Connected to server but no packets received

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
macht
OpenVpn Newbie
Posts: 1
Joined: Tue Mar 13, 2012 2:45 pm

Connected to server but no packets received

Post by macht » Tue Mar 13, 2012 3:08 pm

Hi, I've read many threads here and haven't found a solution.

OpenVPN installed on a VPS XEN (Ubuntu 11.10 x86), the client on Windows XP. The client connects to a server and receives a connection address of 10.8.0.6, but TAP doesn't receive packets from the server.

Someone can help me ?


client1.ovpn
client
dev tun
proto udp
remote 188.116.55.231 1194
resolv-retry infinite
nobind
persist-key
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
comp-lzo
verb 3
server.conf
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3
Log from Client
Tue Mar 13 15:24:05 2012 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
Tue Mar 13 15:24:05 2012 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Tue Mar 13 15:24:05 2012 LZO compression initialized
Tue Mar 13 15:24:05 2012 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Tue Mar 13 15:24:05 2012 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Tue Mar 13 15:24:05 2012 Local Options hash (VER=V4): '41690919'
Tue Mar 13 15:24:05 2012 Expected Remote Options hash (VER=V4): '530fdded'
Tue Mar 13 15:24:05 2012 UDPv4 link local: [undef]
Tue Mar 13 15:24:05 2012 UDPv4 link remote: 188.116.55.231:1194
Tue Mar 13 15:24:05 2012 TLS: Initial packet from 188.116.55.231:1194, sid=787464a8 c4a0e9bf
Tue Mar 13 15:24:06 2012 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=Fort-Funston_CA/emailAddress=me@myhost.mydomain
Tue Mar 13 15:24:06 2012 VERIFY OK: nsCertType=SERVER
Tue Mar 13 15:24:06 2012 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/CN=server/emailAddress=me@myhost.mydomain
Tue Mar 13 15:24:12 2012 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Mar 13 15:24:12 2012 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar 13 15:24:12 2012 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Tue Mar 13 15:24:12 2012 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Mar 13 15:24:12 2012 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Tue Mar 13 15:24:12 2012 [server] Peer Connection Initiated with 188.116.55.231:1194
Tue Mar 13 15:24:13 2012 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Tue Mar 13 15:24:14 2012 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Tue Mar 13 15:24:14 2012 Options error: unknown --redirect-gateway flag: bypass-dhcp
Tue Mar 13 15:24:14 2012 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:4: topology (2.0.9)
Tue Mar 13 15:24:14 2012 OPTIONS IMPORT: timers and/or timeouts modified
Tue Mar 13 15:24:14 2012 OPTIONS IMPORT: --ifconfig/up options modified
Tue Mar 13 15:24:14 2012 OPTIONS IMPORT: route options modified
Tue Mar 13 15:24:14 2012 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Mar 13 15:24:14 2012 TAP-WIN32 device [Połączenie lokalne 2] opened: \\.\Global\{75C5433F-4B4D-470E-9192-6D023A3E8F2A}.tap
Tue Mar 13 15:24:14 2012 TAP-Win32 Driver Version 8.4
Tue Mar 13 15:24:14 2012 TAP-Win32 MTU=1500
Tue Mar 13 15:24:14 2012 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {75C5433F-4B4D-470E-9192-6D023A3E8F2A} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Tue Mar 13 15:24:14 2012 Successful ARP Flush on interface [262149] {75C5433F-4B4D-470E-9192-6D023A3E8F2A}
Tue Mar 13 15:24:14 2012 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Tue Mar 13 15:24:14 2012 Route: Waiting for TUN/TAP interface to come up...
Tue Mar 13 15:24:15 2012 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Tue Mar 13 15:24:15 2012 Route: Waiting for TUN/TAP interface to come up...
Tue Mar 13 15:24:16 2012 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Tue Mar 13 15:24:16 2012 Route: Waiting for TUN/TAP interface to come up...
Tue Mar 13 15:24:17 2012 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Tue Mar 13 15:24:17 2012 Route: Waiting for TUN/TAP interface to come up...
Tue Mar 13 15:24:18 2012 TEST ROUTES: 0/0 succeeded len=1 ret=0 a=0 u/d=down
Tue Mar 13 15:24:18 2012 Route: Waiting for TUN/TAP interface to come up...
Tue Mar 13 15:24:20 2012 TEST ROUTES: 1/1 succeeded len=1 ret=1 a=0 u/d=up
Tue Mar 13 15:24:20 2012 route ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Tue Mar 13 15:24:20 2012 Route addition via IPAPI succeeded
Tue Mar 13 15:24:20 2012 Initialization Sequence Completed
ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3e:3a:9d:8f
inet addr:188.116.55.231 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::216:3eff:fe3a:9d8f/64 Scope:Link
inet6 addr: 2a02:ee0:2:aaaa::95f:b7d4/64 Scope:Global
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:996326 errors:0 dropped:294 overruns:0 frame:0
TX packets:16626 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:68711695 (68.7 MB) TX bytes:2576950 (2.5 MB)
Interrupt:26

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT udp -- anywhere anywhere udp dpts:33434:3352 3
ACCEPT all -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp dpt:openvpn
ACCEPT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED
ACCEPT all -- 10.8.0.0/24 anywhere
REJECT all -- anywhere anywhere reject-with icmp-po rt-unreachable
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTAB LISHED
ACCEPT all -- 10.8.0.0/24 anywhere
REJECT all -- anywhere anywhere reject-with icmp-po rt-unreachable

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- 10.8.0.0/24 anywhere to:188.116.55.231
MASQUERADE all -- 10.8.0.0/24 anywhere
MASQUERADE all -- 10.8.0.0/24 anywhere
Thanks for your time!
Top
Post Reply

Return to “The OpenVPN Access Server”