Client connects, but no ping and no servers reachable (iOS)

Official client software for OpenVPN Access Server and OpenVPN Cloud.
Post Reply
housemaister
OpenVpn Newbie
Posts: 2
Joined: Mon Jan 21, 2013 10:54 am

Client connects, but no ping and no servers reachable (iOS)

Post by housemaister » Mon Jan 21, 2013 10:59 am

As there is no specific iOS forum (yet), I post my question here.

I am able to connect to our company openvpn server, but I can't reach any servers in our network.

When I try to ping the client ip, I see the Bytes In counter in the Connection Details counting up.

Colleagues use the Android Version of OpenVPN Connect successfully.
Their devices are pingable.

Below I pasted the log. I anonymized only a few things. And also the
config (anonymized more)


Thanks for your help,
best regards,
Stefan

log:

2013-01-17 17:10:29 Session invalidated
2013-01-17 17:10:29 Client terminated, restarting in 2...
2013-01-17 17:10:31 EVENT: RECONNECTING
2013-01-17 17:10:31 LZO-ASYM init swap=0 asym=0
2013-01-17 17:10:31 EVENT: RESOLVE
2013-01-17 17:10:32 EVENT: WAIT
2013-01-17 17:10:32 Connecting to server.domain.com:1196 (a.b.c.d)
via UDPv4
2013-01-17 17:10:32 EVENT: CONNECTING
2013-01-17 17:10:32 Tunnel Options:V4,dev-type tun,link-mtu 1542,tun-mtu
1500,proto UDPv4,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize
128,tls-auth,key-method 2,tls-client
2013-01-17 17:10:32 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
IV_LZO=1

2013-01-17 17:10:33 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=DE, ST=BA, L=location, O=organization, OU=Mobiles,
CN=organization CA, 0x29=Mobilevpn, emailAddress=linux_admin@domain.com
subject name : C=DE, ST=BA, L=location, O=organization, OU=Mobiles,
CN=mobilevpn, 0x29=mobilevpn, emailAddress=linux_admin@domain.com
issued on : 2012-10-09 15:33:54
expires on : 2022-10-07 15:33:54
signed using : RSA+SHA1
RSA key size : 1024 bits

2013-01-17 17:10:33 VERIFY OK: depth=1
cert. version : 3
serial number : AE:B8:03:AE:99:91:D6:34
issuer name : C=DE, ST=BA, L=location, O=organization, OU=Mobiles,
CN=organization CA, 0x29=Mobilevpn, emailAddress=linux_admin@domain.com
subject name : C=DE, ST=BA, L=location, O=organization, OU=Mobiles,
CN=organization CA, 0x29=Mobilevpn, emailAddress=linux_admin@domain.com
issued on : 2012-10-09 15:32:37
expires on : 2022-10-07 15:32:37
signed using : RSA+SHA1
RSA key size : 1024 bits

2013-01-17 17:10:33 SSL Handshake: TLSv1.0/SSL-EDH-RSA-AES-256-SHA
2013-01-17 17:10:33 Session is ACTIVE
2013-01-17 17:10:34 EVENT: GET_CONFIG
2013-01-17 17:10:34 Sending PUSH_REQUEST to server...
2013-01-17 17:10:34 OPTIONS:
0 [route] [172.16.0.0] [255.240.0.0]
1 [route] [192.168.8.0] [255.255.252.0]
2 [route] [192.168.12.0] [255.255.255.0]
3 [route] [192.168.13.0] [255.255.255.0]
4 [route] [192.168.14.0] [255.255.255.0]
5 [route] [192.168.15.0] [255.255.255.0]
6 [dhcp-option] [DNS] [192.168.10.254]
7 [dhcp-option] [DOMAIN] [local.domain.com]
8 [route] [192.168.13.0] [255.255.255.0]
9 [topology] [net30]
10 [ping] [10]
11 [ping-restart] [120]
12 [ifconfig] [192.168.13.22] [192.168.13.21]

2013-01-17 17:10:34 LZO-ASYM init swap=0 asym=0
2013-01-17 17:10:34 EVENT: ASSIGN_IP
2013-01-17 17:10:35 Connected via tun
2013-01-17 17:10:35 EVENT: CONNECTED @server.domain.com:1196 (X.X.X.X)
via /UDPv4 on tun/192.168.13.22/


config:

##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote server.domain.com 1196


# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun
persist-remote-ip

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

management-query-proxy

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
<ca>
-----BEGIN CERTIFICATE-----
XXXX
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
xxx
-----BEGIN CERTIFICATE-----
XXX
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
XXX
-----END PRIVATE KEY-----
</key>
# Verify server certificate by checking
# that the certicate has the nsCertType
# field set to "server". This is an
# important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the nsCertType
# field set to "server". The build-key-server
# script in the easy-rsa folder will do this.
;ns-cert-type server

# If a tls-auth key is used on the server
# then every client must also have the key.
<tls-auth>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
XXX
-----END OpenVPN Static key V1-----
</tls-auth>

key-direction 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
;cipher x

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20

tun-mtu 1500
fragment 1300
mssfix

HeikoGr
OpenVpn Newbie
Posts: 3
Joined: Mon Jan 21, 2013 8:08 am

Re: Client connects, but no ping and no servers reachable (i

Post by HeikoGr » Tue Jan 22, 2013 2:10 pm

first try to add:

Code: Select all

redirect-gateway
dhcp-option DNS IP-ADDRESS-OF-DNS-SERVER-HERE!!!
maybe you need this to:

Code: Select all

pull

Crystal
OpenVpn Newbie
Posts: 2
Joined: Wed Jan 23, 2013 12:20 pm

Re: Client connects, but no ping and no servers reachable (i

Post by Crystal » Wed Jan 23, 2013 12:50 pm

Have the same problem...

Here is the log:

2013-01-23 13:09:16 ----- OpenVPN Start -----
2013-01-23 13:09:16 LZO-ASYM init swap=0 asym=1
2013-01-23 13:09:16 Comp-stub init swap=0
2013-01-23 13:09:16 EVENT: RESOLVE
2013-01-23 13:09:16 EVENT: WAIT
2013-01-23 13:09:16 Connecting to 62.113.245.51:21 (62.113.245.51) via TCPv4
2013-01-23 13:09:16 EVENT: CONNECTING
2013-01-23 13:09:16 Tunnel Options:V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client
2013-01-23 13:09:16 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
IV_SNAPPY=1
IV_LZO=1
IV_LZO_SWAP=1
IV_COMP_STUB=1

2013-01-23 13:09:17 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=US, ST=CA, L=San-Francisco, O=reliablehosting.com, CN=ovpn049, emailAddress=techies@reliablehosting.com
subject name : C=US, ST=CA, L=San-Francisco, O=reliablehosting.com, CN=vpn-de1, emailAddress=techies@reliablehosting.com
issued on : 2013-01-21 19:22:02
expires on : 2023-01-19 19:22:02
signed using : RSA+SHA1
RSA key size : 1024 bits

2013-01-23 13:09:17 VERIFY OK: depth=1
cert. version : 3
serial number : DA:20:8B:B6:3C:1E:AF:B6
issuer name : C=US, ST=CA, L=San-Francisco, O=reliablehosting.com, CN=ovpn049, emailAddress=techies@reliablehosting.com
subject name : C=US, ST=CA, L=San-Francisco, O=reliablehosting.com, CN=ovpn049, emailAddress=techies@reliablehosting.com
issued on : 2013-01-21 19:22:01
expires on : 2023-01-19 19:22:01
signed using : RSA+SHA1
RSA key size : 1024 bits

2013-01-23 13:09:17 SSL Handshake: TLSv1.0/SSL-EDH-RSA-AES-256-SHA
2013-01-23 13:09:17 Session is ACTIVE
2013-01-23 13:09:18 EVENT: GET_CONFIG
2013-01-23 13:09:18 Sending PUSH_REQUEST to server...
2013-01-23 13:09:18 OPTIONS:
0 [redirect-gateway] [def1]
1 [socket-flags] [TCP_NODELAY]
2 [ping] [1]
3 [ping-restart] [60]
4 [route-delay] [2]
5 [route-metric] [1]
6 [dhcp-option] [DNS] [8.8.8.8]
7 [dhcp-option] [DNS] [8.8.4.4]
8 [route] [10.8.1.137]
9 [topology] [net30]
10 [ifconfig] [10.8.1.142] [10.8.1.141]

2013-01-23 13:09:18 LZO-ASYM init swap=0 asym=1
2013-01-23 13:09:18 Comp-stub init swap=0
2013-01-23 13:09:18 EVENT: ASSIGN_IP
2013-01-23 13:09:18 Connected via tun
2013-01-23 13:09:18 EVENT: CONNECTED @62.113.245.51:21 (62.113.245.51) via /TCPv4 on tun/10.8.1.142/
2013-01-23 13:09:58 Session invalidated
2013-01-23 13:09:58 Client terminated, restarting in 2...
2013-01-23 13:10:00 EVENT: RECONNECTING
2013-01-23 13:10:00 LZO-ASYM init swap=0 asym=1
2013-01-23 13:10:00 Comp-stub init swap=0
2013-01-23 13:10:00 EVENT: RESOLVE
2013-01-23 13:10:00 EVENT: WAIT
2013-01-23 13:10:00 Connecting to 62.113.245.51:21 (62.113.245.51) via TCPv4
2013-01-23 13:10:00 EVENT: CONNECTING
2013-01-23 13:10:00 Tunnel Options:V4,dev-type tun,link-mtu 1544,tun-mtu 1500,proto TCPv4_CLIENT,comp-lzo,keydir 1,cipher BF-CBC,auth SHA1,keysize 128,tls-auth,key-method 2,tls-client
2013-01-23 13:10:00 Peer Info:
IV_VER=1.0
IV_PLAT=ios
IV_NCP=1
IV_SNAPPY=1
IV_LZO=1
IV_LZO_SWAP=1
IV_COMP_STUB=1

2013-01-23 13:10:00 VERIFY OK: depth=0
cert. version : 3
serial number : 01
issuer name : C=US, ST=CA, L=San-Francisco, O=reliablehosting.com, CN=ovpn049, emailAddress=techies@reliablehosting.com
subject name : C=US, ST=CA, L=San-Francisco, O=reliablehosting.com, CN=vpn-de1, emailAddress=techies@reliablehosting.com
issued on : 2013-01-21 19:22:02
expires on : 2023-01-19 19:22:02
signed using : RSA+SHA1
RSA key size : 1024 bits

2013-01-23 13:10:00 VERIFY OK: depth=1
cert. version : 3
serial number : DA:20:8B:B6:3C:1E:AF:B6
issuer name : C=US, ST=CA, L=San-Francisco, O=reliablehosting.com, CN=ovpn049, emailAddress=techies@reliablehosting.com
subject name : C=US, ST=CA, L=San-Francisco, O=reliablehosting.com, CN=ovpn049, emailAddress=techies@reliablehosting.com
issued on : 2013-01-21 19:22:01
expires on : 2023-01-19 19:22:01
signed using : RSA+SHA1
RSA key size : 1024 bits

2013-01-23 13:10:01 SSL Handshake: TLSv1.0/SSL-EDH-RSA-AES-256-SHA
2013-01-23 13:10:01 Session is ACTIVE
2013-01-23 13:10:02 EVENT: GET_CONFIG
2013-01-23 13:10:02 Sending PUSH_REQUEST to server...
2013-01-23 13:10:02 OPTIONS:
0 [redirect-gateway] [def1]
1 [socket-flags] [TCP_NODELAY]
2 [ping] [1]
3 [ping-restart] [60]
4 [route-delay] [2]
5 [route-metric] [1]
6 [dhcp-option] [DNS] [8.8.8.8]
7 [dhcp-option] [DNS] [8.8.4.4]
8 [route] [10.8.1.137]
9 [topology] [net30]
10 [ifconfig] [10.8.1.142] [10.8.1.141]

2013-01-23 13:10:02 LZO-ASYM init swap=0 asym=1
2013-01-23 13:10:02 Comp-stub init swap=0
2013-01-23 13:10:02 EVENT: ASSIGN_IP
2013-01-23 13:10:02 Connected via tun
2013-01-23 13:10:02 EVENT: CONNECTED @62.113.245.51:21 (62.113.245.51) via /TCPv4 on tun/10.8.1.142/
2013-01-23 13:11:02 Session invalidated


*******************************************



Here is my config file:

remote 207.204.227.33 4398 udp
remote 207.204.227.33 123 udp
remote 207.204.227.33 53 udp
key-direction 1
client
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
verb 4
reneg-sec 86400
echo vpn20 ovpn159
tun-mtu 1500
route-method exe
route-delay 2
redirect-gateway def1
comp-lzo adaptive
explicit-exit-notify 2
fragment 1390
mssfix 1390
hand-window 30
<ca>
-----BEGIN CERTIFICATE-----
MY CERTIFICAT HERE
-----END CERTIFICATE-----
</ca>
<key>
-----BEGIN PRIVATE KEY-----
MY CERTIFICAT HERE
-----END PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
MY CERTIFICAT HERE
-----END CERTIFICATE-----
</cert>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
MY STATIC KEY HERE
-----END OpenVPN Static key V1-----
</tls-auth>


**********************

How to fix it?

User avatar
jamesyonan
OpenVPN Inc.
Posts: 169
Joined: Thu Jan 24, 2013 12:13 am

Re: Client connects, but no ping and no servers reachable (i

Post by jamesyonan » Thu Jan 24, 2013 12:41 am

The iOS client doesn't currently support the "fragment" option, which I see in your profile.

James

Crystal
OpenVpn Newbie
Posts: 2
Joined: Wed Jan 23, 2013 12:20 pm

Re: Client connects, but no ping and no servers reachable (i

Post by Crystal » Thu Jan 24, 2013 12:59 pm

Still not work, even without "fragment" option.

housemaister
OpenVpn Newbie
Posts: 2
Joined: Mon Jan 21, 2013 10:54 am

Re: Client connects, but no ping and no servers reachable (i

Post by housemaister » Fri Jan 25, 2013 12:48 pm

Same for me; still it does not work.

I tried these and various other options. (even if I do not to intend to route the whole traffic through this tunnel).

Can you explain why you are suggesting these options?
Can anybody explain what is not working?

andrewwai
OpenVpn Newbie
Posts: 4
Joined: Sat Jan 26, 2013 5:01 am

Re: Client connects, but no ping and no servers reachable (i

Post by andrewwai » Sat Jan 26, 2013 5:26 am

I know this is in the iOS topic but I am also get the same problem with the Android OpenVPN Connect client. The version is 1.1.8.

My client config is:

client
dev tun
proto udp
remote XXX.XXX.XXX.XXX 1194

remote-cert-tls server

resolv-retry infinite
nobind
persist-key
persist-tun
persist-remote-ip

key-direction 1

<ca>
-----BEGIN CERTIFICATE-----
ca cert here
-----END CERTIFICATE-----
</ca>

<cert>
-----BEGIN CERTIFICATE-----
cert here
-----END CERTIFICATE-----
</cert>

<key>
-----BEGIN RSA PRIVATE KEY-----
private key here
-----END RSA PRIVATE KEY-----
</key>

<tls-auth>
-----BEGIN OpenVPN Static key V1-----
key here
-----END OpenVPN Static key V1-----
</tls-auth>

tun-mtu 1500
#fragment 1300
#mssfix
comp-lzo
verb 3

I had similar troubles on a Windows 64 bit box and had to mess about with the order of the config settings to as above on the client (latest 2.3.0 Windows gui installer). The config above is what I have on the Windows box but with the fragment and mssfix commented out for the android client.

Import was successful and on the server log I see the correct routes being pushed. However using Net Swiss Tool on the client I cannot see the default 10.8.0.1 gateway. Hence I cannot even ping the server itself.

Anyone connected successfully and able to ping the server ip? I have Android 4.0.4 on 2 clients.

andrewwai
OpenVpn Newbie
Posts: 4
Joined: Sat Jan 26, 2013 5:01 am

Re: Client connects, but no ping and no servers reachable (i

Post by andrewwai » Sat Jan 26, 2013 7:33 am

Forgot to mention my server version is 2.2.2 on CentOS 6.3.

gervdijk
OpenVpn Newbie
Posts: 1
Joined: Sat Jan 26, 2013 12:23 pm

Re: Client connects, but no ping and no servers reachable (i

Post by gervdijk » Sat Jan 26, 2013 12:36 pm

Got the same problem here:

2013-01-25 16:51:11 EVENT: ASSIGN_IP
2013-01-25 16:51:11 Connected via tun
2013-01-25 16:51:11 EVENT: CONNECTED @[server_ip]:443 ([server_ip]) via
/TCPv4 on tun/10.8.3.174/
2013-01-25 16:51:51 Session invalidated
2013-01-25 16:51:51 Client terminated, restarting in 2...

So it connects, but ip remains the same. I cannot reach internet until the vpn disconnects. When it reconnects again the connection is lost again.

My OpenVPN config file is:

Code: Select all

remote [server_ip] 4398 udp
remote [server_ip] 123 udp
remote [server_ip] 53 udp
key-direction 1
client
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
verb 4
reneg-sec 86400
echo [server name]
tun-mtu 1500
route-method exe
route-delay 2
redirect-gateway def1
comp-lzo adaptive
explicit-exit-notify 2
fragment 1390
mssfix 1390
hand-window 30
<ca>
-----BEGIN CERTIFICATE-----
[certificate]
-----END CERTIFICATE-----
</ca>
<key>
-----BEGIN RSA PRIVATE KEY-----
[key]
-----END RSA PRIVATE KEY-----
</key>
<cert>
-----BEGIN CERTIFICATE-----
[cerfitificate]
-----END CERTIFICATE-----
</cert>
<tls-auth>
-----BEGIN OpenVPN Static key V1-----
[key]
-----END OpenVPN Static key V1-----
</tls-auth>

andrewwai
OpenVpn Newbie
Posts: 4
Joined: Sat Jan 26, 2013 5:01 am

Re: Client connects, but no ping and no servers reachable (i

Post by andrewwai » Tue Jan 29, 2013 3:23 am

To anyone still having problems iOS or Android clients here are some pointers.

I noticed after i successfully connected and try to ping the server ip i get "Bad LZO decompression header byte: NN" in the server logs. After some more googling i see in my server logs:

WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1546', remote='link-mtu 1542'
WARNING: 'mtu-dynamic' is present in local config but missing in remote config, local='mtu-dynamic'

during connection from the client. To fix this I needed to set "comp-lzo adaptive" on the server and the client.

After the vpn successfully connect to the lan I occassionally get "read UDPv4 [EHOSTUNREACH]: No route to host (code=113)"

From topic10980.html I commented out "persist-tun" which seem to have fixed it.

Good luck.

therealjmc
OpenVpn Newbie
Posts: 6
Joined: Mon Jan 28, 2013 4:51 pm

Re: Client connects, but no ping and no servers reachable (i

Post by therealjmc » Tue Jan 29, 2013 7:56 am

I'm having the same problem. I've tried adding comp-lzo adaptive to my config, but it still won't work - still getting the Warnings about link-mtu

Tue Jan 29 08:49:11 2013 195.145.225.2:20267 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1562', remote='link-mtu 1558'
Tue Jan 29 08:49:11 2013 195.145.225.2:20267 WARNING: 'mtu-dynamic' is present in local config but missing in remote config, local='mtu-dynamic'

Could you please post your complete now working config?

Thanks!

User avatar
jamesyonan
OpenVPN Inc.
Posts: 169
Joined: Thu Jan 24, 2013 12:13 am

Re: Client connects, but no ping and no servers reachable (i

Post by jamesyonan » Tue Jan 29, 2013 9:27 am

It looks like you might be using "fragment" on the server but not on the client. The iOS client (as of 1.0.0) doesn't support "fragment", nor does it support connecting to a server that has "fragment" in its config. So to make this work, you would need to remove fragment from both the client and server-side.

Also, for the comp-lzo option, try just using "comp-lzo" by itself in the client profile, without "adaptive".

James

andrewwai
OpenVpn Newbie
Posts: 4
Joined: Sat Jan 26, 2013 5:01 am

Re: Client connects, but no ping and no servers reachable (i

Post by andrewwai » Wed Jan 30, 2013 11:09 am

jamesyonan wrote:It looks like you might be using "fragment" on the server but not on the client. The iOS client (as of 1.0.0) doesn't support "fragment", nor does it support connecting to a server that has "fragment" in its config. So to make this work, you would need to remove fragment from both the client and server-side.

Also, for the comp-lzo option, try just using "comp-lzo" by itself in the client profile, without "adaptive".

James
James,
Thanks for pointing this out. I did also remove the fragment setting on the server to fix my problem. Sorry to anyone for missing this point.

Sinanthropus
OpenVpn Newbie
Posts: 2
Joined: Tue Mar 12, 2013 9:33 pm

Re: Client connects, but no ping and no servers reachable (i

Post by Sinanthropus » Tue Mar 12, 2013 9:37 pm

I have the same problem. A server side
push "redirect-gateway"
does solve the problem, but then, I cannot connect anywhere but the VPN, because my server is not a gateway, and in any case, I do not want to use it as a gateway. (I need my clients to use their own Internet connections, but be able to access the network shares and servers on the VPN.)

Note that it is only the iOS client that has this problem. Mac OSX, Ubuntu and Windows seem to work fine (without the redirect-gateway option)

Any suggestions, anyone?

Sinanthropus
OpenVpn Newbie
Posts: 2
Joined: Tue Mar 12, 2013 9:33 pm

Re: Client connects, but no ping and no servers reachable (i

Post by Sinanthropus » Tue Mar 12, 2013 9:59 pm

:) I solved my problem. Instead of using
push "redirect-gateway"
as suggested (which I guess would work fine if I wanted to use my server as a gateway) I put in the following server side directive:
push "route 10.8.0.0 255.255.255.0"
And it worked. I don't know why it has worked with all the other clients though. I have been using it for over a year with no problems.

Post Reply