I've an issue when connecting from an OpenVPN client towards my Server. During, the connection I get the following error:
Log
Mon Jul 29 16:51:44 2019 Unrecognized option or missing parameter(s) in /etc/openvpn/client.ovpn:14: block-outside-dns (2.3.6)
Mon Jul 29 16:51:44 2019 OpenVPN 2.3.6 mipsel-oe-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [MH] [IPv6] built on Dec 1 2016
Mon Jul 29 16:51:44 2019 library versions: OpenSSL 1.0.2a 19 Mar 2015, LZO 2.09
..
Mon Jul 29 16:51:48 2019 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 192.168.1.254,route-gateway 10.8.0.1,topology subnet,ping 10,ping-restart 120,ifconfig 10.8.0.6 255.255.255.0'
Mon Jul 29 16:51:48 2019 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jul 29 16:51:48 2019 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jul 29 16:51:48 2019 OPTIONS IMPORT: route options modified
Mon Jul 29 16:51:48 2019 OPTIONS IMPORT: route-related options modified
Mon Jul 29 16:51:48 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Jul 29 16:51:48 2019 ROUTE_GATEWAY 192.168.1.1/255.255.255.0 IFACE=wlan0 HWADDR=c0:4a:00:15:47:af
Mon Jul 29 16:51:48 2019 TUN/TAP device tun0 opened
Mon Jul 29 16:51:48 2019 TUN/TAP TX queue length set to 100
Mon Jul 29 16:51:48 2019 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Mon Jul 29 16:51:48 2019 /sbin/ip link set dev tun0 up mtu 1500
Mon Jul 29 16:51:48 2019 /sbin/ip addr add dev tun0 10.8.0.6/24 broadcast 10.8.0.255
Mon Jul 29 16:51:49 2019 /sbin/ip route add SERVER_IP/32 via 192.168.1.1
Mon Jul 29 16:51:49 2019 /sbin/ip route add 0.0.0.0/1 via 10.8.0.1
Mon Jul 29 16:51:49 2019 /sbin/ip route add 128.0.0.0/1 via 10.8.0.1
Mon Jul 29 16:51:49 2019 /sbin/ip route add 192.168.1.0/24 via 10.8.0.1
ip: RTNETLINK answers: File exists
Mon Jul 29 16:51:49 2019 ERROR: Linux route add command failed: external program exited with error status: 2
Mon Jul 29 16:51:49 2019 Initialization Sequence Completed
Here, the connection with the server is done but I'm not able to ping the remote devices that are in the 192.168.1.X subnet.
Client configuration is:
Client Config
client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote SERVER_IP SERVER_PORT
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
setenv opt block-outside-dns
key-direction 1
verb 3
<ca>
-----BEGIN CERTIFICATE-----
...
And server configuration is:
Server Config
port 1194
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.1.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.1.254"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem
duplicate-cn
Where I make the mistake?
Thanks for your help