Problems with OpenVPN 2.1_rc15 on Vista and XP

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
excalibr
OpenVpn Newbie
Posts: 1
Joined: Sun Apr 05, 2009 8:08 am

Problems with OpenVPN 2.1_rc15 on Vista and XP

Post by excalibr » Sun Apr 05, 2009 8:10 am

Greetings,

I'm having trouble getting past the first hurdle, ie. successful pings. My objectives is this:

Stage 1. Setup OPENVPN on my home network 192.168.1.xxx, such that my PC and Laptop can ping each other.

Stage 2. Extend the setup such that external machines (friends/family) can connect through my public IP, via Port Forwarding, into my VPN home network

CONFIGURATIONS: PC = Win Vista, Laptop = Win XP, both on OpenVPN 2.1_rc15, both allowed UDP port 1194 in Firewall settings

Nevermind Stage 2 for now, I am stuck with 1 :(

Keeping it simple, I wanted to test the most basic setup, ie. Static Key, and I followed instructions here

http://openvpn.net/index.php/documentat ... howto.html

Problem is after OPENVPN is fired up on both server/client, and IPCONFIG shows they have a new address 10.8.0.1 / 10.8.0.2 respectively, the machines cannot ping each other. I would have thought if they're on the same subnet, PING should be no problems.

Without resolving this step, I believe it's pointless to even attempt Stage 2.

Thanks for any assistance you can render (I'm not a networking expert by any stretch of imagination, but I like to persist ...)
John S

-------------------------------------------------------------------------------------

On the PC server, I have this config file

dev tun
ifconfig 10.8.0.1 10.8.0.2
secret static.key

On the Laptop client, I have this config file

;remote myremote.mydomain
dev tun
ifconfig 10.8.0.2 10.8.0.1
secret static.key

I had commented out the remote entry as the client isn't coming from external yet.

-------------------------------------------------------------------------------------

I fired up OPENVPN on server, everything seems OK

Sun Apr 05 17:27:03 2009 OpenVPN 2.1_rc15 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 19 2008
Sun Apr 05 17:27:03 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sun Apr 05 17:27:03 2009 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Apr 05 17:27:03 2009 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{BB3D6041-84D0-45EC-9AF5-B1E5A342335A}.tap
Sun Apr 05 17:27:03 2009 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {BB3D6041-84D0-45EC-9AF5-B1E5A342335A} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Sun Apr 05 17:27:03 2009 Successful ARP Flush on interface [23] {BB3D6041-84D0-45EC-9AF5-B1E5A342335A}
Sun Apr 05 17:27:03 2009 UDPv4 link local (bound): [undef]:1194
Sun Apr 05 17:27:03 2009 UDPv4 link remote: [undef]

Server IPCONFIG shows this:

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . :
Link-local IPv6 Address . . . . . : fe80::41b5:eb8f:8760:fadd%23
IPv4 Address. . . . . . . . . . . : 10.8.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Default Gateway . . . . . . . . . :

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . : home.gateway
Link-local IPv6 Address . . . . . : fe80::49c6:96f4:2928:953e%10
IPv4 Address. . . . . . . . . . . : 192.168.1.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254


-------------------------------------------------------------------------------------

I fired up OPENVPN on client, everything seems OK

Client IPCONFIG shows this:

Sun Apr 05 16:31:23 2009 OpenVPN 2.1_rc15 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov 19 2008
Sun Apr 05 16:31:23 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Sun Apr 05 16:31:23 2009 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sun Apr 05 16:31:23 2009 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{B368FC60-5C2E-4364-8002-0DD1F9477052}.tap
Sun Apr 05 16:31:23 2009 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.2/255.255.255.252 on interface {B368FC60-5C2E-4364-8002-0DD1F9477052} [DHCP-serv: 10.8.0.1, lease-time: 31536000]
Sun Apr 05 16:31:23 2009 Successful ARP Flush on interface [327686] {B368FC60-5C2E-4364-8002-0DD1F9477052}
Sun Apr 05 16:31:23 2009 UDPv4 link local (bound): [undef]:1194
Sun Apr 05 16:31:23 2009 UDPv4 link remote: [undef]

Client IPCONFIG shows this:


Ethernet adapter Wireless Network Connection:

Connection-specific DNS Suffix . : home.gateway
IP Address. . . . . . . . . . . . : 192.168.1.101
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254

Ethernet adapter Local Area Connection 3:

Connection-specific DNS Suffix . :
IP Address. . . . . . . . . . . . : 10.8.0.2
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Default Gateway . . . . . . . . . :
Top
User avatar
krzee
Forum Team
Posts: 728
Joined: Fri Aug 29, 2008 5:42 pm

Re: Problems with OpenVPN 2.1_rc15 on Vista and XP

Post by krzee » Tue Apr 14, 2009 3:57 am

without the remote option it wont know where to connect to. you can connect while in the same lan (in fact this is used for securing wifi). If you were to connect within the same lan some things would need to be done differently in some setups, but with this simple set it is fine.
a) you want: remote <lan ip of other endpoint>
b) make sure windows firewall is NOT active on the tap adapter and is set to allow connections on openvpn's port on extrenal interface
Top
Post Reply

Return to “Configuration”