Comments on: Fun with OpenSolaris and OpenVPN http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/ Why are you even reading this? Thu, 21 Jan 2010 08:38:54 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: msd http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/comment-page-1/#comment-2334 msd Thu, 21 May 2009 22:41:36 +0000 http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/#comment-2334 Ryan, Maybe you could answer a couple things for me? I'm using a very similar setup to yours. I have two actual interfaces. ce0 (public) and qfe0 (private). I have openvpn setup over the public interface. outside clients can connect, but thats about as far as it goes. i can ping my private ip from the remote vpn client, but none of the other servers on my private network, and i cannot seem to route though the server from the client. i have ipfil setup and ipnat like you have shown here. but my connection doesn't make it passed the server. any suggestions? Ryan, Maybe you could answer a couple things for me? I’m using a very similar setup to yours. I have two actual interfaces. ce0 (public) and qfe0 (private). I have openvpn setup over the public interface. outside clients can connect, but thats about as far as it goes. i can ping my private ip from the remote vpn client, but none of the other servers on my private network, and i cannot seem to route though the server from the client. i have ipfil setup and ipnat like you have shown here. but my connection doesn’t make it passed the server. any suggestions?

]]> By: Ryan http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/comment-page-1/#comment-2297 Ryan Fri, 27 Mar 2009 15:10:55 +0000 http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/#comment-2297 Ironically, those are the tun/tap modules I used. Maybe they've improved since then and actually compile. Ironically, those are the tun/tap modules I used. Maybe they’ve improved since then and actually compile.

]]> By: gsta http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/comment-page-1/#comment-2296 gsta Thu, 26 Mar 2009 14:57:29 +0000 http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/#comment-2296 garnser, Probably a bit late but for OpenVPN TAP support check out http://www.whiteboard.ne.jp/~admin2/tuntap/ This should compile both TUN and TAP support drivers for Solaris and has the utilities you mentioned you're missing. Also plenty of examples. Cheers. garnser,

Probably a bit late but for OpenVPN TAP support check out http://www.whiteboard.ne.jp/~admin2/tuntap/ This should compile both TUN and TAP support drivers for Solaris and has the utilities you mentioned you’re missing. Also plenty of examples. Cheers.

]]> By: garnser http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/comment-page-1/#comment-2271 garnser Wed, 21 Jan 2009 16:30:50 +0000 http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/#comment-2271 Hi again, This is on the client-side. I don't seam to have the tunctl binary, the tap interface is created though. If possible, can you email me on jpetersson [at] garnser [dot] se ? Thanks Hi again,

This is on the client-side. I don’t seam to have the tunctl binary, the tap interface is created though.

If possible, can you email me on jpetersson [at] garnser [dot] se ? Thanks

]]> By: Ryan http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/comment-page-1/#comment-2268 Ryan Tue, 20 Jan 2009 21:19:02 +0000 http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/#comment-2268 I assume you're at least a little familiar with Solaris. You didn't specify, whether this is on the server or the client, thouh. As a general rule, your steps will run something like: <pre>tunctl -t tapX ifconfig tapX plumb ifconfig tapX your.normal.ifconfig.stuff ifconfig tapX up</pre>With any brdgeadm stuff thrown in as necessary. If that doesn't work, see if you have /dev/tun. If not, try "devfsadm -a". What are you passing as arguments to "route"? I assume you’re at least a little familiar with Solaris. You didn’t specify, whether this is on the server or the client, thouh. As a general rule, your steps will run something like:

tunctl -t tapX
ifconfig tapX plumb
ifconfig tapX your.normal.ifconfig.stuff
ifconfig tapX up

With any brdgeadm stuff thrown in as necessary. If that doesn’t work, see if you have /dev/tun. If not, try “devfsadm -a”.

What are you passing as arguments to “route”?

]]> By: garnser http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/comment-page-1/#comment-2262 garnser Mon, 19 Jan 2009 21:56:54 +0000 http://blog.theprodigalboyfriend.com/2008/01/20/fun-with-opensolaris-and-openvpn/#comment-2262 Hi Ryan, I'm currently working on a deployment where support for OpenSolaris has been requested. We've decided to run with tap interfaces (long story), after doing a bunch of reading I figured that there seams to be some flaws, an example which I have is the push of IP's to the client, I've tried to remediate this using an up-script assigning the created tap interface an IP, however, when I run ifconfig tapX up it wont execute, I've similar issues if I try to add additional routes, what could the cause of this be? Hi Ryan,

I’m currently working on a deployment where support for OpenSolaris has been requested. We’ve decided to run with tap interfaces (long story), after doing a bunch of reading I figured that there seams to be some flaws, an example which I have is the push of IP’s to the client, I’ve tried to remediate this using an up-script assigning the created tap interface an IP, however, when I run ifconfig tapX up it wont execute, I’ve similar issues if I try to add additional routes, what could the cause of this be?

]]>