The client on Windows is creating multiple TUN adapters

amlamarra · Post by **amlamarra** » Sat Jul 08, 2017 4:14 pm

This has been an issue for a while but I'm finally getting around to troubleshooting the problem.

My Setup:
I have a Raspberry Pi at home acting as my OpenVPN server (v2.4.0). I used PiVPN for easy setup.
I have a Windows 10 laptop that connects to the VPN just fine. The client is at the latest version (v2.4.3)

The Issue:
When I do "ipconfig" in my command prompt (not connected to VPN), it shows 5 different devices labelled as "Tunnel adapter Local Area Connection* ##". For example:

Code: Select all

Tunnel adapter Local Area Connection* 4:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Local Area Connection* 15:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Local Area Connection* 16:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

Tunnel adapter Local Area Connection* 17:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

I am able to remove these in Device Manager (with "Show hidden devices" turned on). In there, the devices show as "Microsoft ISATAP Adapter." But they're created again once I connect to the VPN. While I am connected to the VPN, I see 1 additional adapter:

Code: Select all

Tunnel adapter isatap.{543DFEC0-11C1-4C1F-9D26-C9DFE3335A59}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :

And of course, the one that matters shows correctly with the IP address while I'm connected:

Code: Select all

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 10.8.0.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :

I've tried completely uninstalling the client (using RevoUninstaller), removing the devices in Device Manager, and reinstalling. No good. Maybe it's in my config? Here's my client config:

Client Config

client
dev tun
proto udp
remote <<< my domain name >>> 1194
resolv-retry infinite
nobind
persist-key
persist-tun
key-direction 1
remote-cert-tls server
tls-version-min 1.2
verify-x509-name server name
cipher AES-256-CBC
auth SHA256
comp-lzo
verb 1
<ca>
-----BEGIN CERTIFICATE-----
<<< REDACTED >>>
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
<<< REDACTED >>>
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
<<< REDACTED >>>
-----END ENCRYPTED PRIVATE KEY-----
</key>
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
<<< REDACTED >>>
-----END OpenVPN Static key V1-----
</tls-auth>

And my server config:

Server Config

dev tun
proto udp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key
dh /etc/openvpn/easy-rsa/pki/dh2048.pem
topology subnet
server 10.8.0.0 255.255.255.0
# server and remote endpoints
ifconfig 10.8.0.1 10.8.0.2

# Set your primary domain name server address for clients
push "dhcp-option DNS 192.168.1.2"

push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
cipher AES-256-CBC
auth SHA256
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log 20
status-version 3
log /var/log/openvpn.log
verb 1

This isn't exactly a critical issue, but I'd like my screen not to be filled with useless garbage when I do "ipconfig /all". Plus, I'd like the opportunity to learn something new about OpenVPN. Any help would be greatly appreciated.