So I'm away in a foreign country. My server back home is running debian stretch which hosts the latest OpenVPN Access server.
The problem I'm having is... when I'm moving around here from wifi to wifi, only some of them work nicely with my VPN.
So for example I could go to starbucks and join their wifi, connect to my access server at home and I'm able do everything you'd expect, ping other clients in my home lan and have all my data tunneled through my home network. fine...
However when I go back to the airbnb and connect to their wifi, I open my client > connect to my home LAN (Initialization Sequence Completed) but what's different here is that I can't ping or share with any of my home networks clients. I can't even ping the gateway at home. What's strange to me however is that when I go into chrome and check my ip online, it's showing as my home networks IP - so the tunnel is clearly working - but I can't see any of the devices on my home lan.
I can share what my client config looks like (see below) however I can't show you my servers config because as I sit here I can't connect to my server and grab it.
Client config:
Terminal feedback:setenv FORWARD_COMPATIBLE 1
client
server-poll-timeout 4
nobind
remote my-home-ip 1194 udp
dev tun
dev-type tun
ns-cert-type server
reneg-sec 604800
sndbuf 100000
rcvbuf 100000
auth-user-pass
# NOTE: LZO commands are pushed by the Access Server at connect time.
# NOTE: The below line doesn't disable LZO.
comp-lzo no
verb 3
setenv PUSH_PEER_INFO
ifconfig after Initialization Sequence Completesudo openvpn config.conf
Thu Jul 27 03:56:28 2017 OpenVPN 2.3.10 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jun 22 2017
Thu Jul 27 03:56:28 2017 library versions: OpenSSL 1.0.2g 1 Mar 2016, LZO 2.08
Thu Jul 27 03:56:28 2017 Control Channel Authentication: tls-auth using INLINE static key file
Thu Jul 27 03:56:28 2017 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 27 03:56:28 2017 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 27 03:56:28 2017 Socket Buffers: R=[212992->200000] S=[212992->200000]
Thu Jul 27 03:56:28 2017 UDPv4 link local: [undef]
Thu Jul 27 03:56:28 2017 UDPv4 link remote: [AF_INET]151.229.251.234:1194
Thu Jul 27 03:56:28 2017 TLS: Initial packet from [AF_INET]151.229.251.234:1194, sid=83259475 3af43acb
Thu Jul 27 03:56:28 2017 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Jul 27 03:56:29 2017 VERIFY OK: depth=1, CN=OpenVPN CA
Thu Jul 27 03:56:29 2017 VERIFY OK: nsCertType=SERVER
Thu Jul 27 03:56:29 2017 VERIFY OK: depth=0, CN=OpenVPN Server
Thu Jul 27 03:56:29 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jul 27 03:56:29 2017 WARNING: this cipher's block size is less than 128 bit (64 bit). Consider using a --cipher with a larger block size.
Thu Jul 27 03:56:29 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 27 03:56:29 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Thu Jul 27 03:56:29 2017 WARNING: this cipher's block size is less than 128 bit (64 bit). Consider using a --cipher with a larger block size.
Thu Jul 27 03:56:29 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Thu Jul 27 03:56:29 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 ECDHE-RSA-AES256-SHA, 2048 bit RSA
Thu Jul 27 03:56:29 2017 [OpenVPN Server] Peer Connection Initiated with [AF_INET]151.229.251.234:1194
Thu Jul 27 03:56:32 2017 SENT CONTROL [OpenVPN Server]: 'PUSH_REQUEST' (status=1)
Thu Jul 27 03:56:32 2017 PUSH: Received control message: 'PUSH_REPLY,explicit-exit-notify,topology subnet,route-delay 5 30,dhcp-pre-release,dhcp-renew,dhcp-release,route-metric 101,ping 12,ping-restart 50,auth-token SESS_ID,comp-lzo yes,redirect-gateway def1,redirect-gateway bypass-dhcp,redirect-gateway autolocal,route-gateway 172.27.234.1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 4.4.4.4,register-dns,block-ipv6,ifconfig 172.27.234.107 255.255.255.0'
Thu Jul 27 03:56:32 2017 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: dhcp-pre-release (2.3.10)
Thu Jul 27 03:56:32 2017 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5: dhcp-renew (2.3.10)
Thu Jul 27 03:56:32 2017 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:6: dhcp-release (2.3.10)
Thu Jul 27 03:56:32 2017 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:18: register-dns (2.3.10)
Thu Jul 27 03:56:32 2017 Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:19: block-ipv6 (2.3.10)
Thu Jul 27 03:56:32 2017 OPTIONS IMPORT: timers and/or timeouts modified
Thu Jul 27 03:56:32 2017 OPTIONS IMPORT: explicit notify parm(s) modified
Thu Jul 27 03:56:32 2017 OPTIONS IMPORT: LZO parms modified
Thu Jul 27 03:56:32 2017 OPTIONS IMPORT: --ifconfig/up options modified
Thu Jul 27 03:56:32 2017 OPTIONS IMPORT: route options modified
Thu Jul 27 03:56:32 2017 OPTIONS IMPORT: route-related options modified
Thu Jul 27 03:56:32 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Thu Jul 27 03:56:32 2017 ROUTE_GATEWAY 192.168.1.254/255.255.255.0 IFACE=wlp2s0 HWADDR=4c:80:93:b5:d5:47
Thu Jul 27 03:56:32 2017 TUN/TAP device tun0 opened
Thu Jul 27 03:56:32 2017 TUN/TAP TX queue length set to 100
Thu Jul 27 03:56:32 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Thu Jul 27 03:56:32 2017 /sbin/ip link set dev tun0 up mtu 1500
Thu Jul 27 03:56:32 2017 /sbin/ip addr add dev tun0 172.27.234.107/24 broadcast 172.27.234.255
Thu Jul 27 03:56:37 2017 ROUTE remote_host is NOT LOCAL
Thu Jul 27 03:56:37 2017 /sbin/ip route add 151.229.251.234/32 via 192.168.1.254
Thu Jul 27 03:56:37 2017 /sbin/ip route add 0.0.0.0/1 via 172.27.234.1
Thu Jul 27 03:56:37 2017 /sbin/ip route add 128.0.0.0/1 via 172.27.234.1
Thu Jul 27 03:56:37 2017 Initialization Sequence Completed
Help appreciated.tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:172.27.234.108 P-t-P:172.27.234.108 Mask:255.255.255.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:1336 (1.3 KB)
wlp2s0 Link encap:Ethernet HWaddr 4c:80:93:b5:d5:47
inet addr:192.168.1.81 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::5e9f:6730:4269:1ce4/64 Scope:Link
inet6 addr: 2001:56a:7561:9900:ccf6:a280:a629:9b83/64 Scope:Global
inet6 addr: 2001:56a:7561:9900:9cd8:a87:10e9:eaa0/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:55759 errors:0 dropped:0 overruns:0 frame:0
TX packets:23474 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:63970289 (63.9 MB) TX bytes:4307127 (4.3 MB)