search

slackhq / nebula

A scalable overlay networking tool with a focus on performance, simplicity and security
MIT License
14.33k stars 963 forks source link

Windows "Access denied" for Wintun #698

Closed jeffrson closed 2 years ago

jeffrson commented 2 years ago

Hi,

I set up nebula on Linux without any problem, however, a Windows client fails to start:

time="2022-06-28T17:55:05+02:00" level=info msg="Firewall rule added" firewallRule="map[caName: caSha: direction:outgoing endPort:0 groups:[] host:any ip: proto:0 startPort:0]"
time="2022-06-28T17:55:05+02:00" level=info msg="Firewall rule added" firewallRule="map[caName: caSha: direction:incoming endPort:0 groups:[] host:any ip: proto:1 startPort:0]"
time="2022-06-28T17:55:05+02:00" level=info msg="Firewall started" firewallHash=570dd0546e17b139da845c05717d6dc2005fa7083292e1e8f797affab434c4f4
2022/06/28 17:55:05 Failed to create private namespace: Zugriff verweigert (Code 0x00000005)
2022/06/28 17:55:05 Failed to take device installation mutex: Zugriff verweigert (Code 0x00000005)
time="2022-06-28T17:55:05+02:00" level=error msg="Failed to get a tun/tap device" error="create Wintun interface failed, create TUN device failed: Error creating interface: Access is denied."

Although we have a special configuration (user with regular privileges) I'm running the command from an elevated command line (local admin). Is there anything special I need to do on Windows?

jeffrson commented 2 years ago

Hmmm - looks like this is a non-issue: elevated prompt must not be started by commandline "runas ... cmd", but via "Run as admin" from context menu.