[ previous ] [ next ] [ threads ]
 
 From:  "M. G. (Michael) de Bruin" <mg dot debruin at buum dot nl>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  OpenVPN server on TCP
 Date:  Fri, 18 Feb 2005 17:24:39 +0100 (CET)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

All,

I am either going nuts (hey, almost weekend) or there is a bug in the
OpenVPN configuration. What I am trying to do, is get OpenVPN to listen on
a tcp port, so I can connect  to it through any firewall. However, even
when I select TCP in the OpenVPN config, it still starts up as an UDP
service (long live syslog):

Feb 18 16:57:40 mercury openvpn[678]: OpenVPN 2.0_beta11
i386-unknown-freebsd4.10 [SSL] built on Oct 23 2004
Feb 18 16:57:40 mercury openvpn[678]: OpenVPN 2.0_beta11
i386-unknown-freebsd4.10 [SSL] built on Oct 23 2004
<snip uninteresting stuff>
Feb 18 16:57:40 mercury openvpn[683]: UDPv4 link local (bound): x.x.x.x:8000
Feb 18 16:57:40 mercury openvpn[683]: UDPv4 link local (bound): x.x.x.x:8000
Feb 18 16:57:40 mercury openvpn[683]: UDPv4 link remote: [undef]
Feb 18 16:57:40 mercury openvpn[683]: UDPv4 link remote: [undef]

If I check the process page, this seems logical, since the option '--proto
tcp-server' is missing.

Now, if I check /etc/inc/openvpn.inc (more specifically, the function
ovpn_config_server()), I can't find the option proto being set anywhere,
which would explain UDP (which is default) being used as a protocol.

If I am not mistaking, the following section should be added:

/* Set protocol being used (TCP or UDP)
  if ($server['proto'] == 'TCP') {
    $ovpn_config .= "--proto tcp-server";
    }


Cheers,

Michael de Bruin

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)

iD8DBQFCFhbHQ9cfgf1E1Y4RAs7AAKDTo0E25Qvs9Qy1vPMNaH2XU3aDTQCg/nzG
E7z5PyrpKORDMnfdc9e0CbE=
=oNnE
-----END PGP SIGNATURE-----