------------
The goal is to replace our current VPN installation using PPTP with windows.
So what we want to do, is the same as we are doing with Windows VPN and PPTP
Users should access our company network (192.168.16.x/24) as if they were connected via a LAN cable. VPN Users should get an IP in the range of 192.168.16.64 to 192.168.16.80
That the status quo. Solved with Windows RRAS!
So this is the situation I installed:
- Router is reachable from extern via vpn.example.de (static IP).
- Open VPN Access Server has a NIC to the Router (IP 192.168.2.12)
- Router forwards required ports to VPN Access Server (Port 1194)
- Open VPN Access Server has a second NIC to the internal company network (IP 192.168.16.211)
- Open VPN Access Server is member of the current local network 192.168.16.211/24
In detail:
------------------
I installed the Access Server in a Hyper-V environment.
Attached two NICs
Internal 192.168.16.211/24, Gateway 192.168.16.205. DNS 192.168.16.201
Internet Router 192.168.2.12/24
The netplan file looks like this:
Code: Select all
network:
version: 2
renderer: networkd
ethernets:
eth0:
dhcp4: no
addresses: [192.168.16.211/24]
gateway4: 192.168.16.205
nameservers:
addresses: [192.168.16.201]
eth1:
dhcp4: no
addresses: [192.168.2.12/24]
The router is definitively working with the other forwardings and reachable under a static IP.
I can access the WebAdmin from internal. Of course I can reach the server from external.
The OpenVPV Connect Client get an error when connecting from the outside.
Any ideas to track down the problem?
Here the data from the client log.
Code: Select all
⏎[Aug 5, 2022, 08:11:38] Frame=512/2048/512 mssfix-ctrl=1250
⏎[Aug 5, 2022, 08:11:38] UNUSED OPTIONS
4 [nobind]
18 [sndbuf] [0]
19 [rcvbuf] [0]
22 [verb] [3]
34 [CLI_PREF_ALLOW_WEB_IMPORT] [True]
35 [CLI_PREF_BASIC_CLIENT] [False]
36 [CLI_PREF_ENABLE_CONNECT] [False]
37 [CLI_PREF_ENABLE_XD_PROXY] [True]
38 [WSHOST] [vpn.example.de:443]
39 [WEB_CA_BUNDLE] [-----BEGIN CERTIFICATE----- MIIDBjCCAe6gAwIBAgIEYuvTaTANBgkqhkiG...]
40 [IS_OPENVPN_WEB_CA] [1]
⏎[Aug 5, 2022, 08:11:38] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:11:38] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:11:38] EVENT: WAIT ⏎[Aug 5, 2022, 08:11:38] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:11:39] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:11:42] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:11:42] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:11:42] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:11:42] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:11:42] EVENT: WAIT ⏎[Aug 5, 2022, 08:11:42] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:11:43] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:11:46] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:11:46] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:11:46] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:11:46] EVENT: WAIT ⏎[Aug 5, 2022, 08:11:46] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:11:46] Connecting to [vpn.example.de]:443 (92.x.y.z) via TCPv4
⏎[Aug 5, 2022, 08:11:46] Transport Error: Transport error on 'vpn.example.de: TCP_SIZE_ERROR
⏎[Aug 5, 2022, 08:11:46] EVENT: TRANSPORT_ERROR Transport error on 'vpn.example.de: TCP_SIZE_ERROR⏎[Aug 5, 2022, 08:11:46] Client terminated, restarting in 5000 ms...
⏎[Aug 5, 2022, 08:11:51] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:11:51] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:11:51] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:11:51] EVENT: WAIT ⏎[Aug 5, 2022, 08:11:51] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:11:52] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:11:55] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:11:55] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:11:55] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:11:55] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:11:55] EVENT: WAIT ⏎[Aug 5, 2022, 08:11:55] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:11:56] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:11:59] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:11:59] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:11:59] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:11:59] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:11:59] EVENT: WAIT ⏎[Aug 5, 2022, 08:11:59] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:00] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:12:03] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:12:03] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:12:03] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:12:03] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:12:03] EVENT: WAIT ⏎[Aug 5, 2022, 08:12:03] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:04] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:12:07] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:12:07] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:12:07] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:12:07] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:12:07] EVENT: WAIT ⏎[Aug 5, 2022, 08:12:07] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:08] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:12:11] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:12:11] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:12:11] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:12:12] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:12:12] EVENT: WAIT ⏎[Aug 5, 2022, 08:12:12] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:12] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:12:15] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:12:15] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:12:15] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:12:16] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:12:16] EVENT: WAIT ⏎[Aug 5, 2022, 08:12:16] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:16] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:12:19] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:12:19] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:12:19] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:12:20] EVENT: WAIT ⏎[Aug 5, 2022, 08:12:20] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:20] Connecting to [vpn.example.de]:443 (92.x.y.z) via TCPv4
⏎[Aug 5, 2022, 08:12:20] Transport Error: Transport error on 'vpn.example.de: TCP_SIZE_ERROR
⏎[Aug 5, 2022, 08:12:20] EVENT: TRANSPORT_ERROR Transport error on 'vpn.example.de: TCP_SIZE_ERROR⏎[Aug 5, 2022, 08:12:20] Client terminated, restarting in 5000 ms...
⏎[Aug 5, 2022, 08:12:25] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:12:25] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:12:25] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:12:25] EVENT: WAIT ⏎[Aug 5, 2022, 08:12:25] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:25] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:12:29] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:12:29] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:12:29] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:12:29] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:12:29] EVENT: WAIT ⏎[Aug 5, 2022, 08:12:29] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:29] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:12:33] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:12:33] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:12:33] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:12:33] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:12:33] EVENT: WAIT ⏎[Aug 5, 2022, 08:12:33] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:33] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:12:37] Server poll timeout, trying next remote entry...
⏎[Aug 5, 2022, 08:12:37] EVENT: RECONNECTING ⏎[Aug 5, 2022, 08:12:37] EVENT: RESOLVE ⏎[Aug 5, 2022, 08:12:37] Contacting 92.x.y.z:1194 via UDP
⏎[Aug 5, 2022, 08:12:37] EVENT: WAIT ⏎[Aug 5, 2022, 08:12:37] WinCommandAgent: transmitting bypass route to 92.x.y.z
{
"host" : "92.x.y.z",
"ipv6" : false
}
⏎[Aug 5, 2022, 08:12:37] Connecting to [vpn.example.de]:1194 (92.x.y.z) via UDPv4
⏎[Aug 5, 2022, 08:12:38] EVENT: CONNECTION_TIMEOUT BYTES_IN : 610
BYTES_OUT : 2146
PACKETS_IN : 2
PACKETS_OUT : 51
TRANSPORT_ERROR : 2
TCP_SIZE_ERROR : 2
CONNECTION_TIMEOUT : 1
N_RECONNECT : 14
⏎[Aug 5, 2022, 08:12:38] EVENT: DISCONNECTED ⏎