Input Output Error Code 5
Contents |
Broadcom SoC based Hardware Goto page 1, 2, 3Next View previous topic :: View next topic Author Message slothropDD-WRT NoviceJoined: 07 Aug tunnelblick ip doesn't change 2006Posts: 10 Posted: Thu Sep 28, 2006 3:51 Post subject: OpenVPN and tunnelblick could not find a 'tun' or 'tap' option in the openvpn configuration file Mac clients fix I just solved a problem I'd been having trying to get Mac clients to connect over tunnelblick configuration file location OpenVPN to a WRT54GL running v23 SP2 (9/15) vpn. I could get the initial connection to work, but no data would flow over it. Connection logs on the client said https://tunnelblick.net/cKnown.html "write to TUN/TAP : Input/output error (code=5)" and the tap0 interface never got an IP address. The solution is to tell tap0 to use DHCP explicitly after bringing it up. Add the following line to your client.conf (I put this after my ca/cert/key lines) to call a quick little script to do this: up "./vpn-up.sh" The vpn-up.sh script should be placed in http://www.dd-wrt.com/phpBB2/viewtopic.php?t=5058&highlight=openvpn+mac+clients the same directory with the client.conf file. Its contents: #!/bin/bash ipconfig set tap0 DHCP That's it. Just remember to make the vpn-up.sh script executable (chmod 755 vpn-up.sh). There might be a more elegant way to do all this, but it works for me as is. Hope that helps someone. I found this info in a forum somewhere else, so I can't take credit for it. Back to top Sponsor khkDD-WRT NoviceJoined: 09 Jul 2006Posts: 3 Posted: Sun Oct 22, 2006 20:30 Post subject: Slightly more elegant solution :) Thank you for this tip, it helped to get my setup working. I can however offer a small modification to your script: OpenVPN provides command line options to the up script. One of these parameters (the first one actually) is the device that is being processed. If you use the following, you don't have to hardcode the device in your script: #!/bin/bash ipconfig set $1 DHCP Back to top slothropDD-WRT NoviceJoined: 07 Aug 2006Posts: 10 Posted: Sun Oct 22, 2006 20:53 Post subject: Cool - thanks! Back to top placeboDD-WRT
från GoogleLogga inDolda fältSök efter grupper eller meddelanden
well as pushing down DNS server addresses. You've tried connecting, and it just doesn't seem to work. Perhaps you even see a large number of errors of the type: write to TUN/TAP : Input/output error (code=5) The Solution When you connect via OpenVPN, it is the responsibility of the client to process pushed dhcp-options (including the DNS server rules), and do something useful with them. On a linux system, you could, for example, incorporate these into /etc/resolv.conf. Consult your distro's openvpn documentation for more information. However, this does not work on a Mac, because Mac software (even down to ssh and ping) doesn't use /etc/resolv.conf under OS X 10.4… Oops. The solution? A combination of two tools: ipconfig and scutil. These together can manage 10.4's new DNS configuration system, and set the tap device to obtain an address via DHCP. The problem is discussed further on nicholas riley's blog, though his solution, a python script, a) is complicated to install, and b) did not actually work for me once installed, though I didn't dig deep enough to understand why. The best solution is to run an "up" script as part of the OpenVPN connection process, which will handle the necessary configuration for you. The script is provided on the Openvpn-users mailing list, by Ben Low. Here's how to use it with the excellent OpenVPN client Tunnelblick: Install Tunnelblick, and create your OpenVPN config. I'll assume that you know how to do this, or you wouldn't be here. If not, consult the documentation for OpenVPN. Download this script (copied from the openvpn-users mailing list). Save it to ~/Library/openvpn, the folder where your Tunnelblick OpenVPN configuration lives. OpenVPN TAP up-down Script: tap-up-down.sh Now, make the script executable, by running: chmod +x ~/Library/openvpn/tap-up-down.sh Edit your configuration file to include these lines: up ./tap-up-down.sh down ./tap-up-down.sh Changing your configuration file will have disconnected Tunnelblick if it was connected. Tunnelblick will also prompt you again for your administrator password, since security-sensitive files have been modified. Time to test! O