OpenVPN not working out of the box on 9068 with 2014.1

tduffy · ‎02-17-2015

Richard,

I ended up hacking something together (not happy about it really), but this is what I have done. I placed the following 3 files at the top of the vpnctl file:

CLI_OPENVPN="/usr/sbin/openvpn --cd /etc/openvpn/ --config client.conf --auth-nocache --daemon"

$CLI_OPENVPN

exit 0

It is, as I'm sure you are observing, not ideal, however it does appear to work as expected. I think, and if you could help confirm this for me, I really want to put this in the /etc/rcS.d/S42vpn file, right? Or even better, make my own?

We're seeing something that is not so great as well. It appears that the order in which the ifplug command is being executed isn't the same. That sometimes (1 out of 5 or so) the eth0 adapter isn't up when the openvpn command files. I can supply the /var/log/messages files if you would like to see.

Thanks,

-TD

rtollert · ‎03-09-2015

tduffy wrote:
Richard,
I ended up hacking something together (not happy about it really), but this is what I have done. I placed the following 3 files at the top of the vpnctl file:
CLI_OPENVPN="/usr/sbin/openvpn --cd /etc/openvpn/ --config client.conf --auth-nocache --daemon"
$CLI_OPENVPN
exit 0
It is, as I'm sure you are observing, not ideal, however it does appear to work as expected. I think, and if you could help confirm this for me, I really want to put this in the /etc/rcS.d/S42vpn file, right? Or even better, make my own?

I'd make my own:

Set VPN_DISABLED=yes in /etc/default/vpn to disable vpnctl
Leave vpnctl, /etc/init.d/vpn, /etc/rcS.d/S42vpn, etc. unmodified
Create your own initscript under /etc/init.d that does precisely what you want
Symlink to it under /etc/rcS.d

We're seeing something that is not so great as well. It appears that the order in which the ifplug command is being executed isn't the same. That sometimes (1 out of 5 or so) the eth0 adapter isn't up when the openvpn command files. I can supply the /var/log/messages files if you would like to see.

My recollection is that openvpn ought to recover from this automatically by retrying the connection after a few seconds. I'd double-check your config to see if that facility got defeated. Otherwise, sure, post the logs.

kalyanramuv · ‎06-30-2015

Hi all,

I am investigating something similar (openVPN) currently for an application. I am getting the same error

Linux ip link set failed: could not execute external program

It is not clear to me as what was the final solution sought out. Can some one please post the recommended steps to approach this problem?

Kalyanramu Vemishetty
Automated Test Systems Engineer
National Instruments

rtollert · ‎06-30-2015

kalyanramuv wrote:
Hi all,
I am investigating something similar (openVPN) currently for an application. I am getting the same error
Linux ip link set failed: could not execute external program
It is not clear to me as what was the final solution sought out. Can some one please post the recommended steps to approach this problem?

The first (and possibly only) step is to make sure you're not trying to run openvpn yourself, and let /etc/init.d/vpn start it for you, or use the /usr/sbin/vpnctl control script.

vpnctl hardcodes several assumptions about the VPN configuration, the most important one being that it must be TAP. Changing this in runmode is quite possible, but not recommended, because this is also hardcoded in safemode, and that can't be changed. But if you don't care about safemode then by all means go for it.

NI Linux Real-Time Discussions

OpenVPN not working out of the box on 9068 with 2014.1

Re: OpenVPN not working out of the box on 9068 with 2014.1

Re: OpenVPN not working out of the box on 9068 with 2014.1

Re: OpenVPN not working out of the box on 9068 with 2014.1

Re: OpenVPN not working out of the box on 9068 with 2014.1