There is a problem in your selection of --ifconfig endpoints

[janhoedt]

Openvpn always worked fine. It still does from my Iphone. Suddenly from a Windows XP machine I cannot connect anymore.
Please help!

Mon Jan 23 09:00:23 2012 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 192.168.33.0 255.255.255.0,route 192.168.33.1,topology net30,ping 10,ping-restart 60,ifconfig 192.168.33.6 255.255.255.0'
Mon Jan 23 09:00:23 2012 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jan 23 09:00:23 2012 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jan 23 09:00:23 2012 OPTIONS IMPORT: route options modified
Mon Jan 23 09:00:23 2012 WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (255.255.255.0) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
Mon Jan 23 09:00:23 2012 ROUTE default_gateway=10.161.21.220
Mon Jan 23 09:00:23 2012 There is a problem in your selection of --ifconfig endpoints [local=192.168.33.6, remote=255.255.255.0]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of --dev tun when used with the TAP-WIN32 driver. Try 'openvpn --show-valid-subnets' option for more info.
Mon Jan 23 09:00:23 2012 Exiting

This is my clientconfig:
dev tun
tls-client

remote mysite 8080


# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)

#redirect-gateway
#auth-nocache

#auto-proxy

pull

proto tcp-client
#proto udp

script-security 2

ca ca.crt

comp-lzo

reneg-sec 0

auth-user-pass

verb 3

----
THIS IS THE SERVERCONFIG (WORKED FOR MONTHS NOW):

#push "redirect-gateway def1"


#route 10.0.0.0 255.0.0.0 net_gateway
#route 172.16.0.0 255.240.0.0 net_gateway
#route 192.168.0.0 255.255.0.0 net_gateway

push "route 192.168.1.0 255.255.255.0"
push "route 192.168.33.0 255.255.255.0"
dev tun

management 192.168.1.6 1195

server 192.168.33.0 255.255.255.0


dh /usr/local/synovpn/etc/openvpn/keys/dh1024.pem
ca /usr/local/synovpn/etc/openvpn/keys/ca.crt
cert /usr/local/synovpn/etc/openvpn/keys/server.crt
key /usr/local/synovpn/etc/openvpn/keys/server.key

max-clients 5

comp-lzo

persist-tun
persist-key

verb 3

#log-append /var/log/openvpn.log

keepalive 10 60
reneg-sec 0

plugin /usr/local/synovpn/lib/radiusplugin.so /usr/local/synovpn/etc/openvpn/rad
client-cert-not-required
username-as-common-name
duplicate-cn
proto tcp
~
~
~
~
~
- /usr/syno/etc/synovpn/openvpn/openvpn.conf 23/40 57%

[Mimiko]

remove "tls-client" and "proto tcp-client" from client config file and add "client" and "proto tcp" insted.

[janjust]

something went awry on the server: the following config was pushed:

topology net30
ifconfig 192.168.33.6 255.255.255.0

that's an inconsistent message; check the server config, restart the openvpn server process and reconnect. What should have been pushed is either

Code: Select all

topology subnet
ifconfig 192.168.33.6 255.255.255.0

or

Code: Select all

topology net30
ifconfig 192.168.33.6 192.168.33.5

did you add a 'client-config-dir' file?