Cannot Tunnel Local Connection

[grafstring]

Hello,

I'm trying to set up a VPN, but I seem to have run into some trouble.
Here's my client.ovpn

Code: Select all

client
dev tap
#dev-node MyTAP
proto udp
remote (censored).dyndns.org 19925
route 192.168.1.0 255.255.255.0 vpn_gateway 3
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\sami.crt" 
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\sami.key"  
tls-auth ta.key 1
ns-cert-type server
cipher AES-128-CBC
comp-lzo
verb 1

Here's my server.ovpn

Code: Select all

local 192.168.1.150
port 19925
proto udp
mssfix 1400
push "dhcp-option DNS 8.8.8.8"   
#push "dhcp-option DNS 8.8.4.4"
dev tap
#dev-node MyTAP 
ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"  
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"
tls-auth ta.key 0   
server 192.168.10.0 255.255.255.128 
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"   
keepalive 10 120
cipher AES-128-CBC  
comp-lzo
max-clients 6   
persist-key
persist-tun
status openvpn-status.log
verb 1

So, I connect just fine to the VPN, and I try to ping the server @ 192.168.10.1. It pings fine. I try to ping my router @ 192.168.1.1. All my pings time out. I try to ping google, and it doesn't even get the IP. So I'm thinking something is up with my DNS servers. I'm using Google DNS because Comcast DNS is really unreliable in this area.

Also, I get this message in my client log:
WARNING: potential route subnet conflict between local LAN [192.168.1.0/255.255.255.0] and remote VPN [192.168.1.0/255.255.255.0]

So I check out the routing tables, and they look pretty normal.


So, I don't know if this is a problem with my configuration, or if I can't use the internet behind my home VPN, because I haven't tested the VPN from another, remote site. Can anyone shed some light on this?

[maikcat]

hi there,

>WARNING: potential route subnet conflict between local LAN [192.168.1.0/255.255.255.0] and remote VPN [192.168.1.0/255.255.255.0]

this means that both lans (client & server) have 192.168.1.0 subnet..

it wont work this way.

Michael

[grafstring]

hi there,

>WARNING: potential route subnet conflict between local LAN [192.168.1.0/255.255.255.0] and remote VPN [192.168.1.0/255.255.255.0]

this means that both lans (client & server) have 192.168.1.0 subnet..

it wont work this way.

Michael

It looks like I set up the VPN to the 192.168.10.X, and the local to 192.168.1.X. So how is there a conflict?

[maikcat]

hi there,

it says about your lan ips not vpn...

what lan ip your client has?

Michael.

[grafstring]

hi there,

it says about your lan ips not vpn...

what lan ip your client has?

Michael.

My LAN IP for the client is 192.168.1.X

[maikcat]

please remove this from client config

>route 192.168.1.0 255.255.255.0 vpn_gateway 3

Michael

[grafstring]

please remove this from client config

>route 192.168.1.0 255.255.255.0 vpn_gateway 3

Michael

Well, it's resolving domain names to IP addresses, but pinging shows that all my requests time out.

[maikcat]

user bebop wrote a very nice howto
please take a look here..

topic7806.html

Michael.

[grafstring]

Okay, that page worked in that I have internet access behind my local connection. But when I run a tracert, I still see my router as the first step. Shouldn't I see my server first?