Cannot open TUN/TAP dev ovpn: No such file or directory (errno=2)

[Mark]

I'm completely new to Tunnelblick so sorry if I've missed something
obvious. However, I haven't been able to fine this specific issue
listed. I'm trying to use ovpn config files, which work fine on my PC
but I can't get it working on my mac running OSX 10.6. Here's my log
file:

2010-12-29 12:17:37 *Tunnelblick: OS X 10.6.5; Tunnelblick 3.1.2
(build 2190.2258); OpenVPN 2.1.4
2010-12-29 12:17:39 *Tunnelblick: Attempting connection with Mark; Set
nameserver = 1; monitoring connection
2010-12-29 12:17:39 *Tunnelblick: /Applications/Tunnelblick.app/
Contents/Resources/openvpnstart start Mark.ovpn 1337 1 0 0 0 49
2010-12-29 12:17:39 OpenVPN 2.1.4 i386-apple-darwin10.5.0 [SSL] [LZO2]
[PKCS11] built on Dec 9 2010
2010-12-29 12:17:39 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2010-12-29 12:17:39 Need hold release from management interface,
waiting...
2010-12-29 12:17:39 *Tunnelblick: openvpnstart: /Applications/
Tunnelblick.app/Contents/Resources/openvpn --cd /Users/admin/Library/
Application Support/Tunnelblick/Configurations --daemon --management
127.0.0.1 1337 --config /Users/admin/Library/Application Support/
Tunnelblick/Configurations/Mark.ovpn --log /tmp/tunnelblick/logs/-
SUsers-Sadmin-SLibrary-SApplication Support-STunnelblick-
SConfigurations-SMark.ovpn.1_0_0_0_49.1337.openvpn.log --management-
query-passwords --management-hold --script-security 2 --up /
Applications/Tunnelblick.app/Contents/Resources/
client.up.tunnelblick.sh -m -w -d --down /Applications/Tunnelblick.app/
Contents/Resources/client.down.tunnelblick.sh -m -w -d --up-restart
2010-12-29 12:17:40 MANAGEMENT: Client connected from 127.0.0.1:1337
2010-12-29 12:17:40 MANAGEMENT: CMD 'pid'
2010-12-29 12:17:40 MANAGEMENT: CMD 'state on'
2010-12-29 12:17:40 MANAGEMENT: CMD 'state'
2010-12-29 12:17:40 MANAGEMENT: CMD 'hold release'
2010-12-29 12:17:40 NOTE: the current --script-security setting may
allow this configuration to call user-defined scripts
2010-12-29 12:17:40 MANAGEMENT: CMD 'password [...]'
2010-12-29 12:17:40 WARNING: this configuration may cache passwords in
memory -- use the auth-nocache option to prevent this
2010-12-29 12:17:40 WARNING: file 'Mark.key' is group or others
accessible
2010-12-29 12:17:40 LZO compression initialized
2010-12-29 12:17:40 Control Channel MTU parms [ L:1560 D:140 EF:40 EB:
0 ET:0 EL:0 ]
2010-12-29 12:17:40 Socket Buffers: R=[262140->65536] S=[131070-
>65536]
2010-12-29 12:17:40 Data Channel MTU parms [ L:1560 D:1450 EF:60 EB:
135 ET:0 EL:0 AF:3/1 ]
2010-12-29 12:17:40 Local Options hash (VER=V4): '958c5492'
2010-12-29 12:17:40 Expected Remote Options hash (VER=V4): '79ef4284'
2010-12-29 12:17:40 Attempting to establish TCP connection with
xxx.xxx.xx.xxx:1194 [nonblock]
2010-12-29 12:17:40 MANAGEMENT: >STATE:1293625060,TCP_CONNECT,,,
2010-12-29 12:17:40 *Tunnelblick: Obtained VPN passphrase from the
Keychain
2010-12-29 12:17:41 TCP connection established with xxx.xxx.xx.xxx:
1194
2010-12-29 12:17:41 TCPv4_CLIENT link local: [undef]
2010-12-29 12:17:41 TCPv4_CLIENT link remote: xxx.xxx.xx.xxx:1194
2010-12-29 12:17:41 MANAGEMENT: >STATE:1293625061,WAIT,,,
2010-12-29 12:17:41 MANAGEMENT: >STATE:1293625061,AUTH,,,
2010-12-29 12:17:41 TLS: Initial packet from xxx.xxx.xx.xxx:1194,
sid=4c90b0cd 545d9fec
2010-12-29 12:17:41 VERIFY OK: depth=1, /C=UK/ST=NA/L=London/
O=Mycompany/CN=pfsense/emailAddress=o...@ktsplc.com
2010-12-29 12:17:41 VERIFY OK: nsCertType=SERVER
2010-12-29 12:17:41 VERIFY OK: depth=0, /C=UK/ST=NA/O=Mycompany/
CN=pfsense/emailAddress=o...@mycompany.com
2010-12-29 12:17:42 Data Channel Encrypt: Cipher 'AES-256-CBC'
initialized with 256 bit key
2010-12-29 12:17:42 Data Channel Encrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
2010-12-29 12:17:42 Data Channel Decrypt: Cipher 'AES-256-CBC'
initialized with 256 bit key
2010-12-29 12:17:42 Data Channel Decrypt: Using 160 bit message hash
'SHA1' for HMAC authentication
2010-12-29 12:17:42 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-
AES256-SHA, 1024 bit RSA
2010-12-29 12:17:42 [pfsense] Peer Connection Initiated with
xxx.xxx.xx.xxx:1194
2010-12-29 12:17:43 MANAGEMENT: >STATE:1293625063,GET_CONFIG,,,
2010-12-29 12:17:45 SENT CONTROL [pfsense]: 'PUSH_REQUEST' (status=1)
2010-12-29 12:17:45 PUSH: Received control message: 'PUSH_REPLY,route
10.0.0.0 255.255.0.0,dhcp-option DOMAIN mycompany.com,dhcp-option DNS
10.0.1.1,dhcp-option DNS 10.0.1.11,dhcp-option WINS 10.0.1.1,dhcp-
option NBT 4,route 192.168.100.0 255.255.255.0,route
192.168.200.1,ping 10,ping-restart 60,ifconfig 192.168.200.66
192.168.200.65'
2010-12-29 12:17:45 OPTIONS IMPORT: timers and/or timeouts modified
2010-12-29 12:17:45 OPTIONS IMPORT: --ifconfig/up options modified
2010-12-29 12:17:45 OPTIONS IMPORT: route options modified
2010-12-29 12:17:45 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option
options modified
2010-12-29 12:17:45 ROUTE default_gateway=192.168.2.1
2010-12-29 12:17:45 MANAGEMENT: Client disconnected
2010-12-29 12:17:45 Cannot open TUN/TAP dev ovpn: No such file or
directory (errno=2)
2010-12-29 12:17:45 Exiting
2010-12-29 12:17:45 *Tunnelblick: Flushed the DNS cache


Could it be that the TUN/TAP files/directory weren't installed whrn I
ran the installer?

[jkbull...gmail.com]

Please post your configuration file. X out anything sensitive (such as the server IP address).

[Mark]

Sorry for the delay, here's my config file:


# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
;client
float

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap

dev-node ovpn

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
proto tcp-client
;proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote xxx.xxx.xx.xxx 1194
;remote my-server-2 1194

# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.

tls-client
ca ca.crt
cert Mark.crt
key Mark.key

# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
ns-cert-type server

# If a tls-auth key is used on the server
# then every client must also have the key.
;tls-auth ta.key 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

pull

cipher AES-256-CBC

[jkbull...gmail.com]

The problem is the "dev-node ovpn" line. It is, as the comments above it say, for Windows "tap" devices. Since you're not running on Windows and are using a tun device instead of a tap device (the "dev tun" line specifies that you are using a tun device), try commenting out that line by prefixing it with a semicolon, so it reads ";dev-node ovpn"

[qiha...@gmail.com]

This solved my issue too, many thanks!

[pepe.a...@gmail.com]

great

[barak...@gmail.com]

This is not working

here is my config file

dev-node    "Global Operations"

remote      go-nz02-ops.navmanwireless.com

port        26401

ca          nz20.ops_out_bkalai.chain.unknown

cert        nz20.ops_out_bkalai.cert

key         nz20.ops_out_bkalai.key

tls-auth    nz20.ops_in_go-nz02-ops.navmanwireless.com.tls.unknown 1

client

dev tun

proto udp

resolv-retry infinite

nobind

persist-key

persist-tun

remote-cert-tls server

comp-lzo

auth-user-pass

auth        SHA512

cipher      BF-CBC

keysize     448

tls-cipher  TLS-DHE-RSA-WITH-AES-256-CBC-SHA

verb 2

[Tunnelblick developer]

@barakkalai1:

• Please don't hijack other people's topics, create a new topic.
• Please post the diagnostic info obtained by following the instructions at Read Before You Post (https://tunnelblick.net/cBeforeYouPost.html).
• There are a lot of things wrong with your configuration. Where did you get it?

On Thursday, June 11, 2020 at 5:58:19 PM UTC-4, <> wrote:

This is not working

<snip> 

Could it be that the TUN/TAP files/directory weren't installed whrn I
ran the installer?

No. They are not installed. They are loaded dynamically, as needed.