Openvpn with windows 7 client

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
blaser
OpenVpn Newbie
Posts: 16
Joined: Fri Mar 23, 2012 8:04 pm

Openvpn with windows 7 client

Post by blaser » Fri Mar 23, 2012 8:46 pm

I have openvpn server running on my router at using using DD-WRT distribution, everything was working fine when I had winxp on my laptop.
After switching to win7 I noticed that I can't use home network at default gateway anymore checking with http://www.whatismyip.com but hotel network.

I noticed that in the client windows I get an error message when openvpn trying to push route:

Code: Select all

ERROR: Windows route add command failed [adaptive]: returned error code 1
C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 192.168.1.1
ROUTE: route addition failed using CreateIpForwardEntry: Access is denied.   [status=5 if_index=23]
Route addition via IPAPI failed [adaptive]
Route addition fallback to route.exe
The requested operation requires elevation.
I decided to start openvpngui as Administrator this time I didn't get the error message any more the the gateway was pushed with incorrect subnet mask.

Code: Select all

C:\WINDOWS\system32\route.exe ADD "my home ip address" MASK 255.255.255.255 192.168.72.1
ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=20 and dwForwardType=4
Route addition via IPAPI succeeded [adaptive]
C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 192.168.1.1
ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Route addition via IPAPI succeeded [adaptive]
C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 192.168.1.1
ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Route addition via IPAPI succeeded [adaptive]
Initialization Sequence Completed
The mask being pushed is 128.0.0.1 instead of 0.0.0.0 why?

My router openvpn server configuration is:

Code: Select all

mode server
tls-server
port 1194
#proto udp 
proto tcp-server 
dev tap0 
ca /tmp/openvpn/ca.crt 
cert /tmp/openvpn/cert.pem 
key /tmp/openvpn/key.pem 
dh /tmp/openvpn/dh.pem 
server-bridge 192.168.1.1 255.255.255.0 192.168.1.100 192.168.1.105 
push "redirect-gateway def1" 
push "dhcp-option DNS 192.168.1.1" 
management localhost 5002 
client-to-client 
daemon 
keepalive 10 120 
tls-auth /tmp/openvpn/ta.key 0 
#cipher AES-256-CBC 
cipher BF-CBC
comp-lzo 
persist-key 
persist-tun 
verb 1
My Startup script on the server is

Code: Select all

openvpn --mktun --dev tap0
brctl addif br0 tap0
ifconfig tap0 0.0.0.0 promisc up
My firewall configuration is

Code: Select all

iptables -t nat -I PREROUTING -p tcp --dport 1194 -d 192.168.1.1 -j ACCEPT
iptables -I INPUT -p tcp --dport 1194 -j ACCEPT
iptables -t nat -I PREROUTING -p tcp -d `nvram get wan_ipaddr` --dport 1194 -j ACCEPT
Any help will be appreciated
Top
User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:
Contact janjust

Re: Openvpn with windows 7 client

Post by janjust » Fri Mar 23, 2012 9:54 pm

The mask being pushed is 128.0.0.1 instead of 0.0.0.0 why?
this is normal behavior when using 'redirect-gateway def1' - read the man page for details.


As for not being able to access your home network: that all depends on routing on the client side. What does the routing table look like after the VPN connection is established?
Top
blaser
OpenVpn Newbie
Posts: 16
Joined: Fri Mar 23, 2012 8:04 pm

Re: Openvpn with windows 7 client

Post by blaser » Mon Mar 26, 2012 12:23 pm

After I started it as Administrator and rebooted everything looks good.
Top
Post Reply

Return to “Scripting and Customizations”