client cannot browse internet - routing?

[swolly]

Hi,
Sorry for creating a registration just to ask for help :/ but i've been trying to solve this for weeks without success.
I have already searched the hell out of this forum & tried as much as I can think of.
I suspect a routing issue, but i'm not a network person so this is beyond me.

I use a paid vpn service with openvpn2.2.1 (gui 1.0.3).
It used to work fine.
Their support aint exactly responsive or helpful yet.
This stopped working for me a few weeks back.
It still connects (green in systray - see log below) but I cannot browse the net?
But I can do a tracert over the vpn to google.com and see a valid path - see below.
Win7 64 networking centre on my client says "unidentified network, no internet".

I have tried disabling windows firewall & my router firewell & my AV (Msoft security essentials) for the install process.
I'm running the gui as adminstrator.
I'm completely stumped.

But the tracert working makes me think this is routing.
So routes tables posted below.

I have already tried uninstalling the openvpn client, then downloading again (openvpn v2.2.1 with gui v1.0.3) & reinstalling.
I can ping http://www.google.se and see it go out via the VPN service and returns a ping.
I can tracert to http://www.google.se and can see it go from the vpn provider to google.com.

If I type in http://www.google.com in my internet browser it sends the request, then sits there "waiting for webpage".
But the webpage never loads, neither will any other webpage.

I have tried turning my AntiVirus off (microsoft security essentials) during the openvpn client reinstall = no change to the situation.
And also having this AV off entirely while installing openvpn & connecting = no change to the situation.
I'm running openvpn as administrator already.

Below is a route print before connecting & a route print after connecting & a tracert to http://www.google.com after connecting.
I can’t think of anything more information I could give to help

Help please!
Thanks in advance.


Route Print Before connect;
http://dl.dropbox.com/u/13529688/routep ... onnect.PNG

Route Print After connect;
http://dl.dropbox.com/u/13529688/routep ... onnect.PNG

Tracert after connect;
http://dl.dropbox.com/u/13529688/tracer ... onnect.PNG

ipconfig /all after connect;
http://dl.dropbox.com/u/13529688/ipconf ... onnect.PNG

OpenVPN connect log;

Sat Nov 05 10:21:46 2011 OpenVPN 2.2.1 Win32-MSVC++ [SSL] [LZO2] built on Jul 1 2011
Sat Nov 05 10:21:52 2011 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Sat Nov 05 10:21:52 2011 LZO compression initialized
Sat Nov 05 10:21:52 2011 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Sat Nov 05 10:21:52 2011 Socket Buffers: R=[8192->8192] S=[64512->64512]
Sat Nov 05 10:21:52 2011 RESOLVE: NOTE: openvpn-2.anonine.net resolves to 12 addresses
Sat Nov 05 10:21:52 2011 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Sat Nov 05 10:21:52 2011 Local Options hash (VER=V4): 'd79ca330'
Sat Nov 05 10:21:52 2011 Expected Remote Options hash (VER=V4): 'f7df56b8'
Sat Nov 05 10:21:52 2011 UDPv4 link local: [undef]
Sat Nov 05 10:21:52 2011 UDPv4 link remote: 178.73.215.167:1197
Sat Nov 05 10:21:52 2011 TLS: Initial packet from 178.73.215.167:1197, sid=cd98360b 65044fb9
Sat Nov 05 10:21:52 2011 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Sat Nov 05 10:21:52 2011 VERIFY OK: depth=1, /C=SE/ST=Calisota/L=Ankeborg/O=Anonine/OU=VPN/CN=Anonine_CA/emailAddress=support@anonine.com
Sat Nov 05 10:21:52 2011 VERIFY OK: nsCertType=SERVER
Sat Nov 05 10:21:52 2011 VERIFY OK: depth=0, /C=SE/ST=Calisota/L=Ankeborg/O=Anonine/CN=paaliaq/emailAddress=support@anonine.com
Sat Nov 05 10:21:53 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 05 10:21:53 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 05 10:21:53 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Sat Nov 05 10:21:53 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Sat Nov 05 10:21:53 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Sat Nov 05 10:21:53 2011 [paaliaq] Peer Connection Initiated with 178.73.215.167:1197
Sat Nov 05 10:21:55 2011 SENT CONTROL [paaliaq]: 'PUSH_REQUEST' (status=1)
Sat Nov 05 10:21:55 2011 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 80.67.0.2,dhcp-option DNS 91.213.246.2,route-gateway 178.73.196.129,ping 10,ping-restart 30,ifconfig 178.73.196.177 255.255.255.128'
Sat Nov 05 10:21:55 2011 OPTIONS IMPORT: timers and/or timeouts modified
Sat Nov 05 10:21:55 2011 OPTIONS IMPORT: --ifconfig/up options modified
Sat Nov 05 10:21:55 2011 OPTIONS IMPORT: route options modified
Sat Nov 05 10:21:55 2011 OPTIONS IMPORT: route-related options modified
Sat Nov 05 10:21:55 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Sat Nov 05 10:21:55 2011 ROUTE default_gateway=192.168.0.1
Sat Nov 05 10:21:55 2011 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{80684F6A-8E69-4F6F-BE2C-D65FFB4DD4D1}.tap
Sat Nov 05 10:21:55 2011 TAP-Win32 Driver Version 9.8
Sat Nov 05 10:21:55 2011 TAP-Win32 MTU=1500
Sat Nov 05 10:21:55 2011 Notified TAP-Win32 driver to set a DHCP IP/netmask of 178.73.196.177/255.255.255.128 on interface {80684F6A-8E69-4F6F-BE2C-D65FFB4DD4D1} [DHCP-serv: 178.73.196.128, lease-time: 31536000]
Sat Nov 05 10:21:55 2011 Successful ARP Flush on interface [16] {80684F6A-8E69-4F6F-BE2C-D65FFB4DD4D1}
Sat Nov 05 10:22:00 2011 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Sat Nov 05 10:22:00 2011 C:\WINDOWS\system32\route.exe ADD 178.73.215.167 MASK 255.255.255.255 192.168.0.1
Sat Nov 05 10:22:00 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Sat Nov 05 10:22:00 2011 Route addition via IPAPI succeeded [adaptive]
Sat Nov 05 10:22:00 2011 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 178.73.196.129
Sat Nov 05 10:22:00 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sat Nov 05 10:22:00 2011 Route addition via IPAPI succeeded [adaptive]
Sat Nov 05 10:22:00 2011 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 178.73.196.129
Sat Nov 05 10:22:00 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Sat Nov 05 10:22:00 2011 Route addition via IPAPI succeeded [adaptive]
Sat Nov 05 10:22:00 2011 Initialization Sequence Completed

[Mimiko]

Why you are giving inconsistent data? From log you a assigned not the same IP as from ipconfig screen.
On Local Area Connection 3 check Automatic metric box in advance IP setting.

[swolly]

Sorry
Was rushing to post before going to work.

I have corrected the above, I hope, as I have just screen captured and pasted log from a new OpenVPN connect this morning.

I have also checked that the automatic metric box is checked on LAN3. It is checked - the inconsistency you spotted there was from me randomly trying things the other day in attempts to make this work. unsuccessfully.

Thanks for looking at this

[Mimiko]

If the brouwser is not configured to use proxy, then the OpenVPN rpovider you pay, just blocks the internet, as the trace is working, the blocked TCP and UDP, leaving only IGMP.

[swolly]

Ok but thats odd as I didn't need a proxy for browser before when it worked. And when I use the same providers pptp vpn i can browse with no problems just like i used to with openvpn.
Also the reply from their support and setup guide didn't mention need for a browser proxy.

[Mimiko]

First, reinstall OpenVPN. Then disable IPv6 support on tun adapter.
If this will not work, then ask the persons to whom you pay to resolve the problem, as you don't have any access to OpenVPN server configuration, like routing and firewall.

[swolly]

ok thanks for looking Mimiko.
I will do the above and then see if I can get any sense out of their support team.