Routing problem IOS device via WIFI

ivaner · Post by **ivaner** » Sat Sep 03, 2016 12:21 pm

Hi everyone,

I'm facing with a routing problem in ios devices. I think that i know the problem but i don't know how to fix it. I will try to explain it.

the server address is in a 192.168.1.0/24, the openvpn server offers addresses in a 10.8.0.0/24 and the subnet that I'm facing the ios problems is in 192.168.1.0/24. I know that having the same subnet on both sides can cause some issues, but for know I can't change the server subnet. All the devices that I have (windows, mac os x, linux) works fine, the only problem is with ios devices and obviously when it is connect via wifi that the address is in the subnet 192.168.1.0/24, when the ios device is connect via cellular works fine.

The problem that I see is that the routing table on the ios device don´t change the rounting table. The subnet 192.168.1.0 still is known via en0 when the tunnel is stablished. The default route is known via utun0 that is the correct path. I try to push a route path in the server.conf file

push "route 192.168.1.0 255.255.255.128 def1"
push "route 192.168.1.128 255.255.255.128 def1"

But this config don't updates the routing table on the ios devices

these are the routing tables on the ios device

Routing Table Ios device connect via cellular interface

Internet:
Destination Gateway Flags Refs Use Netif Expire
default link#11 UCS 6 0 utun0
default 10.190.17.74 UGScI 4 0 pdp_ip0
10.8/24 link#11 UCS 2 0 utun0
10.8.0.1 link#11 UHWIi 1 13 utun0
10.8.0.2 10.8.0.2 UH 1 0 utun0
10.190.17.74 10.190.17.74 UHr 5 0 pdp_ip0
10.190.17.74/32 link#2 UCS 1 0 pdp_ip0
127 127.0.0.1 UCS 1 0 lo0
127.0.0.1 127.0.0.1 UH 12 1309593 lo0
224.0.0 link#2 UmCS 2 0 pdp_ip0
224.0.0.251 link#2 UHmWI 1 0 pdp_ip0
255.255.255.255/32 link#2 UCS 1 0 pdp_ip0

Routing Table Ios device connect via wifi interface

Destination Gateway Flags Refs Use Netif Expire
default link#11 UCS 1 0 utun0
default 10.190.17.74 UGScI 3 0 pdp_ip0
default 192.168.1.1 UGScI 1 0 en0
10.8/24 link#11 UCS 2 0 utun0
10.8.0.1 link#11 UHWIi 2 5 utun0
10.8.0.2 10.8.0.2 UH 1 0 utun0
10.190.17.74 10.190.17.74 UHr 4 0 pdp_ip0
10.190.17.74/32 link#2 UCS 1 0 pdp_ip0
127 127.0.0.1 UCS 1 0 lo0
127.0.0.1 127.0.0.1 UH 12 1309557 lo0
169.254 link#8 UCS 1 0 en0
192.168.1 link#8 UCS 1 0 en0
192.168.1.1/32 link#8 UCS 2 0 en0
192.168.1.1 UHLWIir 4 0 en0 1178
192.168.1.37/32 link#8 UCS 1 0 en0
224.0.0 link#8 UmCS 2 0 en0
224.0.0 link#2 UmCSI 1 0 pdp_ip0
224.0.0.251 1:0:5e:0:0:fb UHmLWI 1 0 en0
255.255.255.255/32 link#8 UCS 1 0 en0
255.255.255.255/32 link#2 UCSI 1 0 pdp_ip0

Any idea how to fix it?

thanks in advance

TinCanTech · Post by **TinCanTech** » Sat Sep 03, 2016 3:51 pm

ivaner wrote:I try to push a route path in the server.conf file

push "route 192.168.1.0 255.255.255.128 def1"
push "route 192.168.1.128 255.255.255.128 def1"

Try this:

Code: Select all

push "route 192.168.1.0 255.255.255.128"
push "route 192.168.1.128 255.255.255.128"

ivaner · Post by **ivaner** » Sun Sep 04, 2016 6:30 pm

Hi TicanTech,

I tried and the result still is the same. This is the log of the ios device and the routing table after the changes.

2016-09-04 20:17:13 SSL Handshake: TLSv1.2/TLS-DHE-RSA-WITH-AES-256-GCM-SHA384
2016-09-04 20:17:13 Session is ACTIVE
2016-09-04 20:17:13 EVENT: GET_CONFIG
2016-09-04 20:17:13 Sending PUSH_REQUEST to server...
2016-09-04 20:17:14 Sending PUSH_REQUEST to server...
2016-09-04 20:17:15 OPTIONS:
0 [route] [192.168.1.0] [255.255.255.128]
1 [route] [192.168.1.128] [255.255.255.128]
2 [route] [192.168.20.0] [255.255.255.0]
3 [redirect-gateway] [def1]
4 [dhcp-option] [DNS] [10.8.0.1]
5 [route-gateway] [10.8.0.1]
6 [topology] [subnet]
7 [ping] [10]
8 [ping-restart] [120]
9 [ifconfig] [10.8.0.2] [255.255.255.0]

2016-09-04 20:17:15 PROTOCOL OPTIONS:
cipher: BF-CBC
digest: SHA1
compress: LZO
peer ID: -1
2016-09-04 20:17:15 EVENT: ASSIGN_IP
2016-09-04 20:17:15 TunPersist: saving tun context:
Session Name: mercadoit.ddns.net
Layer: OSI_LAYER_3
Remote Address: x.x.x.x
Tunnel Addresses:
10.8.0.2/24 -> 10.8.0.1
Reroute Gateway: IPv4=1 IPv6=0 flags=[ ENABLE REROUTE_GW DEF1 IPv4 ]
Block IPv6: no
Add Routes:
Exclude Routes:
DNS Servers:
10.8.0.1
Search Domains:

2016-09-04 20:17:15 Connected via tun
2016-09-04 20:17:15 EVENT: CONNECTED @x.x.x.x.x:xxxx (x.x.x.x) via /UDPv4 on tun/10.8.0.2/
2016-09-04 20:17:15 LZO-ASYM init swap=0 asym=0
2016-09-04 20:17:15 SetStatus Connected

routing tables

Internet:
Destination Gateway Flags Refs Use Netif Expire
default link#11 UCS 13 0 utun0
default 10.33.252.149 UGScI 5 0 pdp_ip0
default 192.168.1.1 UGScI 4 0 en0
10.8/24 link#11 UCS 2 0 utun0
10.8.0.1 link#11 UHWIi 1 17 utun0
10.8.0.2 10.8.0.2 UH 1 0 utun0
10.33.252.149 10.33.252.149 UHr 5 0 pdp_ip0
10.33.252.149/32 link#2 UCS 1 0 pdp_ip0
x.x.x.x link#11 UHWIi 2 18 utun0
x.x.x.x 192.168.1.1 UGHS 2 854 en0
127 127.0.0.1 UCS 1 0 lo0
127.0.0.1 127.0.0.1 UH 1 0 lo0
169.254 link#8 UCS 1 0 en0
192.168.1 link#8 UCS 6 0 en0
192.168.1.1/32 link#8 UCS 2 0 en0
192.168.1.1 d4:7b:b0:59:c4:6d UHLWIir 6 0 en0 x.x.x
192.168.1.2 e4:48:c7:e2:98:b3 UHLWIi 1 0 en0
192.168.1.40 80:ea:96:92:f9:4e UHLWIi 1 0 en0
192.168.1.178/32 link#8 UCS 1 0 en0
192.168.1.185 link#8 UHRLWIi 1 15 en0 4
192.168.1.196 link#8 UHRLWIi 2 8 en0 10
224.0.0 link#8 UmCS 2 0 en0
224.0.0 link#2 UmCSI 1 0 pdp_ip0
224.0.0.251 1:0:5e:0:0:fb UHmLWI 1 0 en0
255.255.255.255/32 link#8 UCS 1 0 en0
255.255.255.255/32 link#2 UCSI 1 0 pdp_ip0

thanks

TinCanTech · Post by **TinCanTech** » Mon Sep 05, 2016 10:33 am

ivaner wrote:I tried and the result still is the same

No the result is not the same, because using def1 like this:

ivaner wrote:push "route 192.168.1.0 255.255.255.128 def1"
push "route 192.168.1.128 255.255.255.128 def1"

is an error, but pushing these routes:

TinCanTech wrote:push "route 192.168.1.0 255.255.255.128"
push "route 192.168.1.128 255.255.255.128"

is at least the correct syntax.

ivaner wrote:The problem that I see is that the routing table on the ios device don´t change the rounting table

As I explain above .. using def1 is an error.

ivaner wrote:the subnet that I'm facing the ios problems is in 192.168.1.0/24. I know that having the same subnet on both sides can cause some issues, but for know I can't change the server subnet

Then your problem will persist.

ivaner · Post by **ivaner** » Mon Sep 05, 2016 11:28 am

Hi,

Sorry for my "sintax error", but I wanted to say that I still can´t connect via wifi in my ios device. For your last sentence I see that the only solution is to change the network at the server side. But I don´t understand why my other devices works and the ios device doesn´t work.

Thanks

TinCanTech · Post by **TinCanTech** » Mon Sep 05, 2016 11:58 am

I cannot explain why your other devices work without seeing your full configs and logs ..

If over coming network conflicts were as easy as setting the routes you prescribe then there would be no need to worry about network conflicts. It may work in some circumstances and it may not in others; this, I can only presume, is down to how different operating systems implement routing .. but even that is guess.

The most important lesson to learn here is: Do it right or expect weird results. Ergo, change your server subnet.

ivaner wrote:but for know I can't change the server subnet

How about now ? .. save yourself the headache and get this resolved.

ivaner · Post by **ivaner** » Mon Sep 05, 2016 12:15 pm

Thanks a lot for your time. I´ll do that, I will fight to change the server subnet.

OpenVPN Support Forum

Routing problem IOS device via WIFI

Routing problem IOS device via WIFI

Re: Routing problem IOS device via WIFI

Re: Routing problem IOS device via WIFI

Re: Routing problem IOS device via WIFI

Re: Routing problem IOS device via WIFI

Re: Routing problem IOS device via WIFI

Re: Routing problem IOS device via WIFI