vpn route on win7 client malfunctions on reconnect after server was updated to 2.5.0

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
ultramage
OpenVpn Newbie
Posts: 4
Joined: Wed Mar 24, 2021 8:03 am

vpn route on win7 client malfunctions on reconnect after server was updated to 2.5.0

Post by ultramage » Wed Mar 24, 2021 8:40 am

I have updated the server from OpenVPN 2.4.9 to 2.5.0 (FreeBSD 12.2 ports src build), and discovered that after the client has a network outage and then reconnects, its routing gets messed up. It will try to reach the VPN subnet through the main uplink's interface, even though the routing table looks like it should, and even though there is an active On-link route for the VPN subnet, with a metric that has priority over the default route.

To recover the client OS from this situation, it's not enough to disconnect and reconnect the VPN. I need to disconnect, disable both the VPN and Ethernet interface, set it to full DHCP mode, bring it up and have it receive the dhcp information, then bring up the vpn interface and finally reconnect.

I have tried fixing this myself, but nothing helps. I minimized the serverside 'push' rules to just 'server 10.0.0.0 255.255.255.0' and 'push "topology subnet"'. I updated both server and client to OpenVPN 2.5.1, as well as updating the TAP driver to latest available. So I believe I have run into some kind of regression in the 2.5.0 version.

I have rolled back the server to 2.4.9 after experiencing another of these routing malfunctions. The moment the client reconnected, everything fixed itself; I did not have to take any additional steps to repair the client state. So without a doubt it is a recently introduced defect on the server side.
Last edited by ultramage on Wed Mar 24, 2021 3:00 pm, edited 5 times in total.

Post Reply