difficulty getting openvpn started on freebsd

[rielt12]

I am having some trouble getting open vpn to start on FreeBSD
I am doing this in a Freenas Jail and trying to follow the guide at
https://forums.freenas.org/index.php?th ... nat.22873/


my ip adress for my router is 192.168.1.1
my server has the adress 192.168.1.2

My server configuration file

port 10011
proto udp
dev tun
ca ca.crt
cert openvpn-server.crt #Server public key
key openvpn-server.key #Server private key
dh dh.pem #Diffie-Hellman parameters
server 172.16.8.0 255.255.255.0 #Purple network
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0" #Yellow network
tls-auth ta.key 0
#crl-verify crl.pem
keepalive 10 120
cipher AES-256-CBC
auth SHA256
group nobody
user nobody
comp-lzo
persist-key
persist-tun
verb 3



All the keys and certifications are in the right directory. I then start open vpn by doing `openvpn --config /mnt/keys/openvpn.conf

but I get `Tue Mar 20 21:57:22 2018 OpenVPN 2.4.0 i386-portbld-freebsd9.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] built on Dec 29 2016
Tue Mar 20 21:57:22 2018 library versions: OpenSSL 0.9.8y 5 Feb 2013, LZO 2.09
Tue Mar 20 21:57:22 2018 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Tue Mar 20 21:57:22 2018 Diffie-Hellman initialized with 2048 bit key
Segmentation fault: 11
`
and the message log shows

[root@OpenVPN /mnt/keys]# cat /var/log/messages
Mar 20 20:32:19 OpenVPN newsyslog[19742]: logfile first created
Mar 20 20:32:19 OpenVPN syslogd: kernel boot file is /boot/kernel/kernel
Mar 20 20:37:38 OpenVPN pkg: pkg-1.2.7_2 deinstalled
Mar 20 20:38:04 OpenVPN pkg-static: pkg-1.9.4_1 installed
Mar 20 20:39:41 OpenVPN pkg: indexinfo-0.2.6 installed
Mar 20 20:39:41 OpenVPN pkg: libiconv upgraded: 1.14_3 -> 1.14_10
Mar 20 20:39:43 OpenVPN pkg: gettext-0.18.3.1_1 deinstalled
Mar 20 20:39:43 OpenVPN pkg: gettext-runtime-0.19.8.1_1 installed
Mar 20 20:39:44 OpenVPN pkg: gettext-tools-0.19.8.1 installed
Mar 20 20:39:44 OpenVPN pkg: gettext-0.19.8.1 installed
Mar 20 20:39:44 OpenVPN pkg: gmp upgraded: 5.1.3_2 -> 5.1.3_3
Mar 20 20:39:44 OpenVPN pkg: expat upgraded: 2.1.0 -> 2.2.0_1
Mar 20 20:39:45 OpenVPN pkg: gdbm upgraded: 1.11 -> 1.12
Mar 20 20:39:45 OpenVPN pkg: db48 upgraded: 4.8.30.0_1 -> 4.8.30.0_2
Mar 20 20:39:52 OpenVPN pkg: db5-5.3.28_6 installed
Mar 20 20:39:53 OpenVPN pkg: mpfr upgraded: 3.1.2_2 -> 3.1.5
Mar 20 20:39:53 OpenVPN pkg: apr upgraded: 1.5.1.1.5.3 -> 1.5.2.1.5.4_2
Mar 20 20:40:03 OpenVPN pkg: binutils upgraded: 2.24 -> 2.27_5,1
Mar 20 20:40:03 OpenVPN pkg: neon29-0.29.6_6 deinstalled
Mar 20 20:40:04 OpenVPN pkg: libxml2 upgraded: 2.9.1_1 -> 2.9.4
Mar 20 20:40:04 OpenVPN pkg: sqlite3 upgraded: 3.8.4.3 -> 3.15.1_1
Mar 20 20:40:04 OpenVPN pkg: libffi-3.2.1 installed
Mar 20 20:40:04 OpenVPN pkg: serf upgraded: 1.3.6 -> 1.3.9_1
Mar 20 20:40:37 OpenVPN pkg: gcc upgraded: 4.7.3_1 -> 4.9.4
Mar 20 20:40:37 OpenVPN pkg: libidn upgraded: 1.28_1 -> 1.33_1
Mar 20 20:40:38 OpenVPN pkg: bash-4.4.5 installed
Mar 20 20:40:40 OpenVPN pkg: aria2 upgraded: 1.18.5_1 -> 1.29.0
Mar 20 20:40:42 OpenVPN pkg: subversion upgraded: 1.8.9 -> 1.9.5
Mar 20 20:40:53 OpenVPN pkg: python27 upgraded: 2.7.6_4 -> 2.7.13_1
Mar 20 20:40:53 OpenVPN pkg: wget upgraded: 1.15 -> 1.18_2
Mar 20 20:42:20 OpenVPN pkg: nano-2.7.3 installed
Mar 20 20:42:40 OpenVPN pkg: liblz4-131 installed
Mar 20 20:42:40 OpenVPN pkg: easy-rsa-3.0.1_1 installed
Mar 20 20:42:40 OpenVPN pkg: lzo2 upgraded: 2.06_3 -> 2.09
Mar 20 20:42:41 OpenVPN pkg: openvpn-2.4.0 installed
Mar 20 21:24:12 OpenVPN syslogd: exiting on signal 15
Mar 20 21:27:27 OpenVPN syslogd: kernel boot file is /boot/kernel/kernel
Mar 20 21:27:27 OpenVPN openvpn[4278]: OpenVPN 2.4.0 i386-portbld-freebsd9.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] built on Dec 29 2016
Mar 20 21:27:27 OpenVPN openvpn[4278]: library versions: OpenSSL 0.9.8y 5 Feb 2013, LZO 2.09
Mar 20 21:27:27 OpenVPN openvpn[4279]: NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Mar 20 21:27:27 OpenVPN openvpn[4279]: Diffie-Hellman initialized with 2048 bit key
Mar 20 21:53:48 OpenVPN openvpn[7124]: OpenVPN 2.4.0 i386-portbld-freebsd9.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] built on Dec 29 2016
Mar 20 21:53:48 OpenVPN openvpn[7124]: library versions: OpenSSL 0.9.8y 5 Feb 2013, LZO 2.09
Mar 20 21:53:48 OpenVPN openvpn[7125]: NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Mar 20 21:53:48 OpenVPN openvpn[7125]: Diffie-Hellman initialized with 2048 bit key



So openvpn is not starting and I can't figure out why. I think it has to do with segmentation fault 11.

[TiTex]

are you at least able to start the loopback test tunnel ?
see /usr/share/doc/openvpn/examples/loopback-{server,client} configs, it might be located somewhere else on *BSDs

[TinCanTech]

Tue Mar 20 21:57:22 2018 OpenVPN 2.4.0 i386-portbld-freebsd9.3 [SSL (OpenSSL)] [LZO] [LZ4] [MH/RECVDA] built on Dec 29 2016
Tue Mar 20 21:57:22 2018 library versions: OpenSSL 0.9.8y 5 Feb 2013, LZO 2.09

I would be more inclined to get the version updated.

Tue Mar 20 21:57:22 2018 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.

and fix that at some point.

[TiTex]

it seems that both the cipher and hmac in his config are supported by that openssl version

[TinCanTech]

FreeBSD 9.3-RELEASE will be supported until January 1, 2017. The End-of-Life dates can be found at: https://www.FreeBSD.org/security/

Source: https://www.freebsd.org/releases/9.3R/announce.html