WireGuard and PIA


Dec 19, 2011
Yesterday I had to reinstall my jail from scratch and I ran into a similar error with wireguard. In my case, it was "Failed to create TUN device: Inappropriate ioctl for device". Since I used exactly the same scripts that were working before I think something must have changed in wireguard (my jail is using freenas 11.4). I have no idea how to fix this, so I decided to switch to openvpn instead, downloading the latest scripts from:


Everything works provided that:
1) all the scripts, including those in the /pia-info/openvpn_config directory, are marked as executable (chmod 777 in my case...)
2) a wrong reference to the ca.rsa.4096.cert file in refresh_pia_port.sh must be fixed. To be more precise, the wrong line is in this part of the script:

  bind_port_response="$(curl -Gs -m 5 \
    --connect-to "$PF_HOSTNAME::$PF_GATEWAY:" \
    --cacert "/manual-connections/ca.rsa.4096.crt" \
    --data-urlencode "payload=${payload}" \
    --data-urlencode "signature=${signature}" \
echo "$bind_port_response"

I have no /manual-connections directory. Change this line to point to wherever your certificate is (for me: /pia/ca.rsa.4096.crt). Always use absolute paths.