Server not pushing correct routing information

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
testingFuture
OpenVpn Newbie
Posts: 1
Joined: Thu Jul 14, 2011 3:56 am

Server not pushing correct routing information

Post by testingFuture » Thu Jul 14, 2011 4:14 am

Well folks, I am completely lost. All of my clients were working perfectly, and then one day the VPN just broke... I don't remember changing anything. I have searched around, but I can't seem to find a solution that works. Perhaps you could help.

Code: Select all

Ethernet adapter OpenVPN:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::594b:68ab:32ac:b988%14
   IPv4 Address. . . . . . . . . . . : 10.8.0.6
   Subnet Mask . . . . . . . . . . . : 255.255.255.252
   Default Gateway . . . . . . . . . : 10.8.0.5

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::e97e:3504:8536:80e7%12
   IPv4 Address. . . . . . . . . . . : 192.168.1.99
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . :
Here is a copy of my ipconfig output on my Windows 7-based client. As you can see the default gateway is 10.8.0.5 when it should be 10.8.0.1... Also my default gateway for my NIC is not present. But what boggles my mind is that in my ipp.txt on my server this clients IP should be 10.8.0.4.

Code: Select all

# Client config
client

dev tun
dev-node OpenVPN
proto udp
remote *HIDDEN* 8887
resolv-retry infinite
nobind
persist-key
persist-tun
# file can be used for all clients.
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\client1.crt"
key "C:\\Program Files\\OpenVPN\\config\\client1.key"
comp-lzo
verb 3

Code: Select all

# Server config
port 8887
proto udp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key  # This file should be kept secret
dh /etc/openvpn/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push redirect-gateway
keepalive 10 120
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3

Code: Select all

# Connection log
Wed Jul 13 23:02:22 2011 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul  1 2011
Wed Jul 13 23:02:22 2011 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
Wed Jul 13 23:02:22 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Wed Jul 13 23:02:22 2011 LZO compression initialized
Wed Jul 13 23:02:22 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Jul 13 23:02:22 2011 Socket Buffers: R=[8192->8192] S=[8192->8192]
Wed Jul 13 23:02:22 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Jul 13 23:02:22 2011 Local Options hash (VER=V4): '41690919'
Wed Jul 13 23:02:22 2011 Expected Remote Options hash (VER=V4): '530fdded'
Wed Jul 13 23:02:22 2011 UDPv4 link local: [undef]
Wed Jul 13 23:02:22 2011 UDPv4 link remote: *HIDDEN*:8887
Wed Jul 13 23:02:22 2011 TLS: Initial packet from *HIDDEN*:8887, sid=78cfcc1b 8b18460d
Wed Jul 13 23:02:25 2011 VERIFY OK: depth=1, /C=*HIDDEN*/ST=*HIDDEN*/L=*HIDDEN*/O=*HIDDEN*/CN=*HIDDEN*/emailAddress=*HIDDEN*
Wed Jul 13 23:02:25 2011 VERIFY OK: depth=0, /C=*HIDDEN*/ST=*HIDDEN*/L=*HIDDEN*/O=*HIDDEN*/CN=server/emailAddress=*HIDDEN*
Wed Jul 13 23:02:26 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Jul 13 23:02:26 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 13 23:02:26 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Wed Jul 13 23:02:26 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Jul 13 23:02:26 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Jul 13 23:02:26 2011 [server] Peer Connection Initiated with *HIDDEN*:8887
Wed Jul 13 23:02:28 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Jul 13 23:02:28 2011 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Wed Jul 13 23:02:28 2011 OPTIONS IMPORT: timers and/or timeouts modified
Wed Jul 13 23:02:28 2011 OPTIONS IMPORT: --ifconfig/up options modified
Wed Jul 13 23:02:28 2011 OPTIONS IMPORT: route options modified
Wed Jul 13 23:02:28 2011 ROUTE default_gateway=192.168.1.1
Wed Jul 13 23:02:29 2011 TAP-WIN32 device [OpenVPN] opened: \\.\Global\{7F3F0B85-2F3A-4576-B849-45C2D7D25E0B}.tap
Wed Jul 13 23:02:29 2011 TAP-Win32 Driver Version 9.8 
Wed Jul 13 23:02:29 2011 TAP-Win32 MTU=1500
Wed Jul 13 23:02:29 2011 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {7F3F0B85-2F3A-4576-B849-45C2D7D25E0B} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Wed Jul 13 23:02:29 2011 Successful ARP Flush on interface [14] {7F3F0B85-2F3A-4576-B849-45C2D7D25E0B}
Wed Jul 13 23:02:34 2011 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Wed Jul 13 23:02:34 2011 C:\WINDOWS\system32\route.exe ADD *HIDDEN* MASK 255.255.255.255 192.168.1.1
Wed Jul 13 23:02:34 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Wed Jul 13 23:02:34 2011 Route addition via IPAPI succeeded [adaptive]
Wed Jul 13 23:02:34 2011 C:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 0.0.0.0 192.168.1.1
Wed Jul 13 23:02:34 2011 Route deletion via IPAPI succeeded [adaptive]
Wed Jul 13 23:02:34 2011 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 0.0.0.0 10.8.0.5
Wed Jul 13 23:02:34 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Wed Jul 13 23:02:34 2011 Route addition via IPAPI succeeded [adaptive]
Wed Jul 13 23:02:34 2011 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Wed Jul 13 23:02:34 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Wed Jul 13 23:02:34 2011 Route addition via IPAPI succeeded [adaptive]
Wed Jul 13 23:02:34 2011 Initialization Sequence Completed
Wed Jul 13 23:02:44 2011 TCP/UDP: Closing socket
Wed Jul 13 23:02:44 2011 C:\WINDOWS\system32\route.exe DELETE 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Wed Jul 13 23:02:45 2011 Route deletion via IPAPI succeeded [adaptive]
Wed Jul 13 23:02:45 2011 C:\WINDOWS\system32\route.exe DELETE *HIDDEN* MASK 255.255.255.255 192.168.1.1
Wed Jul 13 23:02:45 2011 Route deletion via IPAPI succeeded [adaptive]
Wed Jul 13 23:02:45 2011 C:\WINDOWS\system32\route.exe DELETE 0.0.0.0 MASK 0.0.0.0 10.8.0.5
Wed Jul 13 23:02:45 2011 Route deletion via IPAPI succeeded [adaptive]
Wed Jul 13 23:02:45 2011 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 0.0.0.0 192.168.1.1
Wed Jul 13 23:02:45 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Wed Jul 13 23:02:45 2011 Route addition via IPAPI succeeded [adaptive]
Wed Jul 13 23:02:45 2011 Closing TUN/TAP interface
Wed Jul 13 23:02:45 2011 SIGTERM[hard,] received, process exiting
Top
User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:
Contact maikcat

Re: Server not pushing correct routing information

Post by maikcat » Thu Jul 14, 2011 6:04 pm

hi there,

in your server config change this

>push redirect-gateway

to this

push "redirect-gateway def1"

Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"
Top
Post Reply

Return to “Configuration”