[Freedombox-discuss] OpenVPN Installation on Beagle Bone Black locks out web access

Steven Ng steveng5 at protonmail.com
Wed Jan 16 02:10:32 GMT 2019

Thank you for hunting this down. I was performed the instructions and am able to restart the firewall without any problem. I am also able to connect to OpenVPN on my phone, but cannot only browse to my FreedomBox only by it's local IP address but not by it's zeroconf name freedombbb.local.  I have another freedombox (RPi3+) on my LAN called freedompi.local I cannot connect through the VPN to it via host name nor by its IP address.


Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, January 15, 2019 4:34 PM, Sunil Mohan Adapa <sunil at medhas.org> wrote:

> On 14/01/19 6:21 pm, Steven Ng wrote:
> > Thanks Sunil,
> > I've been able to recreate the problem in VirtualBox and will see if
> > I can gather more information.
> Hi Steven,
> I have been able to recreate the problem in my VirtualBox instance today
> after installing OpenVPN and rebooting the system. I have created a bug
> in FreedomBox tracker[1]. Looks like firewalld/nftables is unable to
> handle '+' in the interface name created by OpenVPN 'tun+'. I described
> the following way to recover the system from such a failure.
> Recovering from a running system if you have SSH/console access:
> $ firewall-cmd --zone=internal --remove-interface=tun+ --permanent
> $ firewall-cmd --zone=internal --remove-interface=tun+
> $ systemctl restart firewalld
> Recovering when you can access the disk or SD card:
> Edit /etc/firewalld/zones/internal.xml and remove tun+ line and save.
> Boot the disk or SD card.
> Lets collect some more information and submit a bug/patch for
> firewalld/nftables soon.
> Links:
> 1.  https://salsa.debian.org/freedombox-team/plinth/issues/1457
>     Thanks,
>     --
>     Sunil

More information about the Freedombox-discuss mailing list