[OpenBSD] Connection Guide.

Guides, HOWTOs etc on how to setup Cryptostorm on PCs, smartphones, tablets and routers.
User avatar
sysfu
Posts: 54
Joined: Mon Nov 24, 2014 10:22 am

Re: [OpenBSD] Connection Guide.

Post by sysfu » Wed Jun 10, 2015 1:54 am

you might also need to do the following:
  • Create the interface file:
    touch /etc/hostname.tun0
  • If you're configuring the OpenBSD device as a gateway/router for a LAN using a private IP address range, add a NAT translation rule to /etc/pf.conf
    match out on tun inet from !(tun:network) to any nat-to (tun:0)

User avatar
sysfu
Posts: 54
Joined: Mon Nov 24, 2014 10:22 am

Re: [OpenBSD] Connection Guide.

Post by sysfu » Wed Jun 10, 2015 10:13 pm

Forgot to add that the 'txqueuelen 686' line in the OpenVPN configuration file should be commented out as it's apparently not supported on the BSD platform.

butahizou
Posts: 1
Joined: Sun Sep 04, 2016 3:56 am

Re: [OpenBSD] Connection Guide.

Post by butahizou » Sun Sep 04, 2016 4:01 am

@OpenBSD users,
This thread has been quiet for a while.. no surprise as everything was working just fine.
But current users should have noticed some issues with the default routes:
add net 0.0.0.0: gateway 10.34.0.1: Too many levels of symbolic links
...

(See: https://marc.info/?l=openbsd-bugs&m=147267568617034&w=2)

Quick workaround:
start 'openvpn your_configfile' as usual
then:

Code: Select all

/sbin/route add 10.34.0.1 -iface `ifconfig tun0 | grep inet | awk {'print $4'}`
/sbin/route add -net 0.0.0.0 10.34.0.1 -netmask 128.0.0.0
/sbin/route add -net 128.0.0.0 10.34.0.1 -netmask 128.0.0.0
This first line make this 10.34.0.1 reachable as a local next-hop.
It's very likely that a better way exists to achieve the same result...but this works...
Have fun.

Locked