Community Support Forum
 
  OpenVPN.net  •  Forum Index  •  FAQ  

It is currently Fri Apr 18, 2014 12:41 am


Forum rules


Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!



Post new topic Reply to topic  [ 2 posts ] 
 OpenVPN Help, Connects Successfully But Does Not Work 
Author Message
 Post subject: OpenVPN Help, Connects Successfully But Does Not Work
PostPosted: Sun Feb 27, 2011 3:13 am 
OpenVpn Newbie

Joined: Sun Feb 27, 2011 2:53 am
Posts: 1
I'm new to OpenVPN and I followed the Lockup Guide http://lockup.wordpress.com/configure-openvpn/ to get started. I'm setup exactly as his configuration guide suggests, just changing the server address and port. The clients are windows machines and the server is a windows 2008 box (192.168.1.150). I've disabled the firewall on the Windows Server 2008 machine. I've also used DD-WRT to forward my OpenVPN port to the server 2008 machine and set up an advanced routing just like it says. DD-WRT reports my routing tables as:

    Destination LAN NET Subnet Mask Gateway Interface
    172.27.35.1 255.255.255.255 0.0.0.0 WAN
    192.168.10.0 255.255.255.252 192.168.1.150 LAN & WLAN
    192.168.1.0 255.255.255.0 0.0.0.0 LAN & WLAN
    172.27.35.0 255.255.255.0 0.0.0.0 WAN
    169.254.0.0 255.255.0.0 0.0.0.0 LAN & WLAN
    0.0.0.0 0.0.0.0 172.27.35.1 WAN

My network and DNS ip is 192.168.1.1 with subnet mask 255.255.255.0. I can successfully connect to the OpenVPN server and my client gets provisioned with an IP. For example, my client gets an ip of 192.168.10.3 and the only thing it can ping successfully is 192.168.10.1. If I try to go to any other website or computer, either internally or externally, it times out. I may have a routing problem but I've got no clue. I appreciate any help or feedback you might offer. Thank you. -John

client1.ovpn
Code:
### CLIENT1 CONFIG FILE ###
# lines starting with # or ; will not be read by OpenVPN

client
dev tap
#dev-node MyTAP   # If you renamed your TAP interface or have more than one TAP interface then remove the # at the beginning and change "MyTAP" to its name.
proto udp
remote XXX.dyndns-free.com XXX   #### CHANGE. Replace with DynDNS or IP address. Number after is the port you will have to forward with your router.
route 192.168.1.0 255.255.255.0 vpn_gateway 3   #### CHECK. This it the IP address scheme and subnet of the normal network your server is on.
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\client1.crt"   #### CHECK. Must match client name.
key "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\client1.key"   #### CHECK. Must match client name.
tls-auth ta.key 1   # 'ta.key' must be in the config folder.
ns-cert-type server
cipher AES-128-CBC   # AES encrytion for the connection.
comp-lzo
verb 2   # This sets how detailed the log file will be. 0 causes problems and higher numbers can give you more detail for troubleshooting.


server.ovpn
Code:
### SERVER CONFIG FILE ###
# lines starting with # or ; will not be read by OpenVPN

local 192.168.1.150   #### CHANGE. This is the IP address of the real (not tun/tap) network interface of the server. Find it using 'run > cmd > ipconfig'.
port XXX   #### CHANGE. This is the port the service will listen on. See 'Configure your Router' section for recommendation.
proto udp
mssfix 1400
push "dhcp-option DNS 192.168.1.1"   #### CHANGE. Replace the Xs with the IP address of the DNS for your home network (usually your ISP's DNS).
#push "dhcp-option DNS X.X.X.X"   #### CHANGE (OPTIONAL). A second DNS server. If you have one, remove the #.
dev tap
#dev-node MyTAP   #### CHECK. If you renamed your TAP interface or have more than one TAP interface, remove the # and change "MyTAP" to its name.
ca "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\ca.crt" 
cert "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\server.key"   # Never take this file off the server.
dh "C:\\Program Files (x86)\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"
tls-auth ta.key 0   # 'ta.key' must be in the config folder.
server 192.168.10.0 255.255.255.128   #### CHECK. Assigns the virtual IP address and subent to the VPN. Make sure you add this to your Router (section 4i).
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"   # This will force the clients to use the home network's internet connection
keepalive 10 120
cipher AES-128-CBC   # Connection will be encrypted with AES 128-bit.
comp-lzo
max-clients 10   #### CHECK. Assigns the maximum number of clients here, change according to your setup.
persist-key
persist-tun
status openvpn-status.log
verb 2   # This sets how detailed the log file will be. 0 causes problems and higher numbers can give you more detail for troubleshooting.


Offline
 Profile  
 
 Post subject: Re: OpenVPN Help, Connects Successfully But Does Not Work
PostPosted: Tue Mar 22, 2011 5:28 pm 
Forum Team
User avatar

Joined: Mon Dec 13, 2010 3:51 pm
Posts: 194
Location: Lawrence, KS
Please set "verb 4" and post your server and client log files. Please include the output of "netstat -rn" from your connected client.

You also didn't mention anything about enabling forwarding on your windows server or whether you've added a static route to your client vpn network (192.168.10.0/24) network to your server-side router.

-S

_________________
[..]I used to think it was awful that life was so unfair. [...]Wouldn't it be much worse if life were fair, and all the terrible things that happen to us come because we actually deserve them? -Marcus Cole


Offline
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 


 Who is online 

Users browsing this forum: No registered users and 0 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  


phpBB SEO
[ Time : 0.301s | 14 Queries | GZIP : On ]

 
Index  |  FAQ


Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group