Can connect, but cannot pass any data

This forum is for all inquiries relating to the installation of OpenVPN from source and with binaries.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Post Reply
nwmangum
OpenVpn Newbie
Posts: 3
Joined: Mon Apr 08, 2013 5:58 pm

Can connect, but cannot pass any data

Post by nwmangum » Mon Apr 08, 2013 6:41 pm

I have recently migrated to a new Linux server, and am having a problem getting OpenVPN to work.

I appear to be able to connect from a Windows XP client, but after connecting, I am not passing any data.

My server is running Linux 2.6.32-220.13.1.el6.i686

Here is my server.conf:

Code: Select all

port 1194
proto tcp
dev tap
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
push "route 192.168.0.0 255.255.255.0"
push "redirect-gateway def1"
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log         /var/log/openvpn.log
verb 3
mute 20
Here is my client config:

Code: Select all

client
dev tap
proto tcp
remote xx.xx.xx.162 1194  (network hidden)
resolv-retry infinite
nobind
persist-key
persist-tun
ca anegada.crt
cert walker.crt
key walker.key
ns-cert-type server
comp-lzo
verb 3
My server iptables:

Code: Select all

iptables -L -t nat -v
Chain PREROUTING (policy ACCEPT 261 packets, 16042 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 315 packets, 22092 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MASQUERADE  all  --  any    eth1    192.168.0.0/24       anywhere
    0     0 MASQUERADE  all  --  any    eth1    10.8.0.0/24          anywhere
    0     0 MASQUERADE  all  --  any    bond1   192.168.0.0/24       anywhere
    0     0 MASQUERADE  all  --  any    bond1   10.8.0.0/24          anywhere

Chain OUTPUT (policy ACCEPT 315 packets, 22092 bytes)
 pkts bytes target     prot opt in     out     source               destination
My server netstat -nr:

Code: Select all

netstat -nr
Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
xx.xx.xx.160 0.0.0.0         255.255.255.248 U         0 0          0 bond1
10.51.47.128    0.0.0.0         255.255.255.192 U         0 0          0 bond0
10.8.0.0        0.0.0.0         255.255.255.0   U         0 0          0 tap0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 bond0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 bond1
10.0.0.0        10.51.47.129    255.0.0.0       UG        0 0          0 bond0
0.0.0.0         xx.xx.xx.161 0.0.0.0         UG        0 0          0 bond1
My client netstat -nr:

Code: Select all

C:\Documents and Settings\Walker Mangum>netstat -nr
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1f e1 56 30 9b ...... Dell Wireless 1490 Dual Band WLAN Mini-Card - Packet Scheduler Miniport
0x80003 ...00 ff 35 ba 9f 70 ...... TAP-Win32 Adapter V8 - Packet Scheduler Miniport
0x1a0006 ...00 ff 0b bb f0 b4 ...... TAP-Win32 Adapter OAS - Packet Scheduler Miniport
0x1e0005 ...00 1c 23 3a 69 30 ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
0x1e0007 ...02 0e 01 02 35 64 ...... SAMSUNG Mobile USB Remote NDIS Network Device - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0        128.0.0.0         10.8.0.4       10.8.0.50       1
          0.0.0.0          0.0.0.0   192.168.42.129  192.168.42.214       25
         10.8.0.0    255.255.255.0        10.8.0.50       10.8.0.50       30
        10.8.0.50  255.255.255.255        127.0.0.1       127.0.0.1       30
   10.255.255.255  255.255.255.255        10.8.0.50       10.8.0.50       30
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
        128.0.0.0        128.0.0.0         10.8.0.4       10.8.0.50       1
      169.254.0.0      255.255.0.0   192.168.42.214  192.168.42.214       20
  xx.xx.xx.162  255.255.255.255   192.168.42.129  192.168.42.214       1
      192.168.0.0    255.255.255.0         10.8.0.4       10.8.0.50       1
     192.168.42.0    255.255.255.0   192.168.42.214  192.168.42.214       25
   192.168.42.214  255.255.255.255        127.0.0.1       127.0.0.1       25
   192.168.42.255  255.255.255.255   192.168.42.214  192.168.42.214       25
        224.0.0.0        240.0.0.0        10.8.0.50       10.8.0.50       30
        224.0.0.0        240.0.0.0   192.168.42.214  192.168.42.214       25
  255.255.255.255  255.255.255.255        10.8.0.50       10.8.0.50       1
  255.255.255.255  255.255.255.255   192.168.42.214          1e0005       1
  255.255.255.255  255.255.255.255   192.168.42.214           80003       1
  255.255.255.255  255.255.255.255   192.168.42.214  192.168.42.214       1
  255.255.255.255  255.255.255.255   192.168.42.214               2       1
Default Gateway:          10.8.0.4
===========================================================================
Persistent Routes:
  None
The server log:

Code: Select all

Mon Apr  8 13:15:44 2013 OpenVPN 2.0 i686-pc-linux [SSL] [LZO] [EPOLL] built on Nov 14 2012
Mon Apr  8 13:15:44 2013 Diffie-Hellman initialized with 1024 bit key
Mon Apr  8 13:15:44 2013 TLS-Auth MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Apr  8 13:15:44 2013 TUN/TAP device tap1 opened
Mon Apr  8 13:15:44 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:23 ET:32 EL:0 AF:3/1 ]
Mon Apr  8 13:15:44 2013 GID set to nobody
Mon Apr  8 13:15:44 2013 UID set to nobody
Mon Apr  8 13:15:44 2013 Listening for incoming TCP connection on [undef]:1194
Mon Apr  8 13:15:44 2013 TCPv4_SERVER link local (bound): [undef]:1194
Mon Apr  8 13:15:44 2013 TCPv4_SERVER link remote: [undef]
Mon Apr  8 13:15:44 2013 MULTI: multi_init called, r=256 v=256
Mon Apr  8 13:15:44 2013 IFCONFIG POOL: base=10.8.0.50 size=51
Mon Apr  8 13:15:44 2013 IFCONFIG POOL LIST
Mon Apr  8 13:15:44 2013 walker,10.8.0.50
Mon Apr  8 13:15:44 2013 MULTI: TCP INIT maxclients=1024 maxevents=1028
Mon Apr  8 13:15:44 2013 Initialization Sequence Completed
Mon Apr  8 13:16:01 2013 MULTI: multi_create_instance called
Mon Apr  8 13:16:01 2013 Re-using SSL/TLS context
Mon Apr  8 13:16:01 2013 LZO compression initialized
Mon Apr  8 13:16:01 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Apr  8 13:16:01 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:23 ET:32 EL:0 AF:3/1 ]
Mon Apr  8 13:16:01 2013 Local Options hash (VER=V4): '3e6d1056'
Mon Apr  8 13:16:01 2013 Expected Remote Options hash (VER=V4): '31fdf004'
Mon Apr  8 13:16:01 2013 TCP connection established with 166.137.149.76:48592
Mon Apr  8 13:16:01 2013 TCPv4_SERVER link local: [undef]
Mon Apr  8 13:16:01 2013 TCPv4_SERVER link remote: 166.137.149.76:48592
Mon Apr  8 13:16:01 2013 166.137.149.76:48592 TLS: Initial packet from 166.137.149.76:48592, sid=5c7233f6 ec9e7d06
Mon Apr  8 13:16:03 2013 166.137.149.76:48592 VERIFY OK: depth=1, /C=US/ST=TX/L=HOUSTON/O=BVIPirate/CN=anegada/emailAddress=walker@bvipirate.com
Mon Apr  8 13:16:03 2013 166.137.149.76:48592 VERIFY OK: depth=0, /C=US/ST=TX/O=BVIPirate/CN=walker/emailAddress=walker@bvipirate.com
Mon Apr  8 13:16:04 2013 166.137.149.76:48592 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Apr  8 13:16:04 2013 166.137.149.76:48592 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr  8 13:16:04 2013 166.137.149.76:48592 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Apr  8 13:16:04 2013 166.137.149.76:48592 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr  8 13:16:04 2013 166.137.149.76:48592 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Apr  8 13:16:04 2013 166.137.149.76:48592 [walker] Peer Connection Initiated with 166.137.149.76:48592
Mon Apr  8 13:16:06 2013 walker/166.137.149.76:48592 PUSH: Received control message: 'PUSH_REQUEST'
Mon Apr  8 13:16:06 2013 walker/166.137.149.76:48592 SENT CONTROL [walker]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,redirect-gateway def1,route-gateway 10.8.0.4,ping 10,ping-restart 120,ifconfig 10.8.0.50 255.255.255.0' (status=1)
Mon Apr  8 13:16:08 2013 walker/166.137.149.76:48592 MULTI: Learn: 00:ff:0b:bb:f0:b4 -> walker/166.137.149.76:48592
The client log:

Code: Select all

Mon Apr 08 13:15:56 2013 OpenVPNAS 2.1.1oOAS Win32-MSVC++ [SSL] [LZO2] built on Jul 29 2010
Mon Apr 08 13:15:56 2013 MANAGEMENT: Connected to management server at 127.0.0.1:55208
Mon Apr 08 13:15:56 2013 MANAGEMENT: CMD 'log on'
Mon Apr 08 13:15:56 2013 MANAGEMENT: CMD 'state on'
Mon Apr 08 13:15:56 2013 MANAGEMENT: CMD 'echo on'
Mon Apr 08 13:15:56 2013 MANAGEMENT: CMD 'bytecount 5'
Mon Apr 08 13:15:56 2013 MANAGEMENT: CMD 'hold off'
Mon Apr 08 13:15:56 2013 MANAGEMENT: CMD 'hold release'
Mon Apr 08 13:15:56 2013 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 08 13:15:56 2013 LZO compression initialized
Mon Apr 08 13:15:56 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Apr 08 13:15:56 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Apr 08 13:15:56 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Apr 08 13:15:56 2013 Local Options hash (VER=V4): '31fdf004'
Mon Apr 08 13:15:56 2013 Expected Remote Options hash (VER=V4): '3e6d1056'
Mon Apr 08 13:15:56 2013 Attempting to establish TCP connection with xx.xx.xx.162:1194
Mon Apr 08 13:15:56 2013 MANAGEMENT: >STATE:1365444956,TCP_CONNECT,,,
Mon Apr 08 13:15:56 2013 TCP connection established with xx.xx.xx.162:1194
Mon Apr 08 13:15:56 2013 TCPv4_CLIENT link local: [undef]
Mon Apr 08 13:15:56 2013 TCPv4_CLIENT link remote: xx.xx.xx.162:1194
Mon Apr 08 13:15:56 2013 MANAGEMENT: >STATE:1365444956,WAIT,,,
Mon Apr 08 13:15:56 2013 MANAGEMENT: >STATE:1365444956,AUTH,,,
Mon Apr 08 13:15:56 2013 TLS: Initial packet from xx.xx.xx.162:1194, sid=9e1c6748 a619d992
Mon Apr 08 13:15:57 2013 VERIFY OK: depth=1, /C=US/ST=TX/L=HOUSTON/O=BVIPirate/CN=anegada/emailAddress=walker@bvipirate.com
Mon Apr 08 13:15:57 2013 VERIFY OK: nsCertType=SERVER
Mon Apr 08 13:15:57 2013 VERIFY OK: depth=0, /C=US/ST=TX/O=BVIPirate/CN=anegada/emailAddress=walker@bvipirate.com
Mon Apr 08 13:15:59 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Apr 08 13:15:59 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 08 13:15:59 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Apr 08 13:15:59 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 08 13:15:59 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Apr 08 13:15:59 2013 [anegada] Peer Connection Initiated with xx.xx.xx.162:1194
Mon Apr 08 13:16:00 2013 MANAGEMENT: >STATE:1365444960,GET_CONFIG,,,
Mon Apr 08 13:16:01 2013 SENT CONTROL [anegada]: 'PUSH_REQUEST' (status=1)
Mon Apr 08 13:16:01 2013 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,redirect-gateway def1,route-gateway 10.8.0.4,ping 10,ping-restart 120,ifconfig 10.8.0.50 255.255.255.0'
Mon Apr 08 13:16:01 2013 OPTIONS IMPORT: timers and/or timeouts modified
Mon Apr 08 13:16:01 2013 OPTIONS IMPORT: --ifconfig/up options modified
Mon Apr 08 13:16:01 2013 OPTIONS IMPORT: route options modified
Mon Apr 08 13:16:01 2013 OPTIONS IMPORT: route-related options modified
Mon Apr 08 13:16:01 2013 ROUTE default_gateway=192.168.42.129
Mon Apr 08 13:16:01 2013 MANAGEMENT: >STATE:1365444961,ASSIGN_IP,,10.8.0.50,
Mon Apr 08 13:16:01 2013 TAP-WIN32 device [Local Area Connection 11] opened: \\.\Global\{0BBBF0B4-B1E9-4AEE-A33C-6CE65E8B5ACC}.tap
Mon Apr 08 13:16:01 2013 TAP-Win32 Driver Version 9.7 
Mon Apr 08 13:16:01 2013 TAP-Win32 MTU=1500
Mon Apr 08 13:16:01 2013 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.50/255.255.255.0 on interface {0BBBF0B4-B1E9-4AEE-A33C-6CE65E8B5ACC} [DHCP-serv: 10.8.0.0, lease-time: 31536000]
Mon Apr 08 13:16:01 2013 Successful ARP Flush on interface [1703942] {0BBBF0B4-B1E9-4AEE-A33C-6CE65E8B5ACC}
Mon Apr 08 13:16:06 2013 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Mon Apr 08 13:16:06 2013 C:\WINDOWS\system32\route.exe ADD xx.xx.xx.162 MASK 255.255.255.255 192.168.42.129
Mon Apr 08 13:16:06 2013 Route addition via IPAPI succeeded [adaptive]
Mon Apr 08 13:16:06 2013 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.4
Mon Apr 08 13:16:06 2013 Route addition via IPAPI succeeded [adaptive]
Mon Apr 08 13:16:06 2013 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.4
Mon Apr 08 13:16:06 2013 Route addition via IPAPI succeeded [adaptive]
Mon Apr 08 13:16:06 2013 MANAGEMENT: >STATE:1365444966,ADD_ROUTES,,,
Mon Apr 08 13:16:06 2013 C:\WINDOWS\system32\route.exe ADD 192.168.0.0 MASK 255.255.255.0 10.8.0.4
Mon Apr 08 13:16:06 2013 Route addition via IPAPI succeeded [adaptive]
Mon Apr 08 13:16:06 2013 Initialization Sequence Completed
Mon Apr 08 13:16:06 2013 MANAGEMENT: >STATE:1365444966,CONNECTED,SUCCESS,10.8.0.50,xx.xx.xx.162
And a ping of 8.8.8.8:

Code: Select all

C:\Documents and Settings\Walker Mangum>ping 8.8.8.8

Pinging 8.8.8.8 with 32 bytes of data:

Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 8.8.8.8:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
I am certain that this is a configuration error, but I have tried numerous things to resolve and get the same results. I would appreciate any help!

nwmangum
OpenVpn Newbie
Posts: 3
Joined: Mon Apr 08, 2013 5:58 pm

Re: Can connect, but cannot pass any data

Post by nwmangum » Mon Apr 08, 2013 7:48 pm

I have also tried this server.conf:

Code: Select all

port 1194
proto tcp
dev tap
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
log         /var/log/openvpn.log
verb 3
mute 20
The server netstat -rn for this one:

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
xx.xx.xx.160 0.0.0.0         255.255.255.248 U         0 0          0 bond1
10.51.47.128    0.0.0.0         255.255.255.192 U         0 0          0 bond0
10.8.0.0        0.0.0.0         255.255.255.0   U         0 0          0 tap0
10.8.0.0        0.0.0.0         255.255.255.0   U         0 0          0 tap1
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 bond0
169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 bond1
10.0.0.0        10.51.47.129    255.0.0.0       UG        0 0          0 bond0
0.0.0.0         xx.xx.xx.161 0.0.0.0         UG        0 0          0 bond1
The client netstat -rn:

Code: Select all

Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1f e1 56 30 9b ...... Dell Wireless 1490 Dual Band WLAN Mini-Card - Packet Scheduler Miniport
0x80003 ...00 ff 35 ba 9f 70 ...... TAP-Win32 Adapter V8 - Packet Scheduler Miniport
0x1a0006 ...00 ff 0b bb f0 b4 ...... TAP-Win32 Adapter OAS - Packet Scheduler Miniport
0x1e0005 ...00 1c 23 3a 69 30 ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
0x1e0007 ...02 0e 01 02 35 64 ...... SAMSUNG Mobile USB Remote NDIS Network Device - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0        128.0.0.0         10.8.0.1       10.8.0.50       1
          0.0.0.0          0.0.0.0   192.168.42.129  192.168.42.214       25
         10.8.0.0    255.255.255.0        10.8.0.50       10.8.0.50       30
        10.8.0.50  255.255.255.255        127.0.0.1       127.0.0.1       30
   10.255.255.255  255.255.255.255        10.8.0.50       10.8.0.50       30
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
        128.0.0.0        128.0.0.0         10.8.0.1       10.8.0.50       1
      169.254.0.0      255.255.0.0   192.168.42.214  192.168.42.214       20
  xx.xx.xx.162  255.255.255.255   192.168.42.129  192.168.42.214       1
     192.168.42.0    255.255.255.0   192.168.42.214  192.168.42.214       25
   192.168.42.214  255.255.255.255        127.0.0.1       127.0.0.1       25
   192.168.42.255  255.255.255.255   192.168.42.214  192.168.42.214       25
        224.0.0.0        240.0.0.0        10.8.0.50       10.8.0.50       30
        224.0.0.0        240.0.0.0   192.168.42.214  192.168.42.214       25
  255.255.255.255  255.255.255.255        10.8.0.50       10.8.0.50       1
  255.255.255.255  255.255.255.255   192.168.42.214          1e0005       1
  255.255.255.255  255.255.255.255   192.168.42.214           80003       1
  255.255.255.255  255.255.255.255   192.168.42.214  192.168.42.214       1
  255.255.255.255  255.255.255.255   192.168.42.214               2       1
Default Gateway:          10.8.0.1
===========================================================================
Persistent Routes:
  None
The server log:

Code: Select all

Mon Apr  8 14:24:06 2013 TCPv4_SERVER link local (bound): [undef]:1194
Mon Apr  8 14:24:06 2013 TCPv4_SERVER link remote: [undef]
Mon Apr  8 14:24:06 2013 MULTI: multi_init called, r=256 v=256
Mon Apr  8 14:24:06 2013 IFCONFIG POOL: base=10.8.0.2 size=253
Mon Apr  8 14:24:06 2013 IFCONFIG POOL LIST
Mon Apr  8 14:24:06 2013 walker,10.8.0.50
Mon Apr  8 14:24:06 2013 MULTI: TCP INIT maxclients=1024 maxevents=1028
Mon Apr  8 14:24:06 2013 Initialization Sequence Completed
Mon Apr  8 14:24:35 2013 MULTI: multi_create_instance called
Mon Apr  8 14:24:35 2013 Re-using SSL/TLS context
Mon Apr  8 14:24:35 2013 LZO compression initialized
Mon Apr  8 14:24:35 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Apr  8 14:24:35 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:23 ET:32 EL:0 AF:3/1 ]
Mon Apr  8 14:24:35 2013 Local Options hash (VER=V4): '3e6d1056'
Mon Apr  8 14:24:35 2013 Expected Remote Options hash (VER=V4): '31fdf004'
Mon Apr  8 14:24:35 2013 TCP connection established with 166.137.149.76:52341
Mon Apr  8 14:24:35 2013 TCPv4_SERVER link local: [undef]
Mon Apr  8 14:24:35 2013 TCPv4_SERVER link remote: 166.137.149.76:52341
Mon Apr  8 14:24:35 2013 166.137.149.76:52341 TLS: Initial packet from 166.137.149.76:52341, sid=abd7cd12 2e79cc55
Mon Apr  8 14:24:37 2013 166.137.149.76:52341 VERIFY OK: depth=1, /C=US/ST=TX/L=HOUSTON/O=BVIPirate/CN=anegada/emailAddress=walker@bvipirate.com
Mon Apr  8 14:24:37 2013 166.137.149.76:52341 VERIFY OK: depth=0, /C=US/ST=TX/O=BVIPirate/CN=walker/emailAddress=walker@bvipirate.com
Mon Apr  8 14:24:38 2013 166.137.149.76:52341 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Apr  8 14:24:38 2013 166.137.149.76:52341 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr  8 14:24:38 2013 166.137.149.76:52341 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Apr  8 14:24:38 2013 166.137.149.76:52341 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr  8 14:24:38 2013 166.137.149.76:52341 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Apr  8 14:24:38 2013 166.137.149.76:52341 [walker] Peer Connection Initiated with 166.137.149.76:52341
Mon Apr  8 14:24:40 2013 walker/166.137.149.76:52341 PUSH: Received control message: 'PUSH_REQUEST'
Mon Apr  8 14:24:40 2013 walker/166.137.149.76:52341 SENT CONTROL [walker]: 'PUSH_REPLY,redirect-gateway def1,route-gateway 10.8.0.1,ping 10,ping-restart 120,ifconfig 10.8.0.50 255.255.255.0' (status=1)
Mon Apr  8 14:24:42 2013 walker/166.137.149.76:52341 MULTI: Learn: 00:ff:0b:bb:f0:b4 -> walker/166.137.149.76:52341
And the client log:

Code: Select all

Mon Apr 08 14:32:51 2013 OpenVPNAS 2.1.1oOAS Win32-MSVC++ [SSL] [LZO2] built on Jul 29 2010
Mon Apr 08 14:32:51 2013 MANAGEMENT: Connected to management server at 127.0.0.1:61161
Mon Apr 08 14:32:51 2013 MANAGEMENT: CMD 'log on'
Mon Apr 08 14:32:51 2013 MANAGEMENT: CMD 'state on'
Mon Apr 08 14:32:51 2013 MANAGEMENT: CMD 'echo on'
Mon Apr 08 14:32:51 2013 MANAGEMENT: CMD 'bytecount 5'
Mon Apr 08 14:32:51 2013 MANAGEMENT: CMD 'hold off'
Mon Apr 08 14:32:51 2013 MANAGEMENT: CMD 'hold release'
Mon Apr 08 14:32:51 2013 NOTE: OpenVPNAS 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 08 14:32:51 2013 LZO compression initialized
Mon Apr 08 14:32:51 2013 Control Channel MTU parms [ L:1576 D:140 EF:40 EB:0 ET:0 EL:0 ]
Mon Apr 08 14:32:51 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Apr 08 14:32:51 2013 Data Channel MTU parms [ L:1576 D:1450 EF:44 EB:135 ET:32 EL:0 AF:3/1 ]
Mon Apr 08 14:32:51 2013 Local Options hash (VER=V4): '31fdf004'
Mon Apr 08 14:32:51 2013 Expected Remote Options hash (VER=V4): '3e6d1056'
Mon Apr 08 14:32:51 2013 Attempting to establish TCP connection with xx.xx.xx.162:1194
Mon Apr 08 14:32:51 2013 MANAGEMENT: >STATE:1365449571,TCP_CONNECT,,,
Mon Apr 08 14:32:51 2013 TCP connection established with xx.xx.xx.162:1194
Mon Apr 08 14:32:51 2013 TCPv4_CLIENT link local: [undef]
Mon Apr 08 14:32:51 2013 TCPv4_CLIENT link remote: xx.xx.xx.162:1194
Mon Apr 08 14:32:51 2013 MANAGEMENT: >STATE:1365449571,WAIT,,,
Mon Apr 08 14:32:51 2013 MANAGEMENT: >STATE:1365449571,AUTH,,,
Mon Apr 08 14:32:51 2013 TLS: Initial packet from xx.xx.xx.162:1194, sid=a605972b 446f22bd
Mon Apr 08 14:32:52 2013 VERIFY OK: depth=1, /C=US/ST=TX/L=HOUSTON/O=BVIPirate/CN=anegada/emailAddress=walker@bvipirate.com
Mon Apr 08 14:32:52 2013 VERIFY OK: nsCertType=SERVER
Mon Apr 08 14:32:52 2013 VERIFY OK: depth=0, /C=US/ST=TX/O=BVIPirate/CN=anegada/emailAddress=walker@bvipirate.com
Mon Apr 08 14:32:53 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Apr 08 14:32:53 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 08 14:32:53 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Apr 08 14:32:53 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Apr 08 14:32:53 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Apr 08 14:32:53 2013 [anegada] Peer Connection Initiated with xx.xx.xx.162:1194
Mon Apr 08 14:32:54 2013 MANAGEMENT: >STATE:1365449574,GET_CONFIG,,,
Mon Apr 08 14:32:56 2013 SENT CONTROL [anegada]: 'PUSH_REQUEST' (status=1)
Mon Apr 08 14:32:56 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route-gateway 10.8.0.1,ping 10,ping-restart 120,ifconfig 10.8.0.50 255.255.255.0'
Mon Apr 08 14:32:56 2013 OPTIONS IMPORT: timers and/or timeouts modified
Mon Apr 08 14:32:56 2013 OPTIONS IMPORT: --ifconfig/up options modified
Mon Apr 08 14:32:56 2013 OPTIONS IMPORT: route options modified
Mon Apr 08 14:32:56 2013 OPTIONS IMPORT: route-related options modified
Mon Apr 08 14:32:56 2013 ROUTE default_gateway=192.168.42.129
Mon Apr 08 14:32:56 2013 MANAGEMENT: >STATE:1365449576,ASSIGN_IP,,10.8.0.50,
Mon Apr 08 14:32:56 2013 TAP-WIN32 device [Local Area Connection 11] opened: \\.\Global\{0BBBF0B4-B1E9-4AEE-A33C-6CE65E8B5ACC}.tap
Mon Apr 08 14:32:56 2013 TAP-Win32 Driver Version 9.7 
Mon Apr 08 14:32:56 2013 TAP-Win32 MTU=1500
Mon Apr 08 14:32:56 2013 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.50/255.255.255.0 on interface {0BBBF0B4-B1E9-4AEE-A33C-6CE65E8B5ACC} [DHCP-serv: 10.8.0.0, lease-time: 31536000]
Mon Apr 08 14:32:56 2013 Successful ARP Flush on interface [1703942] {0BBBF0B4-B1E9-4AEE-A33C-6CE65E8B5ACC}
Mon Apr 08 14:33:01 2013 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Mon Apr 08 14:33:01 2013 C:\WINDOWS\system32\route.exe ADD xx.xx.xx.162 MASK 255.255.255.255 192.168.42.129
Mon Apr 08 14:33:01 2013 Route addition via IPAPI succeeded [adaptive]
Mon Apr 08 14:33:01 2013 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.1
Mon Apr 08 14:33:01 2013 Route addition via IPAPI succeeded [adaptive]
Mon Apr 08 14:33:01 2013 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.1
Mon Apr 08 14:33:01 2013 Route addition via IPAPI succeeded [adaptive]
Mon Apr 08 14:33:01 2013 Initialization Sequence Completed
Mon Apr 08 14:33:01 2013 MANAGEMENT: >STATE:1365449581,CONNECTED,SUCCESS,10.8.0.50,xx.xx.xx.162

nwmangum
OpenVpn Newbie
Posts: 3
Joined: Mon Apr 08, 2013 5:58 pm

Re: Can connect, but cannot pass any data

Post by nwmangum » Mon Apr 08, 2013 7:59 pm

I got it working by changing both sides to

Code: Select all

dev tun
proto udp
Why did dev tap/proto tcp not work??

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: Can connect, but cannot pass any data

Post by janjust » Tue Apr 09, 2013 11:27 am

your original config was a bridging setup - did you actually set up the bridge? See
http://openvpn.net/index.php/open-sourc ... dging.html
for a tutorial

Post Reply