OpenVpn Client setup

Hi all,

I've been browsing through forums for several days now and I see quite a bit about setting up an openvpn server, however not much about using BSD as an openvpn client. I connect to a set of VPN servers that I rotate daily. I have about 50 of them. I have openvpn installed and openvpn-admin installed and working. I have client configs working and can call up openvpn-admin and connect to any one at will. There don't seem to be any good how-to's for client out there but I managed it.

That all said, here's my problem.
I can only successfully connect and run if I start openvpn-admin as root or if I start openvpn manually as root. There are a b-dozen permission's errors when I try to run openvpn as a client under a regular users. /var/run directory is not accessible to normal users log directories etc. I have not tried running it in a jail, but considering the nature of the networking etc I don't. I'm running a desktop on top of my FreeBSD with Xorg and KDE. I have all that working great.

Any help would be greatly appreciated.

Thom
 
Last edited:
Try this how to. It seems pretty promising.
Thanks for the reply but once again that is all server setup and I did look at it previously. It was one of the ones I found.
I know that most people use BSD for servers and the number of people using it as a desktop is limited.
But I use it as a desktop as well. And it appears to me that the port is setup to be a server and though you can configure it
to be a client the permissions are all borked up. If I were to start it as a daemon and use only 1 VPN and always connect
from root/wheel permissions all would be fine but to try and launch it from a user account to connect to one of many VPN's
like a road warrior setup is not well documented any help would be appreciated.
Thom
 
Last edited:
Thank you I didn't find that one. I've basically done all that the hard way... ha ha. but I'll re-do it and check again. It still runs as a service... changing vpn's back and forth still may not work.
As I said I have it working it's just that I must do it as root for it to work. I really would like to be able to run it as my current user.
This how-to still has it running as root under a service.
 
Last edited:
You can run openvpn with security/sudo or security/super as user.

For testing I set up openvpn (no server setup). I installed security/openvpn, set openvpn_enable”YES” and openvpn_if=“tun”, obtained an xxx.ovpn file, put user nobody and group nogroup in the xxx.ovpn file (client.conf) to drop the root privileges after initialization, configured super, executed openvpn as user with super, works fine.
 
You can't start the daemon on a regular user because it needs to modify the network interfaces and routing table and those tasks require superuser privileges. It can later drop the superuser privileges as noted above but only after the necessary system configuration has been finished.
 
interesting, I'll try that...
S.
You can run openvpn with security/sudo or security/super as user.

For testing I set up openvpn (no server setup). I installed security/openvpn, set openvpn_enable”YES” and openvpn_if=“tun”, obtained an xxx.ovpn file, put user nobody and group nogroup in the xxx.ovpn file (client.conf) to drop the root privileges after initialization, configured super, executed openvpn as user with super, works fine.
 
Back
Top