Hey all
New user here, let me know how to categorize/fix this if I messed up a bit.
I've been having some (a lot of) trouble connecting to Mullvad with NetBSD. I'm aware there's no way to use Wireguard yet so instead I've been struggling to figure out OpenVPN. Spoiler alert: I'm posting this over my connection to Mullvad, but I'm requesting comment because I think I did it wrong.
I did the following:
- installed
openvpn
and openresolv
via pkgin
- put the
rc.d
script for OpenVPN in the correct location (/etc/rc.d/
) with the right file permissions (0755
)
- copied the Mullvad-supplied configuration files,
mullvad_ca.crt
, mullvad_nz_akl.conf
, mullvad_userpass.txt
, and update-resolv-conf
to /usr/pkg/etc/openvpn/
After this, OpenVPN complained about missing files in /etc/openvpn/
. I made the probably unwise decision to ln -s /etc/openvpn /usr/pkg/etc/openvpn
which at least lead me further to getting the following errors with `# openvpn /etc/openvpn/mullvad_nz_akl.conf:
Options error: --ca fails with 'mullvad_ca.crt': No such file or directory (errno=2)
2021-07-19 17:04:12 WARNING: cannot stat file 'mullvad_userpass.txt': No such file or directory (errno=2)
Options error: --auth-user-pass fails with 'mullvad_userpass.txt': No such file or directory (errno=2)
Then I did some more reading of the Mullvad OpenVPN guide and other Linux articles and found that I should probably use the --config
arg to specify my configuration file. openvpn --config /etc/openvpn/mullvad_nz_akl.conf
gives me the same error. Okay. I'm getting errors with missing files, and args that apparently supply the locations. Let's try openvpn --config /etc/openvpn/mullvad_nz_akl.conf --ca /etc/openvpn/mullvad_ca.crt --auth-user-pass /etc/openvpn/mullvad_userpass.txt
. Aha! A long string of warnings, here's the last three lines:
2021-07-19 17:08:40 /etc/openvpn/update-resolv-conf tun0 1500 1552 10.9.0.18 255.255.0.0 init
2021-07-19 17:08:40 WARNING: Failed running command (--up/--down): could not execute external program
2021-07-19 17:08:40 Exiting due to fatal error
Okay. What's that script? update-resolv-conf
? It's a short one - 100 lines or so of bash. So I found the upstream and # mv update-resolv-conf update-resolv-conf.bak && mv update-resolv-conf.sh update-resolv-conf && chmod +x update-resolv-conf
. Now let's rerun that long, explicit openvpn
command from earlier and:
[...]
2021-07-19 17:15:07 Initialization Sequence Completed
YES! And curl https://am.i.mullvad.net/connected
says I'm connected.
So: How much damage did I do? Is there a better (more automagic) way to do VPN connections? I'm a total NetBSD n00b and have thick skin so feel free to go ahead and fillet me... linking /etc/openvpn -> /usr/pkg/etc/openvpn made even me cringe.