CLOSED: Trouble with Testing WinTUN

Weekly dev snapshots are available for testing.
We talk about them here. Testing features in the dev snapshot helps the features make it to stable.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please report your experience with testing branch. Include what you were using and how
If there is a problem, the more info the better!
Post Reply
volleynbike
OpenVpn Newbie
Posts: 13
Joined: Thu Jun 19, 2014 11:14 pm

CLOSED: Trouble with Testing WinTUN

Post by volleynbike » Tue Aug 04, 2020 8:26 pm

We have been running 2.3.18 in production for many years and are now looking to upgrade. I have been waiting for wintun to become available. So I tried installing the 2.5 wintun technology preview on a test Win10 VM. I have no trouble getting it to run with TAP, but if i try changing it to TUN it errors out with:

Code: Select all

020-08-04 13:07:04 us=384558 open_tun
2020-08-04 13:07:04 us=387556 MANAGEMENT: Client disconnected
2020-08-04 13:07:04 us=387556 ERROR:  Wintun requires SYSTEM privileges and therefore should be used with interactive service. If you want to use openvpn from command line, you need to do SYSTEM elevation yourself (for example with psexec).
2020-08-04 13:07:04 us=387556 Exiting due to fatal error
I am only trying to start it from opnvpn-gui, so i don't understand why the system privileges issue?

I've tried installing as user and as administrator -- no difference. I've tried letting openvpn-gui start with windows, and manually (both as user and administrator) -- no difference. A friend of mine, who has basically the same settings in his .ovpn as i do, CAN get it to work if he starts it via openvpn-gui. Here is the top of our .ovpn (cutting off the certs):
Client config

client
dev tun
#dev-node TAP_Win32
windows-driver wintun
route-method exe
route-delay 2
proto tcp-client
remote xx.xx.xx.xx 443
tls-version-min 1.2
persist-key
persist-tun
ca [inline]
cert [inline]
key [inline]
dh [inline]
tls-auth [inline]
key-direction 1
remote-cert-tls server
nobind
comp-lzo no
keepalive 30 120
remap-usr1 SIGTERM
status openvpn-status.log


Also, eventually i need to get OpenVPN (with wintun) working without a user logged in as our systems are used for M2M monitoring. I built some scripts to allow this on our older systems. But from reading the explanations about OpenVPN Interactive Service and OpenVPN-gui, i am wondering if it will allow this?

Any assistance with this Proof of Concept for v2.5 would be appreciated.
Last edited by volleynbike on Wed Aug 05, 2020 2:04 am, edited 2 times in total.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Trouble with Testing WinTUN

Post by TinCanTech » Tue Aug 04, 2020 9:51 pm

Make sure the "Openvpn-Interactive-Service" Is running.

volleynbike
OpenVpn Newbie
Posts: 13
Joined: Thu Jun 19, 2014 11:14 pm

Re: Trouble with Testing WinTUN

Post by volleynbike » Tue Aug 04, 2020 11:22 pm

I did. Tried every combination of services running or not.

Incidentally, the Openvpn-Interactive-Service is started after installation.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Trouble with Testing WinTUN

Post by TinCanTech » Wed Aug 05, 2020 12:58 am


volleynbike
OpenVpn Newbie
Posts: 13
Joined: Thu Jun 19, 2014 11:14 pm

CLOSED: Trouble with Testing WinTUN

Post by volleynbike » Wed Aug 05, 2020 2:04 am

Problem located. Stupid typo on my part. Please ignore this chain.

Admin, if you see this and can remove this topic, please do so with my permission.

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: CLOSED: Trouble with Testing WinTUN

Post by TinCanTech » Wed Aug 05, 2020 3:14 am

We all make mistakes .. what was yours ?

Post Reply