[SunHELP] Using TUN driver on Soalris 9
David Stipp
dstipp at coolhack.net
Mon Jul 4 10:44:48 CDT 2005
On Mon, Jul 04, 2005 at 05:04:24PM +0200, Predrag Zecevic - Solaris System Administrator wrote:
> does anybody managed to setup OpenVPN using tun driver (from
> www<dot>blastwave<dot>org)? If answer is yes, can we get those peace of
> knowledge?
I haven't used blastwave, but I built my own tun package (Solaris
packages are... "fun"), and use openvpn out of pkgsrc.
> Background:
>
> We have set Linux OpenVPN server (and many Linux OpenVPN client use it).
> What has to be done on OpenVPN client on Solaris to access server?
You setup the Solaris client just like the other (tun) clients. It should just
work. (There's no tap driver for Solaris AFAIK.)
The catch: dropping privs to nobody doesn't seem to work on Solaris.
When you shutdown, you don't have permission to close down the tun
device, and it gets stuck open. (The only way I found around this was to
have it not drop privs. If a tun got stuck up, I could destroy the
routes manually, and then tell openvpn to use a new tun device in next
run).
The same behavior seems to exist on OpenBSD, but you can run `ifconfig
tun0 destroy` to clean things up on this platform.
David
--
David Stipp <dstipp at coolhack.net>
More information about the SunHELP
mailing list