Code: Select all
client
dev tun
resolv-retry infinite
nobind
remote-cert-tls server
tls-client
ca client-ca.crt
tls-auth ta.key 1
cryptoapicert "SUBJ: vpn"
comp-lzo
verb 3
keepalive 10 25
auth-retry nointeract
sndbuf 65536
rcvbuf 65536
socket-flags TCP_NODELAY
<connection>
remote vpn.abc.com 2443 udp
</connection>
# Back to UDP
<connection>
remote 2.4.3.2 2443 udp
remote 2.4.3.2 2443 udp
remote 1.1.2.2 2443 udp
connect-retry-max infinite
</connection>
Code: Select all
local 2.4.3.2
server 10.32.23.128 255.255.255.128
port 2443
proto udp
dev tun
topology subnet
ifconfig-pool-persist /etc/openvpn/ip-pool.txt
sndbuf 393216
rcvbuf 393216
push "sndbuf 393216"
push "rcvbuf 393216"
txqueuelen 500
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/dh2048.pem
crl-verify /etc/openvpn/client-crl.pem
tls-verify /etc/openvpn/verifyCert.sh
tls-auth /etc/openvpn/ta.key 0 # This file is secret
client-config-dir ccd
push "route-ipv6 2001::/16"
push "route-ipv6 2002::/16"
push "route-ipv6 0::/1"
push "route-ipv6 8000::/1"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 10.3.2.100"
push "dhcp-option DNS 10.3.2.102"
push "dhcp-option DNS 10.3.6.11"
push "comp-lzo yes"
keepalive 5 15
comp-lzo
max-clients 100
user nobody
group nobody
persist-key
persist-tun
status /etc/openvpn/status-udp.log
verb 3
mute 10
management localhost 2443
script-security 2
client-connect /etc/openvpn/ConnectClientFW.sh
client-disconnect /etc/openvpn/DisConnectClientFW.sh
learn-address /etc/openvpn/set-route.sh
some reason i end up with
Code: Select all
0.0.0.0 0.0.0.0 192.168.11.1 192.168.11.204 10
0.0.0.0 128.0.0.0 10.32.23.1 10.32.23.158 20
0.0.0.0 128.0.0.0 10.32.23.129 10.32.23.158 20
Code: Select all
Sat Jul 11 22:06:41 2015 [vpn.yieldbroker.com] Peer Connection Initiated with [AF_INET]202.74.32.201:2443
Sat Jul 11 22:06:43 2015 SENT CONTROL [vpn.y.com]: 'PUSH_REQUEST' (status=1)
Sat Jul 11 22:06:43 2015 PUSH: Received control message: 'PUSH_REPLY,ifconfig-ipv6 2002:ca4a:2000:2017:c000::101c/66 2002:ca4a:2000:2017:c000::1,sndbuf 393216,rcvbuf 393216,route-ipv6 20
01::/16,route-ipv6 2002::/16,route-ipv6 0::/1,route-ipv6 8000::/1,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 10.32.20.100,dhcp-option DNS 10.32.20.102,dhcp-option DNS 10.32.69.11,
comp-lzo yes,tun-ipv6,route-gateway 10.32.23.129,topology subnet,ping 5,ping-restart 15,ifconfig 10.32.23.158 255.255.255.128'
Sat Jul 11 22:06:43 2015 OPTIONS IMPORT: timers and/or timeouts modified
Sat Jul 11 22:06:43 2015 OPTIONS IMPORT: LZO parms modified
Sat Jul 11 22:06:43 2015 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Sat Jul 11 22:06:43 2015 Socket Buffers: R=[65536->393216] S=[65536->393216]
Sat Jul 11 22:06:43 2015 OPTIONS IMPORT: --ifconfig/up options modified
Sat Jul 11 22:06:43 2015 OPTIONS IMPORT: route options modified
Sat Jul 11 22:06:43 2015 OPTIONS IMPORT: route-related options modified
Sat Jul 11 22:06:43 2015 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Jul 11 22:06:43 2015 do_ifconfig, tt->ipv6=1, tt->did_ifconfig_ipv6_setup=1
Sat Jul 11 22:06:44 2015 NETSH: C:\Windows\system32\netsh.exe interface ipv6 set address Ethernet 4 2002:ca4a:2000:2017:c000::101c store=active
Sat Jul 11 22:06:45 2015 add_route_ipv6(2002:ca4a:2000:2017:c000::/66 -> 2002:ca4a:2000:2017:c000::101c metric 0) dev Ethernet 4
Sat Jul 11 22:06:45 2015 C:\Windows\system32\netsh.exe interface ipv6 add route 2002:ca4a:2000:2017:c000::/66 Ethernet 4 fe80::8 store=active
Sat Jul 11 22:06:45 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Jul 11 22:06:45 2015 ERROR: Windows route add ipv6 command failed: returned error code 1
Sat Jul 11 22:06:45 2015 open_tun, tt->ipv6=1
Sat Jul 11 22:06:45 2015 TAP-WIN32 device [Ethernet 4] opened: \\.\Global\{05861746-0878-407F-A9B3-E442997FE712}.tap
Sat Jul 11 22:06:45 2015 TAP-Windows Driver Version 9.21
Sat Jul 11 22:06:45 2015 Set TAP-Windows TUN subnet mode network/local/netmask = 10.32.23.128/10.32.23.158/255.255.255.128 [SUCCEEDED]
Sat Jul 11 22:06:45 2015 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.32.23.158/255.255.255.128 on interface {05861746-0878-407F-A9B3-E442997FE712} [DHCP-serv: 10.32.23.254, lease-time: 31536000]
Sat Jul 11 22:06:45 2015 Successful ARP Flush on interface [18] {05861746-0878-407F-A9B3-E442997FE712}
Sat Jul 11 22:06:50 2015 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Sat Jul 11 22:06:50 2015 C:\Windows\system32\route.exe ADD 202.74.32.201 MASK 255.255.255.255 192.168.11.1
Sat Jul 11 22:06:50 2015 ROUTE: route addition failed using CreateIpForwardEntry: The object already exists. [status=5010 if_index=26]
Sat Jul 11 22:06:50 2015 Route addition via IPAPI failed [adaptive]
Sat Jul 11 22:06:50 2015 Route addition fallback to route.exe
Sat Jul 11 22:06:50 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Jul 11 22:06:50 2015 C:\Windows\system32\route.exe ADD 192.168.11.5 MASK 255.255.255.255 192.168.11.1 IF 26
Sat Jul 11 22:06:50 2015 ROUTE: route addition failed using CreateIpForwardEntry: The object already exists. [status=5010 if_index=26]
Sat Jul 11 22:06:50 2015 Route addition via IPAPI failed [adaptive]
Sat Jul 11 22:06:50 2015 Route addition fallback to route.exe
Sat Jul 11 22:06:50 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Jul 11 22:06:50 2015 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.32.23.129
Sat Jul 11 22:06:50 2015 ROUTE: route addition failed using CreateIpForwardEntry: The object already exists. [status=5010 if_index=18]
Sat Jul 11 22:06:50 2015 Route addition via IPAPI failed [adaptive]
Sat Jul 11 22:06:50 2015 Route addition fallback to route.exe
Sat Jul 11 22:06:50 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Jul 11 22:06:50 2015 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.32.23.129
Sat Jul 11 22:06:50 2015 ROUTE: route addition failed using CreateIpForwardEntry: The object already exists. [status=5010 if_index=18]
Sat Jul 11 22:06:50 2015 Route addition via IPAPI failed [adaptive]
Sat Jul 11 22:06:50 2015 Route addition fallback to route.exe
Sat Jul 11 22:06:50 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Jul 11 22:06:50 2015 add_route_ipv6(2001::/16 -> 2002:ca4a:2000:2017:c000::1 metric -1) dev Ethernet 4
Sat Jul 11 22:06:50 2015 C:\Windows\system32\netsh.exe interface ipv6 add route 2001::/16 Ethernet 4 fe80::8 store=active
Sat Jul 11 22:06:50 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Jul 11 22:06:50 2015 ERROR: Windows route add ipv6 command failed: returned error code 1
Sat Jul 11 22:06:50 2015 add_route_ipv6(2002::/16 -> 2002:ca4a:2000:2017:c000::1 metric -1) dev Ethernet 4
Sat Jul 11 22:06:50 2015 C:\Windows\system32\netsh.exe interface ipv6 add route ::/1 Ethernet 4 fe80::8 store=active
Sat Jul 11 22:06:50 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Jul 11 22:06:50 2015 ERROR: Windows route add ipv6 command failed: returned error code 1
Sat Jul 11 22:06:50 2015 add_route_ipv6(8000::/1 -> 2002:ca4a:2000:2017:c000::1 metric -1) dev Ethernet 4
Sat Jul 11 22:06:50 2015 C:\Windows\system32\netsh.exe interface ipv6 add route 8000::/1 Ethernet 4 fe80::8 store=active
Sat Jul 11 22:06:50 2015 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Sat Jul 11 22:06:50 2015 ERROR: Windows route add ipv6 command failed: returned error code 1
Sat Jul 11 22:06:50 2015 Initialization Sequence Completed
when i bring the vpn session down, the route goes away and when i bring the vpn up it comes back
