Project

General

Profile

Actions

Bug #3596

closed

OpenVPN being passed bad arguments

Added by Anonymous over 10 years ago. Updated over 10 years ago.

Status:
Resolved
Priority:
High
Assignee:
-
Category:
VPN (Multiple Types)
Target version:
Start date:
04/10/2014
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.2
Affected Architecture:

Description

Basic OpenVPN configuration (Remote Access SSL/TLS) yields the following result in system log:

openvpn34830: Options error: the --tls-verify directive should have at most 1 parameter. To pass a list of arguments as one of the parameters, try enclosing them in double quotes ("").

Disabling TLS auth has no effect, changing to Remote Access User Auth causes it to become this:

openvpn53828: Options error: the --auth-user-pass-verify directive should have at most 2 parameters. To pass a list of arguments as one of the parameters, try enclosing them in double quotes ("").

Actions #1

Updated by Chris Buechler over 10 years ago

What arguments does it have after those parameters in the conf file?

Actions #2

Updated by Anonymous over 10 years ago

I pulled this from /var/etc/openvpn/server1.conf:

tls-verify /usr/local/sbin/ovpn_auth_verify tls 'gateway.domain.com' 1 via-env

If I place everything after 'tls-verify' in double quotes and try to start the service, I get as far as this:

Apr 11 05:04:39    openvpn[23401]: OpenVPN 2.3.2 amd64-portbld-freebsd10.0 [SSL (OpenSSL)] [LZO] [eurephia] [MH] [IPv6] built on Mar 19 2014
Apr 11 05:04:39    openvpn[23401]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Apr 11 05:04:40    openvpn[23401]: TUN/TAP device /dev/tun1 opened
Apr 11 05:04:40    openvpn[23401]: do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=0
Apr 11 05:04:40    openvpn[23401]: /sbin/ifconfig ovpns1 10.0.8.1 10.0.8.2 mtu 1500 netmask 255.255.255.255 up
Apr 11 05:04:40    openvpn[23401]: FreeBSD ifconfig failed: external program exited with error status: 1
Apr 11 05:04:40    openvpn[23401]: Exiting due to fatal error

ifconfig's issue is that the interface 'ovpns1' doesn't exist. Weird.

I guess this is an entirely different problem. Has there been a major change to OpenVPN with the migration to 10?

Actions #3

Updated by Jim Pingle over 10 years ago

  • Status changed from New to Resolved

Confirmed fixed on current code (snap+gitsync), no error and the process is running. Interface is there also.

Actions #4

Updated by Anonymous over 10 years ago

Confirmed working here also.

Actions

Also available in: Atom PDF