Thread: VPN Setup on OpenBSD 7.2
View Single Post
  #18   (View Single Post)  
Old 2nd December 2022
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
  
Join Date: May 2008
Location: USA
Posts: 7,984
Default
Quote:
Originally Posted by Entropic View Post
Firstly, I'm still not 100% sure if I needed to be editing "hostname.tun0" specifically, or whether it should be the name of my root user before .tun0?
OpenBSD's uses hostname.if(5) files to provision Network Interface Connectors (NICs). These are files stored in the /etc directory, and named after the interfaces they provision. These files are read during network startup by the netstart(8) script that gets executed during boot. As an example, on my laptop, I have six NICs provisioned -- two physical NICs, an em(4) NIC for wired Ethernet, an iwm(4) NIC for WiFi, and four pseudo-NICs, including a wg(4) pseudo-NIC for use with a WireGuard VPN:
Code:
t450$ ls /etc/hostname.*
/etc/hostname.em0       /etc/hostname.lo1       /etc/hostname.vlan0
 /etc/hostname.iwm0      /etc/hostname.trunk0    /etc/hostname.wg0
Quote:
...so whats wrong? I suspect its to do with my editing of the hostname.tun0 file using vi. I'm not sure if "append" means I need to put it somewhere in particular, or whether its fine that I put it at the top of the page. I didn't see any existing text other than several lines of tilde (~) on each line on entering the hostname.tun0 file with vi, so there was nothing to "append" to... so I just stuck the command (up (top line) then !/usr/local/sbin/openvpn --daemon --config /etc/openvpn/openbsd.ovpn (second line) before writing with quit (:wq!)... I assume this is fine, but is it? What else could it be then if this isn't the issue thats preventing me from connecting to my ExpressVPN servers?
I'm not an OpenVPN user, so don't have any specific guidance. I'd first ensure that the hostname.tun0 file is correct, as noted above, and then I'd look to see if the OpenVPN daemon is running with something like $ pgreg -lf openvpn. As I don't have any direct knowledge of OpenVPN use the thing that concerns me from your problem report is the prompt for authentication (userid, pw) during startup of the daemon. I would look for ways to provide a certificate or other authentication methods that don't require prompts, because the netstart(8) script doesn't have a way to operate interactively.

You can either wait for an OpenVPN user to respond here, reach out to the author of the guide you are using for clarification, or obtain guidance on provisioning OpenVPN from your VPN service provider.
Reply With Quote