In OpenVPN with Ethernet Bridging, after VPN is established, VPN Client doesn't have Default Gateway and Internet access

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
JoyfulPanda
OpenVpn Newbie
Posts: 1
Joined: Mon Oct 21, 2019 7:54 am

In OpenVPN with Ethernet Bridging, after VPN is established, VPN Client doesn't have Default Gateway and Internet access

Post by JoyfulPanda » Mon Oct 21, 2019 10:44 am

Network diagram

There is a network setup as followed:

Code: Select all

+--------------------+  +---------------+ +---------------------+
|          +------------>    Internet   <------------+          |
|          |         |  +---------------+ |          |          |
|  +-------+-------+ |                    |  +-------+-------+  |
|  |    Router 1   | |                    |  |    Router 2   |  |
|  +-------^-------+ |                    |  +-------^-------+  |
|          |         |                    |          |          |
|          |         |                    |          |          |
|      +---+---+     |                    |      +---+---+      |
|      |  PC 1 |     |                    |      |  PC 2 |      |
|      +-------+     |                    |      +-------+      |
|                    |                    |                     |
|      MAIN HOME     |                    |   SECONDARY HOME    |
|                    |                    |                     |
+--------------------+                    +---------------------
  • Main home's local subnet: 192.168.1.0/255.255.255.0
  • Secondary home's local subnet: 192.168.0.0/255.255.255.0
  • Main home and Secondary home are far away from each other and have different Internet Service Subscriptions. Thus, both Router 1 and Router 2 have 2 different public IPs.
  • All PCs use IPv4.
  • PC1: Windows 7 x64. PC2: Windows 8.1 x64. At present, for testing purposes, Windows Firewall is disabled.
Intention

I'm usually at the Secondary Home, and I would like to stay and access Internet like I were physically in the Ethernet network in Main Home. That is, in the same Ethernet subnet as PC1.

My attempt

Thanks to OpenVPN Community Edition (openvpn-install-2.4.7-i607-win7.exe), I can set up the VPN between these PCs with Ethernet Bridging. OpenVPN Server is installed in PC1 while OpenVPN Client in PC2.

In PC1, there is a Bridge Connection between the Ethernet interface and the OpenVPN's Tap interface. After creating, the Ethernet interface for PC1 lost its IP; instead, the Bridge interface got one: 192.168.1.74 (thanks to DHCP from Router 1).

In Router 1, I forwarded port 40000 to PC1 (192.168.1.74) so that OpenVPN Client in PC2 can contact the OpenVPN Server in PC1.

In Router 1, I configured DHCP so that it avoids assigning new IPs at a specific range, which is managed by the OpenVPN Server's DHCP. Said in other words, the OpenVPN Client will not rely on the Router 1's DHCP functionality.

In PC1, the Default Gateway is 192.168.1.254. The Router 1 Control Panel's website can be accessed through this IP.

Problems

It works to some extent (PC1 and PC2 can ping each other; PC1 can access Internet), but there are 2 problems:
  1. Using

    Code: Select all

    ipconfig /all
    , PC2 misses "Default Gateway" field.
  2. Probably due to the problem above, PC2 cannot access the Internet.
In OpenVPN Client's log file (PC2), there is a line

Code: Select all

ROUTE_GATEWAY 192.168.0.1/255.255.255.0 I=3 HWADDR=08:00:27:00:6c:e1
. I'm not sure if it has something to do with the empty "Default Gateway" in PC2 after VPN is established.

Configuration/Debug data

OpenVPN Client's Conf (on PC2):

Client Config

client
dev tap
proto udp4
remote X.Y.Z.K 40000
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\ClientVPN.crt"
key "C:\\Program Files\\OpenVPN\\config\\ClientVPN.key"
remote-cert-tls server
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
cipher AES-256-CBC
comp-lzo
verb 4
keepalive 5 10
auth SHA256


Log file for OpenVPN Client (on PC2):

https://justpaste.it/79309

IPCONFIG (PC2):

Code: Select all

>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : MyPC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home

Ethernet adapter ClientVPN:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-40-1C-84-DB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.200(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, October 20, 2019 12:13:42 AM
   Lease Expires . . . . . . . . . . : Monday, October 19, 2020 12:13:42 AM
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . : 192.168.1.0
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Desktop Adapter
   Physical Address. . . . . . . . . : 08-00-27-00-6C-E1
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.0.80(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, October 19, 2019 12:11:54 AM
   Lease Expires . . . . . . . . . . : Saturday, October 26, 2019 3:52:33 AM
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
OpenVPN Server's Conf (on PC1):

Server Config
port 40000
proto udp4
dev tap
dev-node ServerVPN
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\ServerVPN.crt"
key "C:\\Program Files\\OpenVPN\\config\\ServerVPN.key"
dh "C:\\Program Files\\OpenVPN\\config\\dh4096.pem"
topology subnet
ifconfig-pool-persist ipp.txt
server-bridge 192.168.1.74 255.255.255.0 192.168.1.200 192.168.1.210
push "redirect-gateway def1"
client-to-client
keepalive 10 120
tls-auth ta.key 0
cipher AES-256-CBC
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 4
explicit-exit-notify 1
push "block-outside-dns"
tls-version-min 1.2
auth SHA256


Log file for OpenVPN Server (on PC1):

https://justpaste.it/4xls5

IPCONFIG (PC1):

Code: Select all

>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : SomePC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Network Bridge:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : MAC Bridge Miniport
   Physical Address. . . . . . . . . : 1E-6F-65-E9-78-48
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.1.74(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, October 19, 2019 4:56:42 PM
   Lease Expires . . . . . . . . . . : Saturday, January 18, 2020 5:00:35 AM
   Default Gateway . . . . . . . . . : 192.168.1.254
   DHCP Server . . . . . . . . . . . : 192.168.1.254
   DNS Servers . . . . . . . . . . . : 192.168.1.254
   NetBIOS over Tcpip. . . . . . . . : Enabled
I have struggled with those problems in the last few days. Hope someone can help, or give advice/suggestion (I'm new to OpenVPN!).

Post Reply