interface error, local='dev-type [unknown-dev-type]'

centrsvyaz · Post by **centrsvyaz** » Sat Apr 15, 2023 7:39 am

Has anyone seen this and can suggest a solution. the server has been running for many years, clients from different wasps connect normally. I recently took a router, there is a problem with it. tell me is it solved?

Code: Select all

2023-04-13 07:17:14 OpenVPN 2.5.6 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-04-13 07:17:14 library versions: wolfSSL 5.5.4, LZO 2.10
2023-04-13 07:17:14 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-04-13 07:17:14 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-04-13 07:17:14 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-04-13 07:17:14 TCP/UDP: Preserving recently used remote address: [AF_INET]177.35.32.55:443
2023-04-13 07:17:14 Socket Buffers: R=[163840->327680] S=[163840->327680]
2023-04-13 07:17:14 UDP link local: (not bound)
2023-04-13 07:17:14 UDP link remote: [AF_INET]177.35.32.55:443
2023-04-13 07:17:14 TLS: Initial packet from [AF_INET]177.35.32.55:443, sid=67ab5906 a3fbd344
2023-04-13 07:17:14 VERIFY OK: depth=1, C=RU, ST=CA, L=Rzhev, O=CentrSvyaz, OU=CentrSvyaz-Rzhev, CN=CentrSvyaz CA, GN=roman, emailAddress=CentrSvyaz@yandex.ru
2023-04-13 07:17:14 VERIFY KU OK
2023-04-13 07:17:14 Validating certificate extended key usage
2023-04-13 07:17:14 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-04-13 07:17:14 VERIFY EKU OK
2023-04-13 07:17:14 VERIFY OK: depth=0, C=RU, ST=CA, L=Rzhev, O=CentrSvyaz, OU=CentrSvyaz-Rzhev, CN=serverU1, GN=EasyRSA, emailAddress=CentrSvyaz@yandex.ru
2023-04-13 07:17:14 WARNING: 'dev-type' is used inconsistently, local='dev-type [unknown-dev-type]', remote='dev-type tun'
2023-04-13 07:17:14 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1541'
2023-04-13 07:17:14 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
2023-04-13 07:17:14 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2023-04-13 07:17:14 [serverU1] Peer Connection Initiated with [AF_INET]177.35.32.55:443
2023-04-13 07:17:16 SENT CONTROL [serverU1]: 'PUSH_REQUEST' (status=1)
2023-04-13 07:17:16 PUSH: Received control message: 'PUSH_REPLY,sndbuf 327680,rcvbuf 327680,route 10.0.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.0.2.193 10.0.2.194,peer-id 3,cipher AES-128-GCM'
2023-04-13 07:17:16 OPTIONS IMPORT: timers and/or timeouts modified
2023-04-13 07:17:16 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2023-04-13 07:17:16 Socket Buffers: R=[327680->327680] S=[327680->327680]
2023-04-13 07:17:16 OPTIONS IMPORT: --ifconfig/up options modified
2023-04-13 07:17:16 OPTIONS IMPORT: route options modified
2023-04-13 07:17:16 OPTIONS IMPORT: peer-id set
2023-04-13 07:17:16 OPTIONS IMPORT: adjusting link_mtu to 1624
2023-04-13 07:17:16 OPTIONS IMPORT: data channel crypto options modified
2023-04-13 07:17:16 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
2023-04-13 07:17:16 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
2023-04-13 07:17:16 Error: problem with tun vs. tap setting
2023-04-13 07:17:16 Exiting due to fatal error

here is the normal work on a working router

Code: Select all

2023-04-13 08:16:28 OpenVPN 2.5.7 mipsel-openwrt-linux-gnu [SSL (OpenSSL)] [LZ4] [EPOLL] [MH/PKTINFO] [AEAD]
2023-04-13 08:16:28 library versions: wolfSSL 5.5.4
2023-04-13 08:16:28 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2023-04-13 08:16:28 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-04-13 08:16:28 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
2023-04-13 08:16:28 TCP/UDP: Preserving recently used remote address: [AF_INET]177.35.32.55:443
2023-04-13 08:16:28 Socket Buffers: R=[180224->360448] S=[180224->360448]
2023-04-13 08:16:28 UDP link local: (not bound)
2023-04-13 08:16:28 UDP link remote: [AF_INET]177.35.32.55:443
2023-04-13 08:16:29 TLS: Initial packet from [AF_INET]177.35.32.55:443, sid=cd06c93a 9dc880f8
2023-04-13 08:16:29 VERIFY OK: depth=1, C=RU, ST=CA, L=Rzhev, O=CentrSvyaz, OU=CentrSvyaz-Rzhev, CN=CentrSvyaz CA, GN=roman, emailAddress=CentrSvyaz@yandex.ru
2023-04-13 08:16:29 VERIFY KU OK
2023-04-13 08:16:29 Validating certificate extended key usage
2023-04-13 08:16:29 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2023-04-13 08:16:29 VERIFY EKU OK
2023-04-13 08:16:29 VERIFY OK: depth=0, C=RU, ST=CA, L=Rzhev, O=CentrSvyaz, OU=CentrSvyaz-Rzhev, CN=serverU1, GN=EasyRSA, emailAddress=CentrSvyaz@yandex.ru
2023-04-13 08:16:29 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1549', remote='link-mtu 1541'
2023-04-13 08:16:29 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA1'
2023-04-13 08:16:29 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bit RSA, signature: RSA-SHA256
2023-04-13 08:16:29 [serverU1] Peer Connection Initiated with [AF_INET]177.35.32.55:443
2023-04-13 08:16:30 SENT CONTROL [serverU1]: 'PUSH_REQUEST' (status=1)
2023-04-13 08:16:30 PUSH: Received control message: 'PUSH_REPLY,sndbuf 327680,rcvbuf 327680,route 10.0.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.0.2.193 10.0.2.194,peer-id 44,cipher AES-128-GCM'
2023-04-13 08:16:30 OPTIONS IMPORT: timers and/or timeouts modified
2023-04-13 08:16:30 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
2023-04-13 08:16:30 Socket Buffers: R=[360448->360448] S=[360448->360448]
2023-04-13 08:16:30 OPTIONS IMPORT: --ifconfig/up options modified
2023-04-13 08:16:30 OPTIONS IMPORT: route options modified
2023-04-13 08:16:30 OPTIONS IMPORT: peer-id set
2023-04-13 08:16:30 OPTIONS IMPORT: adjusting link_mtu to 1624
2023-04-13 08:16:30 OPTIONS IMPORT: data channel crypto options modified
2023-04-13 08:16:30 Outgoing Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
2023-04-13 08:16:30 Incoming Data Channel: Cipher 'AES-128-GCM' initialized with 128 bit key
2023-04-13 08:16:30 net_route_v4_best_gw query: dst 0.0.0.0
2023-04-13 08:16:30 net_route_v4_best_gw result: via 10.118.219.141 dev wwan0
2023-04-13 08:16:30 TUN/TAP device tun0 opened
2023-04-13 08:16:30 net_iface_mtu_set: mtu 1500 for tun0
2023-04-13 08:16:30 net_iface_up: set tun0 up
2023-04-13 08:16:30 net_addr_ptp_v4_add: 10.0.2.193 peer 10.0.2.194 dev tun0
2023-04-13 08:16:30 /usr/libexec/openvpn-hotplug up 130-router tun0 1500 1624 10.0.2.193 10.0.2.194 init
2023-04-13 08:16:30 net_route_v4_add: 10.0.0.1/32 via 10.0.2.194 dev [NULL] table 0 metric -1
2023-04-13 08:16:30 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2023-04-13 08:16:30 Initialization Sequence Completed

client configuration

Code: Select all

client
dev tun
proto udp
remote 177.35.32.55 443
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert 130-router.crt
key 130-router.key
tls-auth ta.key 1
cipher AES-128-GCM
remote-cert-tls server
log 130.log
verb3
sndbuf 524288
rcvbuf 524288

server configuration. openvpn 2.4.4 (ubuntu 18.04)

Code: Select all

local 177.35.32.55
port 443
proto udp
dev tun
ca ca.crt
cert serverU1.crt
key serverU1.key
dh dh2048.pem
tls-auth ta.key 0
ncp-ciphers AES-128-GCM:AES-256-GCM:BF-CBC
server 10.0.0.0 255.255.0.0
route-gateway 10.0.0.1
route 10.0.0.0 255.255.0.0
route 192.168.0.0 255.255.0.0
keepalive 10 120
persist-key
persist-tun
client-config-dir ccd
status serverU1-status.log
log /var/log/serverU1.log
sndbuf 327680
rcvbuf 327680
push "sndbuf 327680"
push "rcvbuf 327680"