Silvan Michael Gebhardt bio photo

Silvan Michael Gebhardt

Unternehmer, Informatiker, Network Operator

Twitter LinkedIn

Tun driver leaks

So I am a sysops as you might know. I mostly work remote with tools like teamviewer (works fine on linux since they fixed the bug when it killed my KVM vms which they actually took serious), with pfsense for Site to site VPN, if nothing else works and it has to work just I even sometimes run over plain GRE Tunnels and then encrypt everything via SSH. so Openvpn it is this time. Remote Server by a customer, Small Business Server 2008, just migrated into a new nice shiny vmware ESXi box (with a crazy raidcontroller with ssd cache trying to make it slightly FASTER than before) and I see that the router is a crappy zyxel modem. No VPN functionality. Well, the Server runs SSTP, I don’t like that except if I can run a mikrotik as a client but I don’t want to waste a router for this, even if that thing is less than 100 bucks.

What else then? Yeah. Openvpn.

ET phone home

Well lets make the server a client then. All I want is to run RDP with secure access, always on the same IP, properly encrypted and secured. What I normally do is what I did here aswell: Configure a client instance, did a client override for a static IP, config file export, it has to run as a service so it should not need the “Management Interface” so I can just go ahead and run the 64bit installer. Generated it with pfsense - installed. Tap driver installation failed.

Damn, lets check that laters, but uninstall it first. Oh, another installation is still going on? I have no clue what you’re talking about, windows. Thanks.

Chaos starts

Well if it does not work with driver installation what do you do with windows? Riiiight. Reboot.

Lets do the other stuff we were planning, oh and why is the ram so full?

  • Why is it 19.9GB full to be exact?
  • Why is the swap partition full with 23GB?
  • Why is it increasing?

uh oh lets reboot it

More stuff

So after the reboot things were back to normal, even tough it took it 20 Minutes. I hate small SBS for that, I personally prefer the regular setup. Anyway, lets uninstall the TAP Driver? Nice, lets reinstall the new driver, it should be done by now. Hey, why is devcon.exe not writeable? Oh the ram is full again.

So, lets see, oh the uninstall is still going on? great. kill devcon.exe. Finally the ram clears out again. Now the installation goes on fast.

Conclusion

If your Windows is acting up with the TAP Driver installation act quick, that thing is apparently memoryleaking on some versions. I don’t know the exact tap driver version I got, I then went on to download the tap driver from the openvpn website. The first one I tried which failed was the one that is included in the 1.2.9 Version of the “OpenVPN Client Export Utility” which is a plugin to pfsense. I might need to update to the 1.2.12 version now.