Cannot open TUN/TAP dev /dev/net/tun: Permission denied (err

xen
Posts: 6
Joined: Tue Dec 09, 2008 7:44 am

Cannot open TUN/TAP dev /dev/net/tun: Permission denied (err

Postby xen » Sat Dec 13, 2008 7:59 am

I'm having a problem when connecting via VPN to my home network. This is the output I get:
Sat Dec 13 15:53:24 2008 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Sat Dec 13 15:53:24 2008 /usr/bin/openssl-vulnkey -q -b 1024 -m <modulus omitted>
Sat Dec 13 15:53:24 2008 LZO compression initialized
Sat Dec 13 15:53:24 2008 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Dec 13 15:53:25 2008 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Sat Dec 13 15:53:25 2008 Local Options hash (VER=V4): '41690919'
Sat Dec 13 15:53:25 2008 Expected Remote Options hash (VER=V4): '530fdded'
Sat Dec 13 15:53:25 2008 Socket Buffers: R=[111616->131072] S=[111616->131072]
Sat Dec 13 15:53:25 2008 UDPv4 link local: [undef]
Sat Dec 13 15:53:25 2008 UDPv4 link remote: xxx.xxx.xxx.xx:1194
Sat Dec 13 15:53:25 2008 TLS: Initial packet from xxx.xxx.xxx.xx:1194, sid=045892f5 f7b8b4ba
Sat Dec 13 15:53:25 2008 VERIFY OK: depth=1, /C=US/ST=CA/L=SanJose/O=HomeHDA/OU=VPN/CN=yourhda.com/emailAddress=info@homehda.com
Sat Dec 13 15:53:25 2008 VERIFY OK: depth=0, /C=US/ST=CA/L=SanJose/O=HomeHDA/OU=VPN/CN=server/emailAddress=info@homehda.com
Sat Dec 13 15:53:26 2008 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Dec 13 15:53:26 2008 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Dec 13 15:53:26 2008 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Dec 13 15:53:26 2008 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Dec 13 15:53:26 2008 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Sat Dec 13 15:53:26 2008 [server] Peer Connection Initiated with xxx.xxx.xxx.xx:1194
Sat Dec 13 15:53:27 2008 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Sat Dec 13 15:53:27 2008 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,dhcp-option DNS 192.168.1.10,dhcp-option DOMAIN example.com,route 10.8.0.1,topology net30,ping 10,ping-restart 220,ifconfig 10.8.0.6 10.8.0.5'
Sat Dec 13 15:53:27 2008 OPTIONS IMPORT: timers and/or timeouts modified
Sat Dec 13 15:53:27 2008 OPTIONS IMPORT: --ifconfig/up options modified
Sat Dec 13 15:53:27 2008 OPTIONS IMPORT: route options modified
Sat Dec 13 15:53:27 2008 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Dec 13 15:53:27 2008 Note: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (errno=13)
Sat Dec 13 15:53:27 2008 Note: Attempting fallback to kernel 2.2 TUN/TAP interface
Sat Dec 13 15:53:27 2008 Cannot allocate TUN/TAP dev dynamically
Sat Dec 13 15:53:27 2008 Exiting
I was trying to log in with a normal user, the server is behind two routers (who were both configured to forward ports). The server is of course Fedora 9 with Amahi HDA, client is Ubuntu 8.04.1. Help?

User avatar
cpg
Administrator
Posts: 2618
Joined: Wed Dec 03, 2008 7:40 am
Contact:

Re: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (err

Postby cpg » Sat Dec 13, 2008 3:48 pm

hmm, in my hda, it's a writeable file:

Code: Select all

[14:45:41](1)hda:~$ ll /dev/net/tun crw-rw-rw- 1 root root 10, 200 2008-11-12 10:36 /dev/net/tun [14:45:44](1)hda:~$
so i have to assume the output you quote is from your client.

have you considered running the vpn client as root?
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 8GB RAM, 1TBx2+3TBx1

nmead
Posts: 11
Joined: Thu Dec 11, 2008 10:25 am

Re: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (err

Postby nmead » Mon Dec 15, 2008 4:16 pm

sudo openvpn --config myvpn.conf

xen
Posts: 6
Joined: Tue Dec 09, 2008 7:44 am

Re: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (err

Postby xen » Tue Dec 16, 2008 12:14 pm

It works (forgot to add sudo)! Thank you very much!

Is there any way to set up VPN connection through network manager?

User avatar
cpg
Administrator
Posts: 2618
Joined: Wed Dec 03, 2008 7:40 am
Contact:

Re: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (err

Postby cpg » Tue Dec 16, 2008 1:14 pm

i don't know ubuntu well. in my fedora 10 client, it gives me the option to configure the VPN connection, however ubuntu may be different.
My HDA: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz on MSI board, 8GB RAM, 1TBx2+3TBx1

nmead
Posts: 11
Joined: Thu Dec 11, 2008 10:25 am

Re: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (err

Postby nmead » Tue Dec 16, 2008 6:55 pm

It works (forgot to add sudo)! Thank you very much!

Is there any way to set up VPN connection through network manager?


Yes, that's how I do it.

You need to do the following:

sudo apt-get install network-manager-openvpn


It will then add the entries to Network Manager for openvpn sessions and you can create it.

xen
Posts: 6
Joined: Tue Dec 09, 2008 7:44 am

Re: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (err

Postby xen » Sat Dec 27, 2008 3:26 am

Thanks, it worked! The only specific setup I had to figure out was with the Connection Type (x.509 with Password Authentication). Maybe this could become a part of wiki how-to?

closetredneck
Posts: 2
Joined: Mon Feb 23, 2009 6:27 pm

Re: Cannot open TUN/TAP dev /dev/net/tun: Permission denied (err

Postby closetredneck » Mon Feb 23, 2009 6:42 pm

I've got the same error, but I *did* used sudo...any ideas?

Who is online

Users browsing this forum: No registered users and 13 guests