, so be gentle here. Knowing that I have no control over the openVPN server, and that I'd prefer to keep using the TUN interface rather than a bridge, is there something that I can add to the client.conf file to make this conflict go away?
Is this error even hurting anything? the VPN seems to work.