rmoff 15 Posted ... Hi, I'm using AirVPN successfully on my Mac (10.8.2) with Tunnelblick. However I want to get VPN over SSH working too.I have got the SSH key, openvpn binary, and .sh and .ovpn through the config generator, and the SSH tunnel successfully connects; $ ./AirVPN_United\ Kingdom_SSH-22.sh AirVPN SSH Tunnel OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: /etc/ssh_config line 53: Applying options for * debug1: Connecting to 31.193.12.98 [31.193.12.98] port 22. [...] debug1: Connection to port 1412 forwarding to 127.0.0.1 port 2018 requested. debug1: channel 2: new [direct-tcpip] debug1: channel 2: free: direct-tcpip: listening port 1412 for 127.0.0.1 port 2018, connect from 127.0.0.1 port 56739, nchannels 3 debug1: Connection to port 1412 forwarding to 127.0.0.1 port 2018 requested. debug1: channel 2: new [direct-tcpip] debug1: channel 2: free: direct-tcpip: listening port 1412 for 127.0.0.1 port 2018, connect from 127.0.0.1 port 56754, nchannels 3 When I launch the openvpn though, I get an error - "Cannot allocate TUN/TAP dev dynamically" $ sudo ./openvpn AirVPN_United\ Kingdom_SSH-22.ovpn Mon Jul 8 18:12:09 2013 OpenVPN 2.3.1 x86_64-apple-darwin11.1.0 [sSL (OpenSSL)] [LZO] [eurephia] [MH] [iPv6] built on Apr 26 2013 Mon Jul 8 18:12:09 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables Mon Jul 8 18:12:09 2013 Socket Buffers: R=[131072->65536] S=[131072->65536] Mon Jul 8 18:12:09 2013 Attempting to establish TCP connection with [AF_INET]127.0.0.1:1412 [nonblock] Mon Jul 8 18:12:10 2013 TCP connection established with [AF_INET]127.0.0.1:1412 Mon Jul 8 18:12:10 2013 TCPv4_CLIENT link local: [undef] Mon Jul 8 18:12:10 2013 TCPv4_CLIENT link remote: [AF_INET]127.0.0.1:1412 Mon Jul 8 18:12:11 2013 TLS: Initial packet from [AF_INET]127.0.0.1:1412, sid=22ba3002 6e01312b Mon Jul 8 18:12:21 2013 VERIFY OK: depth=1, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=airvpn.org CA, emailAddress=info@airvpn.org Mon Jul 8 18:12:21 2013 VERIFY OK: nsCertType=SERVER Mon Jul 8 18:12:21 2013 VERIFY OK: depth=0, C=IT, ST=IT, L=Perugia, O=airvpn.org, CN=server, emailAddress=info@airvpn.org Mon Jul 8 18:12:47 2013 Data Channel Encrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Mon Jul 8 18:12:47 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Jul 8 18:12:47 2013 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key Mon Jul 8 18:12:47 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication Mon Jul 8 18:12:47 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA Mon Jul 8 18:12:47 2013 [server] Peer Connection Initiated with [AF_INET]127.0.0.1:1412 Mon Jul 8 18:12:49 2013 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1) Mon Jul 8 18:12:51 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.50.0.1,comp-lzo no,route 10.50.0.1,topology net30,ping 10,ping-restart 60,ifconfig 10.50.0.58 10.50.0.57' Mon Jul 8 18:12:51 2013 OPTIONS IMPORT: timers and/or timeouts modified Mon Jul 8 18:12:51 2013 OPTIONS IMPORT: LZO parms modified Mon Jul 8 18:12:51 2013 OPTIONS IMPORT: --ifconfig/up options modified Mon Jul 8 18:12:51 2013 OPTIONS IMPORT: route options modified Mon Jul 8 18:12:51 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified Mon Jul 8 18:12:51 2013 ROUTE_GATEWAY 10.101.0.1/255.255.128.0 IFACE=en1 HWADDR=b8::12:3b:d1:36 Mon Jul 8 18:12:51 2013 Cannot allocate TUN/TAP dev dynamically Mon Jul 8 18:12:51 2013 Exiting due to fatal error The Google hits I've found have all been related to Tunnelblick on the Mac, but for me Tunnelblick is working absolutely fine. Any suggestions on resolving this please? Quote Share this post Link to post
Staff 10014 Posted ... Hello, please install tuntap.pkg from our OpenVPN package for OS X: https://airvpn.org/topic/9325-development-of-os-x-airvpn-client/ Kind regards Quote Share this post Link to post
rmoff 15 Posted ... Hi, I've just tried this, but on running the installer, after entering Admin credentials, got the error: The installation failedThe Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance. Is there going to be a log file somewhere I can provide? Quote Share this post Link to post
rmoff 15 Posted ... Sorry, found the install log now : installd[43575]: PackageKit: ----- Begin install ----- installd[43575]: PackageKit: Install Failed: Error Domain=PKInstallErrorDomain Code=112 "An error occurred while running scripts from the package “tun.pkg”." UserInfo=0x7fdae4e0f0c0 {NSFilePath=./postinstall, NSURL=file://localhost/Volumes/hdd/Downloads/build/tuntap.pkg/Contents/Packages/tun.pkg, PKInstallPackageIdentifier=tuntap.tun, NSLocalizedDescription=An error occurred while running scripts from the package “tun.pkg”.} { NSFilePath = "./postinstall"; NSLocalizedDescription = "An error occurred while running scripts from the package \U201ctun.pkg\U201d."; NSURL = "file://localhost/Volumes/hdd/Downloads/build/tuntap.pkg/Contents/Packages/tun.pkg"; PKInstallPackageIdentifier = "tuntap.tun"; } Installer[43569]: Install failed: The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance. Installer[43569]: Displaying 'Install Failed' UI. Installer[43569]: 'Install Failed' UI displayed message:'The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance.'. Quote Share this post Link to post
Staff 10014 Posted ... Hello, can you please make sure that Tunnelblick is not running during the installation (Tunnelblick uses the very same tun.kext and tap.kext)? Kind regards Quote Share this post Link to post
rmoff 15 Posted ... Aha - that was the problem. Installed the pkg now, and get past the original error from openvpn. It's still not working though (the SSH keeps dropping), I'll post back logs when I get chance. Quote Share this post Link to post
Staff 10014 Posted ... Hello! Ok, when you have the chance, try also a direct OpenVPN connection (i.e. connecting via OpenVPN, without SSH and without Tunnelblick). Kind regards Quote Share this post Link to post