Hi.
I've got my OpenVPN setup mostly working, but some traffic isn't being passed through. I'm trying to use VirtualHere on TCP 7575, and that's what is not passing through. We have forwarding rules set up that look right.
When I connect OpenVPN GUI to my server, I see this message:
"WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results"
I'm pretty new to all this, and I'm not sure how to fix this. I don't see any settings with "redirect" in my client or server config files, and I'm open to any suggestions.
Thanks!
Don
redirect-private vs redirect-gateway
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
lwhc
- OpenVpn Newbie
- Posts: 5
- Joined: Wed Dec 09, 2020 12:44 am
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
lwhc
- OpenVpn Newbie
- Posts: 5
- Joined: Wed Dec 09, 2020 12:44 am
Re: redirect-private vs redirect-gateway
Thanks for responding....log file
2021-03-31 14:37:15 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2021-03-31 14:37:15 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-03-31 14:37:15 OpenVPN 2.5.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 28 2020
2021-03-31 14:37:15 Windows version 10.0 (Windows 10 or greater) 64bit
2021-03-31 14:37:15 library versions: OpenSSL 1.1.1h 22 Sep 2020, LZO 2.10
Enter Management Password:
2021-03-31 14:37:15 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
2021-03-31 14:37:15 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
2021-03-31 14:37:15 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1194 [nonblock]
2021-03-31 14:37:15 TCP connection established with [AF_INET]x.x.x.x:1194
2021-03-31 14:37:15 TCP_CLIENT link local: (not bound)
2021-03-31 14:37:15 TCP_CLIENT link remote: [AF_INET]x.x.x.x:1194
2021-03-31 14:37:15 [server] Peer Connection Initiated with [AF_INET]x.x.x.x:1194
2021-03-31 14:37:17 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2021-03-31 14:37:17 open_tun
2021-03-31 14:37:17 tap-windows6 device [Local Area Connection] opened
2021-03-31 14:37:17 Set TAP-Windows TUN subnet mode network/local/netmask = 192.168.10.0/192.168.10.3/255.255.255.0 [SUCCEEDED]
2021-03-31 14:37:17 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.10.3/255.255.255.0 on interface {xxx} [DHCP-serv: 192.168.10.254, lease-time: 31536000]
2021-03-31 14:37:17 Successful ARP Flush on interface [25] {xxx}
2021-03-31 14:37:17 IPv4 MTU set to 1500 on interface 25 using service
2021-03-31 14:37:17 add_route_ipv6(xxx::/112 -> xxx::1001 metric 0) dev Local Area Connection
2021-03-31 14:37:17 IPv6 MTU set to 1500 on interface 25 using service
2021-03-31 14:37:22 add_route_ipv6(xxx::/64 -> 2605:xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(xxx::/3 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(::/3 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(2000::/4 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(3000::/4 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(fc00::/7 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2021-03-31 14:37:22 Initialization Sequence Completed
2021-03-31 14:37:15 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2021-03-31 14:37:15 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-256-CBC' to --data-ciphers or change --cipher 'AES-256-CBC' to --data-ciphers-fallback 'AES-256-CBC' to silence this warning.
2021-03-31 14:37:15 OpenVPN 2.5.0 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 28 2020
2021-03-31 14:37:15 Windows version 10.0 (Windows 10 or greater) 64bit
2021-03-31 14:37:15 library versions: OpenSSL 1.1.1h 22 Sep 2020, LZO 2.10
Enter Management Password:
2021-03-31 14:37:15 WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
2021-03-31 14:37:15 TCP/UDP: Preserving recently used remote address: [AF_INET]x.x.x.x:1194
2021-03-31 14:37:15 Attempting to establish TCP connection with [AF_INET]x.x.x.x:1194 [nonblock]
2021-03-31 14:37:15 TCP connection established with [AF_INET]x.x.x.x:1194
2021-03-31 14:37:15 TCP_CLIENT link local: (not bound)
2021-03-31 14:37:15 TCP_CLIENT link remote: [AF_INET]x.x.x.x:1194
2021-03-31 14:37:15 [server] Peer Connection Initiated with [AF_INET]x.x.x.x:1194
2021-03-31 14:37:17 WARNING: You have specified redirect-gateway and redirect-private at the same time (or the same option multiple times). This is not well supported and may lead to unexpected results
2021-03-31 14:37:17 open_tun
2021-03-31 14:37:17 tap-windows6 device [Local Area Connection] opened
2021-03-31 14:37:17 Set TAP-Windows TUN subnet mode network/local/netmask = 192.168.10.0/192.168.10.3/255.255.255.0 [SUCCEEDED]
2021-03-31 14:37:17 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.10.3/255.255.255.0 on interface {xxx} [DHCP-serv: 192.168.10.254, lease-time: 31536000]
2021-03-31 14:37:17 Successful ARP Flush on interface [25] {xxx}
2021-03-31 14:37:17 IPv4 MTU set to 1500 on interface 25 using service
2021-03-31 14:37:17 add_route_ipv6(xxx::/112 -> xxx::1001 metric 0) dev Local Area Connection
2021-03-31 14:37:17 IPv6 MTU set to 1500 on interface 25 using service
2021-03-31 14:37:22 add_route_ipv6(xxx::/64 -> 2605:xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(xxx::/3 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(::/3 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(2000::/4 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(3000::/4 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 add_route_ipv6(fc00::/7 -> xxx::1 metric -1) dev Local Area Connection
2021-03-31 14:37:22 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2021-03-31 14:37:22 Initialization Sequence Completed
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
lwhc
- OpenVpn Newbie
- Posts: 5
- Joined: Wed Dec 09, 2020 12:44 am
Re: redirect-private vs redirect-gateway
Yes, exactly. What am I looking for in the config files?
There are no references to 'redirect' in either the client or server config files.
There are no references to 'redirect' in either the client or server config files.
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: redirect-private vs redirect-gateway
A needle in a hay-stack.
My crystal ball tells me: You are looking at the wrong files..
My Magic 8-Ball says: Don't count on it..
And you don't want to know what my Rune-Bones told me ..
I thought it wise not to read the Tarot and we are way passed tea-leaves.