Here are some logs of a successful connection on another OS if it helps at all:
Before VPN:
Does not display tun0.
Code:
$ netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.1.1 UGSc 141 0 en0
127 127.0.0.1 UCS 0 0 lo0
127.0.0.1 127.0.0.1 UH 1 24 lo0
169.254 link#4 UCS 0 0 en0
192.168.1 link#4 UCS 3 0 en0
192.168.1.1 0:1f:90:f:88:8c UHLWI 144 74 en0 1116
192.168.1.3 0:24:2c:9c:d2:ed UHLWI 0 60 en0 1179
192.168.1.4 127.0.0.1 UHS 0 0 lo0
192.168.1.255 ff:ff:ff:ff:ff:ff UHLWbI 0 2 en0
Everything works fine.
Now after turning on OpenVPN:
Code:
$ ifconfig
tun0: flags=8851<UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.100.1.9 --> 10.100.1.9 netmask 0xffffff00
open (pid 375)
Code:
$ netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
0/1 10.100.1.1 UGSc 1 0 tun0
default 192.168.1.1 UGSc 2 0 en0
10.100.1/24 10.100.1.9 UGSc 1 0 tun0
10.100.1.9 10.100.1.9 UH 2 0 tun0
92.241.168.20/32 192.168.1.1 UGSc 1 0 en0
127 127.0.0.1 UCS 0 0 lo0
127.0.0.1 127.0.0.1 UH 2 64 lo0
128.0/1 10.100.1.1 UGSc 1 0 tun0
169.254 link#4 UCS 0 0 en0
192.168.1 link#4 UCS 2 0 en0
192.168.1.1 0:1f:90:f:88:8c UHLWI 2 74 en0 997
192.168.1.3 0:24:2c:9c:d2:ed UHLWI 0 90 en0 1172
192.168.1.4 127.0.0.1 UHS 0 0 lo0
Everything still works fine, and my public IP is displayed as the one my VPN is designed to show.
VPN log:
Code:
2011-02-02 16:26:46 OpenVPN 2.1.4 i386 [SSL] [LZO2] [PKCS11] built on Dec 9 2010
2011-02-02 16:26:46 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2011-02-02 16:26:46 WARNING: file 'cert.dat' is group or others accessible
2011-02-02 16:26:46 Control Channel MTU parms [ L:1543 D:140 EF:40 EB:0 ET:0 EL:0 ]
2011-02-02 16:26:46 Socket Buffers: R=[262140->65536] S=[131070->65536]
2011-02-02 16:26:46 Data Channel MTU parms [ L:1543 D:1450 EF:43 EB:4 ET:0 EL:0 ]
2011-02-02 16:26:46 Local Options hash (VER=V4): 'bf6006bf'
2011-02-02 16:26:46 Expected Remote Options hash (VER=V4): '3ce6ab7f'
2011-02-02 16:26:46 Attempting to establish TCP connection with [VPN IP]:3074 [nonblock]
2011-02-02 16:26:47 TCP connection established with [VPN IP]:3074
2011-02-02 16:26:47 TCPv4_CLIENT link local: [undef]
2011-02-02 16:26:47 TCPv4_CLIENT link remote: [VPN IP]:3074
2011-02-02 16:26:47 TLS: Initial packet from [VPN IP]:3074, sid=4998116d ab8591a8
2011-02-02 16:26:48 VERIFY OK: depth=1, /C=US/ST=NY/L=New_York/O=example.com/CN=example.com_CA/emailAddress=admin@example.com
2011-02-02 16:26:48 VERIFY OK: nsCertType=SERVER
2011-02-02 16:26:48 VERIFY OK: depth=0, /C=US/ST=NY/L=New_York/O=example.com/CN=server/emailAddress=admin@example.com
2011-02-02 16:26:52 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 256 bit key
2011-02-02 16:26:52 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-02-02 16:26:52 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 256 bit key
2011-02-02 16:26:52 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2011-02-02 16:26:52 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
2011-02-02 16:26:52 [server] Peer Connection Initiated with [VPN IP]:3074
2011-02-02 16:26:54 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2011-02-02 16:26:55 PUSH: Received control message: 'PUSH_REPLY,route 10.100.1.0 255.255.255.0,redirect-gateway,dhcp-option DNS 10.100.1.1,route-gateway 10.100.1.1,topology subnet,ping 120,ping-restart 360,socket-flags TCP_NODELAY,ifconfig 10.100.1.9 255.255.255.0'
2011-02-02 16:26:55 OPTIONS IMPORT: timers and/or timeouts modified
2011-02-02 16:26:55 OPTIONS IMPORT: --socket-flags option modified
2011-02-02 16:26:55 NOTE: setsockopt TCP_NODELAY=1 failed (No kernel support)
2011-02-02 16:26:55 OPTIONS IMPORT: --ifconfig/up options modified
2011-02-02 16:26:55 OPTIONS IMPORT: route options modified
2011-02-02 16:26:55 OPTIONS IMPORT: route-related options modified
2011-02-02 16:26:55 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2011-02-02 16:26:55 ROUTE default_gateway=192.168.1.1
2011-02-02 16:26:55 TUN/TAP device /dev/tun0 opened
2011-02-02 16:26:55 /sbin/ifconfig tun0 delete
ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2011-02-02 16:26:55 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2011-02-02 16:26:55 /sbin/ifconfig tun0 10.100.1.9 10.100.1.9 netmask 255.255.255.0 mtu 1500 up
2011-02-02 16:26:55 /sbin/route add -net 10.100.1.0 10.100.1.9 255.255.255.0
add net 10.100.1.0: gateway 10.100.1.9
2011-02-02 16:26:57 /sbin/route add -net [VPN IP] 192.168.1.1 255.255.255.255
add net [VPN IP]: gateway 192.168.1.1
2011-02-02 16:26:57 /sbin/route add -net 0.0.0.0 10.100.1.1 128.0.0.0
add net 0.0.0.0: gateway 10.100.1.1
2011-02-02 16:26:57 /sbin/route add -net 128.0.0.0 10.100.1.1 128.0.0.0
add net 128.0.0.0: gateway 10.100.1.1
2011-02-02 16:26:57 /sbin/route add -net 10.100.1.0 10.100.1.1 255.255.255.0
route: writing to routing socket: File exists
add net 10.100.1.0: gateway 10.100.1.1: File exists
2011-02-02 16:26:57 Initialization Sequence Completed