You are not logged in.
- Topics: Active | Unanswered
#1 2012-04-07 17:27:23
- Throne777
- Member
- Registered: 2012-03-16
- Posts: 61
Can't Get BTGuard & OpenVPN to work [Solved]
BTGuard are kind enough not to offer any technical support if their out of the box instructions don't work. Le sigh.
For reference, here are their instructions:
1. Download openvpn-x.x.x.tar.gz from OpenVPN.net
2. tar xfz openvpn-x.x.x.tar.gz
3. cd openvpn-x.x.x
4. ./configure
5. make
6. make install
7. Download BTGuard certificate (CA) by typing: wget -O /etc/openvpn/btguard.ca.crt http://btguard.com/btguard.ca.crt
8. Download BTGuard OpenVPN configuration by typing: wget -O /etc/openvpn/btguard.conf http://btguard.com/btguard.confSetup complete!
How To Connect
1. openvpn /etc/openvpn/btguard.conf
3. Enter your BTGuard username & password.You are now connected!
When I try and connect, here's the (what I think is the relevent part of the) output:
Sat Apr 7 18:16:26 2012 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Sat Apr 7 18:16:26 2012 OpenVPN ROUTE: failed to parse/resolve route for host/network: 10.10.0.1
Sat Apr 7 18:16:26 2012 Note: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)
Sat Apr 7 18:16:26 2012 NOTE: unable to redirect default gateway -- VPN gateway parameter (--route-gateway or --ifconfig) is missing
Sat Apr 7 18:16:26 2012 Initialization Sequence Completed
Sat Apr 7 18:16:26 2012 read from TUN/TAP : File descriptor in bad state (code=77)
Sat Apr 7 18:16:26 2012 read from TUN/TAP : File descriptor in bad state (code=77)
Sat Apr 7 18:16:26 2012 read from TUN/TAP : File descriptor in bad state (code=77)
Sat Apr 7 18:16:26 2012 NOTE: --mute triggered...I know it isn't working because my IP doesn't change when I check :-(
Last edited by Throne777 (2012-04-08 12:37:29)
'All we ever were, just zeroes and ones'
Offline
#2 2012-04-07 18:31:22
- Gcool
- Member
- Registered: 2011-08-16
- Posts: 1,456
Re: Can't Get BTGuard & OpenVPN to work [Solved]
Sat Apr 7 18:16:26 2012 Note: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)That's simply a permissions issue. Are you running openvpn with the necessary rights (running with either sudo or as root)?
PS: for a bit of additional security, add the following 2 lines to your client config.
user nobody
group nobodyLast edited by Gcool (2012-04-07 18:46:21)
Burninate!
Offline
#3 2012-04-08 12:01:03
- Throne777
- Member
- Registered: 2012-03-16
- Posts: 61
Re: Can't Get BTGuard & OpenVPN to work [Solved]
Sat Apr 7 18:16:26 2012 Note: Cannot ioctl TUNSETIFF tun: Operation not permitted (errno=1)That's simply a permissions issue. Are you running openvpn with the necessary rights (running with either sudo or as root)?
PS: for a bit of additional security, add the following 2 lines to your client config.
user nobody group nobody
Ah, sudo worked (I tried doing it before but it still didn't work; though that might have been an issue on their side?).
Which file is the client config?
Oh, and what's the command to stop openvpn? (Some sites don't work properly on a VPN -always seem to get issues with gmail, for instance)
Last edited by Throne777 (2012-04-08 12:03:54)
'All we ever were, just zeroes and ones'
Offline
#4 2012-04-08 12:20:27
- Gcool
- Member
- Registered: 2011-08-16
- Posts: 1,456
Re: Can't Get BTGuard & OpenVPN to work [Solved]
Which file is the client config?
The openvpn config file on your local machine (/etc/openvpn/btguard.conf in your case).
Oh, and what's the command to stop openvpn?
There's several ways of handling this:
- You can background the process by starting it via "openvpn /etc/openvpn/btguard.conf &" and then kill the process when you're done.
- Launch it in a screen.
- Simply launch it in a terminal and leave the terminal open.
Whatever you prefer 
Burninate!
Offline
#5 2012-04-08 12:37:17
- Throne777
- Member
- Registered: 2012-03-16
- Posts: 61
Re: Can't Get BTGuard & OpenVPN to work [Solved]
Throne777 wrote:Which file is the client config?
The openvpn config file on your local machine (/etc/openvpn/btguard.conf in your case).
Many thanks. What's the implications of adding those two lines then?
'All we ever were, just zeroes and ones'
Offline
#6 2012-04-08 12:48:37
- Gcool
- Member
- Registered: 2011-08-16
- Posts: 1,456
Re: Can't Get BTGuard & OpenVPN to work [Solved]
It'll make the openvpn client run as user "nobody" instead of as root. Should the openvpn instance for some reason or the other ever be compromised, it'll have no further rights to do any damage on your system.
PS: with those options in the config file, you might see a few permission warnings/errors when shutting down openvpn (not having rights to delete routes etc, but those will vanish anyways because your tunnel interface will be gone). But you can safely ignore those and it'll have no further impact on openvpn functioning correctly.
Burninate!
Offline