VPN connection established but no access

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
anishm
OpenVpn Newbie
Posts: 1
Joined: Fri Sep 14, 2018 11:27 am

VPN connection established but no access

Post by anishm » Mon Sep 17, 2018 3:26 pm

Hello everyone,

I've been trying to set up a VPN between windows server 2016 and mac os x client.

The connection gets established but I can not access the resources.
The internet connection is also gone. What I really wanted to do is split vpn.

This is the configuration on the Server:

Code: Select all

#################################################
#################################################
#listen on IPv4
local 10.0.60.51
 
#the default port is 1194
port 1194
 
#UDP protocol chosen for better protection against DoS attacks and port scanning
proto udp
 
#using routed IP tunnel
dev tun
 
# ----------------------------------------------
# Zertifikate
# ----------------------------------------------
 
dh ..//server-keys//dh4096.pem
ca ..//server-keys//ca.crt
cert ..//server-keys//lexp-svr-101.crt
key ..//server-keys//lexp-svr-101.key
 
# ----------------------------------------------
# Server-Setup
# ----------------------------------------------
 
#set OpenVPN subnet
server 10.64.60.0 255.255.255.0
 
#maintain a record of client-to-virtual-IP-address
ifconfig-pool-persist ipp.txt
 
#cryptographic cipher, must be the same (copied) on the client config file as well
#cipher AES-256-CBC
 
client-to-client
 
# ----------------------------------------------
# Client-Settings (inkl Special Dir)Files
# ----------------------------------------------
 
#client-config-dir "C:\Program Files\OpenVPN\ccd"
push "route 10.0.60.0 255.255.255.0"
 
 
# ----------------------------------------------
# Defaults
# ----------------------------------------------
 
#ping every 10 seconds, assume that remote peer is down if no ping received during 60
keepalive 10 120
 
#enable compression on VPN link
 
 
#try to preserve some state across restarts
persist-key
persist-tun
 
# ----------------------------------------------
# Logging
# ----------------------------------------------
 
status ..//log//openvpn-status.log
log ..//log//openvpn.log
log-append ..//log//openvpn.log
verb 3


This is the configuration on the client side:

Code: Select all

client

dev tun

proto udp
remote xx.xx.xx.xx 1194

resolv-retry infinite

nobind

persist-key
persist-tun

ca ca.crt
cert Client101.crt
key Client101.key

verb 3

Here is the Log from the server:

Code: Select all


Fri Sep 14 13:30:06 2018 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Fri Sep 14 13:30:06 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Sep 14 13:30:06 2018 library versions: OpenSSL 1.1.0h  27 Mar 2018, LZO 2.10
Fri Sep 14 13:30:06 2018 Diffie-Hellman initialized with 4096 bit key
Fri Sep 14 13:30:06 2018 interactive service msg_channel=0
Fri Sep 14 13:30:06 2018 ROUTE_GATEWAY 10.0.60.1/255.255.255.0 I=7 HWADDR=00:15:5d:00:21:44
Fri Sep 14 13:30:06 2018 open_tun
Fri Sep 14 13:30:06 2018 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{3E90E92C-804C-41E9-A426-D4B5AF661931}.tap
Fri Sep 14 13:30:06 2018 TAP-Windows Driver Version 9.21
Fri Sep 14 13:30:06 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.64.60.1/255.255.255.252 on interface {3E90E92C-804C-41E9-A426-D4B5AF661931} [DHCP-serv: 10.64.60.2, lease-time: 31536000]
Fri Sep 14 13:30:06 2018 Sleeping for 10 seconds...
Fri Sep 14 13:30:16 2018 Successful ARP Flush on interface [8] {3E90E92C-804C-41E9-A426-D4B5AF661931}
Fri Sep 14 13:30:16 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Sep 14 13:30:16 2018 C:\Windows\system32\route.exe ADD 10.64.60.0 MASK 255.255.255.0 10.64.60.2
Fri Sep 14 13:30:16 2018 Warning: route gateway is not reachable on any active network adapters: 10.64.60.2
Fri Sep 14 13:30:16 2018 Route addition via IPAPI failed [adaptive]
Fri Sep 14 13:30:16 2018 Route addition fallback to route.exe
Fri Sep 14 13:30:16 2018 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Fri Sep 14 13:30:16 2018 Could not determine IPv4/IPv6 protocol. Using AF_INET
Fri Sep 14 13:30:16 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Sep 14 13:30:16 2018 UDPv4 link local (bound): [AF_INET]10.0.60.51:1194
Fri Sep 14 13:30:16 2018 UDPv4 link remote: [AF_UNSPEC]
Fri Sep 14 13:30:16 2018 MULTI: multi_init called, r=256 v=256
Fri Sep 14 13:30:16 2018 IFCONFIG POOL: base=10.64.60.4 size=62, ipv6=0
Fri Sep 14 13:30:16 2018 ifconfig_pool_read(), in='Client101,10.64.60.4', TODO: IPv6
Fri Sep 14 13:30:16 2018 succeeded -> ifconfig_pool_set()
Fri Sep 14 13:30:16 2018 IFCONFIG POOL LIST
Fri Sep 14 13:30:16 2018 Client101,10.64.60.4
Fri Sep 14 13:30:16 2018 Initialization Sequence Completed
Log from the client (netstat -nr)

Code: Select all

Internet:
Destination        Gateway            Flags        Refs      Use   Netif Expire
default            192.168.17.1       UGSc          165      113     en0
10.0.60/24         10.64.60.5         UGSc            0        5   utun2
10.64.60/24        10.64.60.5         UGSc            0        0   utun2
10.64.60.5         10.64.60.6         UH              2        0   utun2
127                127.0.0.1          UCS             0        0     lo0
127.0.0.1          127.0.0.1          UH              7     4714     lo0
169.254            link#5             UCS             0        0     en0
192.168.17         link#5             UCS             3        0     en0
192.168.17.1/32    link#5             UCS             1        0     en0
192.168.17.1       90:6c:ac:13:7d:4b  UHLWIir        36      594     en0   1198
192.168.17.9       80:2a:a8:8d:2b:74  UHLWI           0        6     en0    530
192.168.17.157     link#5             UHLWIi          1        2     en0
192.168.17.158/32  link#5             UCS             1        0     en0
192.168.17.158     f4:5c:89:ad:c5:1f  UHLWI           0       48     lo0
192.168.17.168     34:2:86:b4:a:6e    UHLWIi          1      271     en0    514
224.0.0/4          link#5             UmCS            3        0     en0
224.0.0.251        1:0:5e:0:0:fb      UHmLWI          0        0     en0
224.6.7.8          1:0:5e:6:7:8       UHmLWI          0        3     en0
239.255.255.250    1:0:5e:7f:ff:fa    UHmLWI          0       26     en0
255.255.255.255/32 link#5             UCS             0        0     en0

Internet6:
Destination                             Gateway                         Flags         Netif Expire
default                                 fe80::%utun0                    UGcI          utun0
default                                 fe80::%utun1                    UGcI          utun1
::1                                     ::1                             UHL             lo0
fe80::%lo0/64                           fe80::1%lo0                     UcI             lo0
fe80::1%lo0                             link#1                          UHLI            lo0
fe80::%en0/64                           link#5                          UCI             en0
fe80::8f1:755:d380:d52f%en0             f4:5c:89:ad:c5:1f               UHLI            lo0
fe80::%awdl0/64                         link#7                          UCI           awdl0
fe80::70f7:77ff:fef6:878e%awdl0         72:f7:77:f6:87:8e               UHLI            lo0
fe80::%utun0/64                         fe80::9ad6:4cb5:b4ea:b001%utun0 UcI           utun0
fe80::9ad6:4cb5:b4ea:b001%utun0         link#11                         UHLI            lo0
fe80::%utun1/64                         fe80::978:5a3a:5b1a:5d85%utun1  UcI           utun1
fe80::978:5a3a:5b1a:5d85%utun1          link#12                         UHLI            lo0
ff01::%lo0/32                           ::1                             UmCI            lo0
ff01::%en0/32                           link#5                          UmCI            en0
ff01::%awdl0/32                         link#7                          UmCI          awdl0
ff01::%utun0/32                         fe80::9ad6:4cb5:b4ea:b001%utun0 UmCI          utun0
ff01::%utun1/32                         fe80::978:5a3a:5b1a:5d85%utun1  UmCI          utun1
ff02::%lo0/32                           ::1                             UmCI            lo0
ff02::%en0/32                           link#5                          UmCI            en0
ff02::%awdl0/32                         link#7                          UmCI          awdl0
ff02::%utun0/32                         fe80::9ad6:4cb5:b4ea:b001%utun0 UmCI          utun0
ff02::%utun1/32                         fe80::978:5a3a:5b1a:5d85%utun1  UmCI          utun1
Thank you for the help.

Regards

Post Reply