Quick 'n' dirty guide to getting connected to Cryptostorm via OpenBSD.
1. Grab the ports.tar.gz
2. Extract to /usr if not done already
3. Change dir into /usr/ports/net/openvpn
4. as root run "make;make install"
5. that's it, you now have a working command line way to connect to CS.
note: I first tried using the package "openvpn" (via pkg_add openvpn) this did not work for some reason but compiling my own did the trick. please also note this guide above assumes you have set PKG_PATH (read the OpenBSD faq for more if you don't know what this or haven't done so).
I kind of assumed you have a fairly solid working knowledge of Linux and how to connect already.
--Privat
Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit here or GitHub Ξ
Ξ If you're looking for tutorials/guides, check out the new https://cryptostorm.is/#section6 Ξ
[OpenBSD] Connection Guide.
Re: [OpenBSD] Connection Guide.
you might also need to do the following:
- Create the interface file:
touch /etc/hostname.tun0 - If you're configuring the OpenBSD device as a gateway/router for a LAN using a private IP address range, add a NAT translation rule to /etc/pf.conf
match out on tun inet from !(tun:network) to any nat-to (tun:0)
Re: [OpenBSD] Connection Guide.
Forgot to add that the 'txqueuelen 686' line in the OpenVPN configuration file should be commented out as it's apparently not supported on the BSD platform.
Re: [OpenBSD] Connection Guide.
Thanks for picking this up! Much appreciatedsysfu wrote:you might also need to do the following:
- Create the interface file:
touch /etc/hostname.tun0- If you're configuring the OpenBSD device as a gateway/router for a LAN using a private IP address range, add a NAT translation rule to /etc/pf.conf
match out on tun inet from !(tun:network) to any nat-to (tun:0)
--jlg
Re: [OpenBSD] Connection Guide.
@OpenBSD users,
This thread has been quiet for a while.. no surprise as everything was working just fine.
But current users should have noticed some issues with the default routes:
(See: https://marc.info/?l=openbsd-bugs&m=147267568617034&w=2)
Quick workaround:
start 'openvpn your_configfile' as usual
then:
This first line make this 10.34.0.1 reachable as a local next-hop.
It's very likely that a better way exists to achieve the same result...but this works...
Have fun.
This thread has been quiet for a while.. no surprise as everything was working just fine.
But current users should have noticed some issues with the default routes:
...add net 0.0.0.0: gateway 10.34.0.1: Too many levels of symbolic links
(See: https://marc.info/?l=openbsd-bugs&m=147267568617034&w=2)
Quick workaround:
start 'openvpn your_configfile' as usual
then:
Code: Select all
/sbin/route add 10.34.0.1 -iface `ifconfig tun0 | grep inet | awk {'print $4'}`
/sbin/route add -net 0.0.0.0 10.34.0.1 -netmask 128.0.0.0
/sbin/route add -net 128.0.0.0 10.34.0.1 -netmask 128.0.0.0
It's very likely that a better way exists to achieve the same result...but this works...
Have fun.