# Openvpn won't start



## danaeckel (Apr 18, 2013)

Ok, I followed the guide located at http://www.slideshare.net/Kami_/freebsd-ipfw-and-openvpn-21-server to the T, however open fails to run at boot. I have FreeBSD 9.1 with OpenVPN 2.2 port. I tried similar scripts that failed as well. Best I got was I eliminated the up.sh, then it didn't fail. Thoughts?

Here asre the log file results:


```
Wed Apr 17 20:38:21 2013 Socket Buffers: R=[41600->65536] S=[9216->65536]
Wed Apr 17 20:38:21 2013 TUN/TAP device /dev/tap0 opened
Wed Apr 17 20:38:21 2013 /usr/local/etc/openvpn/up.sh tap0 1500 1574   init
Wed Apr 17 20:38:21 2013 WARNING: Failed running command (--up/--down): could not execute external program
Wed Apr 17 20:38:21 2013 Exiting
```

Here is the up.sh script:


```
#!/bin/sh
/sbin/ifconfig bridge0 create
/sbin/ifconfig bridge0 addm re0 addm tap0 up
/sbin/ifconfig tap0 up
```

Here is down.sh:


```
#!/bin/sh
/sbin/ifconfig bridge0 deletem tap0
/sbin/ifconfig bridge0 destroy
/sbin/ifconfig tap0 destroy
```

Here is part of server.conf:


```
p /usr/local/etc/openvpn/up.sh
down /usr/local/etc/openvpn/down.sh

server-bridge 192.168.255.254 255.255.255.0 192.168.255.25 192.168.255.99
proto udp
port 22222
dev tap0
comp-lzo yes
keepalive 15 60
client-to-client
client-config-dir ccd

push "route 192.168.255.0 255.255.255.0"
push "dhcp-option DNS 192.168.255.254"
push "redirect-gateway re0"
```

re0 is the network card that faces the internet, and I have another network card that faces the internal network called re1.

Thank you for your time.

Dana


----------



## junovitch@ (Apr 20, 2013)

Are you using this line somewhere?


```
script-security 2
```

OpenVPN needs that to call external scripts and that could be the cause of your issues.


----------



## danaeckel (Apr 22, 2013)

Nope, I never knew that command even existed. I'll give it a go, and hope for the best. Thank you!

Dana


----------



## junovitch@ (Apr 23, 2013)

They make a mention of it toward the end.  On page 11 they show setting the flag in /etc/rc.conf by using:


```
openvpn_flags="--script-security 3"
```

I've only ever used it in the actual OpenVPN config file and only on Linux at that.  Let me know if you are able to figure it all out or need more help.


----------



## tx1131 (Apr 23, 2013)

I was also setting up OpenVPN recently and also went through some issues reading hundreds of manuals on the way. Eventually I found THIS most useful - go through it, perhaps it will give you some ideas. Obviously I had to make few minor adjustments on the way, but that's I guess always the case with those manuals.


----------

