OpenVPN connection establish but no access to local devices

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
kalatos
OpenVpn Newbie
Posts: 10
Joined: Wed Nov 27, 2019 12:36 am

OpenVPN connection establish but no access to local devices

Post by kalatos » Wed Nov 27, 2019 12:53 am

Hello Dears,

I have quite typical configuration meaning I would like to access Windows Server and other computers mostly with Windows 7 and Windows 10 located in company from my private computer.

In order to secure connectivity I decided to use OpenVPN as a tool to setup secured tunnel.

In fact after reading very good tutorial I manage to get connection from client to server but still I cannot access any of devices from LAN network including OpenVPN server.

Both server and Client are on Windows Environment.

Configuration for Server (Windows Server 2012):

Server config
#################################################
# Sample OpenVPN 2.0 config file for #
# multi-client server. #
# #
# This file is for the server side #
# of a many-clients <-> one-server #
# OpenVPN configuration. #
# #
# OpenVPN also supports #
# single-machine <-> single-machine #
# configurations (See the Examples page #
# on the web site for more info). #
# #
# This config should work on Windows #
# or Linux/BSD systems. Remember on #
# Windows to quote pathnames and use #
# double backslashes, e.g.: #
# "C:\\Program Files\\OpenVPN\\config\\foo.key" #
# #
# Comments are preceded with '#' or ';' #
#################################################

# Which local IP address should OpenVPN
# listen on? (optional)
;local a.b.c.d

# Which TCP/UDP port should OpenVPN listen on?
# If you want to run multiple OpenVPN instances
# on the same machine, use a different port
# number for each one. You will need to
# open up this port on your firewall.
port 1194

# TCP or UDP server?
;proto tcp
proto udp

# "dev tun" will create a routed IP tunnel,
# "dev tap" will create an ethernet tunnel.
# Use "dev tap0" if you are ethernet bridging
# and have precreated a tap0 virtual interface
# and bridged it with your ethernet interface.
# If you want to control access policies
# over the VPN, you must create firewall
# rules for the the TUN/TAP interface.
# On non-Windows systems, you can give
# an explicit unit number, such as tun0.
# On Windows, use "dev-node" for this.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel if you
# have more than one. On XP SP2 or higher,
# you may need to selectively disable the
# Windows firewall for the TAP adapter.
# Non-Windows systems usually don't need this.
;dev-node MyTap

# SSL/TLS root certificate (ca), certificate
# (cert), and private key (key). Each client
# and the server must have their own cert and
# key file. The server and all clients will
# use the same ca file.
#
# See the "easy-rsa" directory for a series
# of scripts for generating RSA certificates
# and private keys. Remember to use
# a unique Common Name for the server
# and each of the client certificates.
#
# Any X509 key management system can be used.
# OpenVPN can also use a PKCS #12 formatted key file
# (see "pkcs12" directive in man page).
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\server.crt"
key "C:\\Program Files\\OpenVPN\\config\\server.key"

# Diffie hellman parameters.
# Generate your own with:
# openssl dhparam -out dh2048.pem 2048
dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem"

# Network topology
# Should be subnet (addressing via IP)
# unless Windows clients v2.0.9 and lower have to
# be supported (then net30, i.e. a /30 per client)
# Defaults to net30 (not recommended)
;topology subnet

# Configure server mode and supply a VPN subnet
# for OpenVPN to draw client addresses from.
# The server will take 10.8.0.1 for itself,
# the rest will be made available to clients.
# Each client will be able to reach the server
# on 10.8.0.1. Comment this line out if you are
# ethernet bridging. See the man page for more info.
server 10.8.0.0 255.255.255.0

# Maintain a record of client <-> virtual IP address
# associations in this file. If OpenVPN goes down or
# is restarted, reconnecting clients can be assigned
# the same virtual IP address from the pool that was
# previously assigned.
ifconfig-pool-persist ipp.txt

# Configure server mode for ethernet bridging.
# You must first use your OS's bridging capability
# to bridge the TAP interface with the ethernet
# NIC interface. Then you must manually set the
# IP/netmask on the bridge interface, here we
# assume 10.8.0.4/255.255.255.0. Finally we
# must set aside an IP range in this subnet
# (start=10.8.0.50 end=10.8.0.100) to allocate
# to connecting clients. Leave this line commented
# out unless you are ethernet bridging.
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100

# Configure server mode for ethernet bridging
# using a DHCP-proxy, where clients talk
# to the OpenVPN server-side DHCP server
# to receive their IP address allocation
# and DNS server addresses. You must first use
# your OS's bridging capability to bridge the TAP
# interface with the ethernet NIC interface.
# Note: this mode only works on clients (such as
# Windows), where the client-side TAP adapter is
# bound to a DHCP client.
;server-bridge

# Push routes to the client to allow it
# to reach other private subnets behind
# the server. Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
push "route 192.168.0.0 255.255.255.0"

# To assign specific IP addresses to specific
# clients or if a connecting client has a private
# subnet behind it that should also have VPN access,
# use the subdirectory "ccd" for client-specific
# configuration files (see man page for more info).

# EXAMPLE: Suppose the client
# having the certificate common name "Thelonious"
# also has a small subnet behind his connecting
# machine, such as 192.168.40.128/255.255.255.248.
# First, uncomment out these lines:
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
# Then create a file ccd/Thelonious with this line:
# iroute 192.168.40.128 255.255.255.248
# This will allow Thelonious' private subnet to
# access the VPN. This example will only work
# if you are routing, not bridging, i.e. you are
# using "dev tun" and "server" directives.

# EXAMPLE: Suppose you want to give
# Thelonious a fixed VPN IP address of 10.9.0.1.
# First uncomment out these lines:
;client-config-dir ccd
;route 10.9.0.0 255.255.255.252
# Then add this line to ccd/Thelonious:
# ifconfig-push 10.9.0.1 10.9.0.2

# Suppose that you want to enable different
# firewall access policies for different groups
# of clients. There are two methods:
# (1) Run multiple OpenVPN daemons, one for each
# group, and firewall the TUN/TAP interface
# for each group/daemon appropriately.
# (2) (Advanced) Create a script to dynamically
# modify the firewall in response to access
# from different clients. See man
# page for more info on learn-address script.
;learn-address ./script

# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# or bridge the TUN/TAP interface to the internet
# in order for this to work properly).
;push "redirect-gateway def1 bypass-dhcp"

# Certain Windows-specific network settings
# can be pushed to clients, such as DNS
# or WINS server addresses. CAVEAT:
# http://openvpn.net/faq.html#dhcpcaveats
# The addresses below refer to the public
# DNS servers provided by opendns.com.
push "dhcp-option DNS 192.168.0.1"
push "dhcp-option DNS 8.8.8.8"

# Uncomment this directive to allow different
# clients to be able to "see" each other.
# By default, clients will only see the server.
# To force clients to only see the server, you
# will also need to appropriately firewall the
# server's TUN/TAP interface.
client-to-client

# Uncomment this directive if multiple clients
# might connect with the same certificate/key
# files or common names. This is recommended
# only for testing purposes. For production use,
# each client should have its own certificate/key
# pair.
#
# IF YOU HAVE NOT GENERATED INDIVIDUAL
# CERTIFICATE/KEY PAIRS FOR EACH CLIENT,
# EACH HAVING ITS OWN UNIQUE "COMMON NAME",
# UNCOMMENT THIS LINE OUT.
;duplicate-cn

# The keepalive directive causes ping-like
# messages to be sent back and forth over
# the link so that each side knows when
# the other side has gone down.
# Ping every 10 seconds, assume that remote
# peer is down if no ping received during
# a 120 second time period.
keepalive 10 120

# For extra security beyond that provided
# by SSL/TLS, create an "HMAC firewall"
# to help block DoS attacks and UDP port flooding.
#
# Generate with:
# openvpn --genkey --secret ta.key
#
# The server and each client must have
# a copy of this key.
# The second parameter should be '0'
# on the server and '1' on the clients.
tls-auth ta.key 0 # This file is secret

# Select a cryptographic cipher.
# This config item must be copied to
# the client config file as well.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
# See also the ncp-cipher option in the manpage
cipher AES-256-CBC

# Enable compression on the VPN link and push the
# option to the client (v2.4+ only, for earlier
# versions see below)
;compress lz4-v2
;push "compress lz4-v2"

# For compression compatible with older clients use comp-lzo
# If you enable it here, you must also
# enable it in the client config file.
;comp-lzo

# The maximum number of concurrently connected
# clients we want to allow.
;max-clients 100

# It's a good idea to reduce the OpenVPN
# daemon's privileges after initialization.
#
# You can uncomment this out on
# non-Windows systems.
;user nobody
;group nobody

# The persist options will try to avoid
# accessing certain resources on restart
# that may no longer be accessible because
# of the privilege downgrade.
persist-key
persist-tun

# Output a short status file showing
# current connections, truncated
# and rewritten every minute.
status openvpn-status.log

# By default, log messages will go to the syslog (or
# on Windows, if running as a service, they will go to
# the "\Program Files\OpenVPN\log" directory).
# Use log or log-append to override this default.
# "log" will truncate the log file on OpenVPN startup,
# while "log-append" will append to it. Use one
# or the other (but not both).
;log openvpn.log
;log-append openvpn.log

# Set the appropriate level of log
# file verbosity.
#
# 0 is silent, except for fatal errors
# 4 is reasonable for general usage
# 5 and 6 can help to debug connection problems
# 9 is extremely verbose
verb 3

# Silence repeating messages. At most 20
# sequential messages of the same message
# category will be output to the log.
;mute 20

# Notify the client that when the server restarts so it
# can automatically reconnect.
explicit-exit-notify 1


Here is the configuration of Client:

Client config
##############################################
# Sample client-side OpenVPN 2.0 config file #
# for connecting to multi-client server. #
# #
# This configuration can be used by multiple #
# clients, however each client should have #
# its own cert and key files. #
# #
# On Windows, you might want to rename this #
# file so it has a .ovpn extension #
##############################################

# Specify that we are a client and that we
# will be pulling certain config file directives
# from the server.
client

# Use the same setting as you are using on
# the server.
# On most systems, the VPN will not function
# unless you partially or fully disable
# the firewall for the TUN/TAP interface.
;dev tap
dev tun

# Windows needs the TAP-Win32 adapter name
# from the Network Connections panel
# if you have more than one. On XP SP2,
# you may need to disable the firewall
# for the TAP adapter.
;dev-node MyTap

# Are we connecting to a TCP or
# UDP server? Use the same setting as
# on the server.
;proto tcp
proto udp

# The hostname/IP and port of the server.
# You can have multiple remote entries
# to load balance between the servers.
remote 82.160.124.120 1194
;remote my-server-2 1194

# Choose a random host from the remote
# list for load-balancing. Otherwise
# try hosts in the order specified.
;remote-random

# Keep trying indefinitely to resolve the
# host name of the OpenVPN server. Very useful
# on machines which are not permanently connected
# to the internet such as laptops.
resolv-retry infinite

# Most clients don't need to bind to
# a specific local port number.
nobind

# Downgrade privileges after initialization (non-Windows only)
;user nobody
;group nobody

# Try to preserve some state across restarts.
persist-key
persist-tun

# If you are connecting through an
# HTTP proxy to reach the actual OpenVPN
# server, put the proxy server/IP and
# port number here. See the man page
# if your proxy server requires
# authentication.
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]

# Wireless networks often produce a lot
# of duplicate packets. Set this flag
# to silence duplicate packet warnings.
;mute-replay-warnings

# SSL/TLS parms.
# See the server config file for more
# description. It's best to use
# a separate .crt/.key file pair
# for each client. A single ca
# file can be used for all clients.
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\lukasz-laptop.crt"
key "C:\\Program Files\\OpenVPN\\config\\lukasz-laptop.key"

# Verify server certificate by checking that the
# certicate has the correct key usage set.
# This is an important precaution to protect against
# a potential attack discussed here:
# http://openvpn.net/howto.html#mitm
#
# To use this feature, you will need to generate
# your server certificates with the keyUsage set to
# digitalSignature, keyEncipherment
# and the extendedKeyUsage to
# serverAuth
# EasyRSA can do this for you.
remote-cert-tls server

# If a tls-auth key is used on the server
# then every client must also have the key.
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1

# Select a cryptographic cipher.
# If the cipher option is used on the server
# then you must also specify it here.
# Note that v2.4 client/server will automatically
# negotiate AES-256-GCM in TLS mode.
# See also the ncp-cipher option in the manpage
cipher AES-256-CBC

# Enable compression on the VPN link.
# Don't enable this unless it is also
# enabled in the server config file.
#comp-lzo

# Set log file verbosity.
verb 3

# Silence repeating messages
;mute 20


Here is the log from the client site while login in:

Code: Select all

Wed Nov 27 01:30:22 2019 OpenVPN 2.4.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 31 2019
Wed Nov 27 01:30:22 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Nov 27 01:30:22 2019 library versions: OpenSSL 1.1.0l  10 Sep 2019, LZO 2.10
Wed Nov 27 01:30:22 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Wed Nov 27 01:30:22 2019 Need hold release from management interface, waiting...
Wed Nov 27 01:30:22 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Wed Nov 27 01:30:22 2019 MANAGEMENT: CMD 'state on'
Wed Nov 27 01:30:22 2019 MANAGEMENT: CMD 'log all on'
Wed Nov 27 01:30:22 2019 MANAGEMENT: CMD 'echo all on'
Wed Nov 27 01:30:22 2019 MANAGEMENT: CMD 'bytecount 5'
Wed Nov 27 01:30:22 2019 MANAGEMENT: CMD 'hold off'
Wed Nov 27 01:30:22 2019 MANAGEMENT: CMD 'hold release'
Wed Nov 27 01:30:22 2019 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 27 01:30:22 2019 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Wed Nov 27 01:30:22 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]82.160.124.120:1194
Wed Nov 27 01:30:22 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Wed Nov 27 01:30:22 2019 UDP link local: (not bound)
Wed Nov 27 01:30:22 2019 UDP link remote: [AF_INET]82.160.124.120:1194
Wed Nov 27 01:30:22 2019 MANAGEMENT: >STATE:1574814622,WAIT,,,,,,
Wed Nov 27 01:30:23 2019 MANAGEMENT: >STATE:1574814623,AUTH,,,,,,
Wed Nov 27 01:30:23 2019 TLS: Initial packet from [AF_INET]82.160.124.120:1194, sid=996680fe 9ee7fbd5
Wed Nov 27 01:30:23 2019 VERIFY OK: depth=1, C=PL, ST=Mazowieckie, L=Zyrardow, O=DPSSosabowski, OU=changeme, CN=OpenVPNCA-DPS, name=OpenVPNCA-DPS, emailAddress=it@dpssosabowski.pl
Wed Nov 27 01:30:23 2019 VERIFY KU OK
Wed Nov 27 01:30:23 2019 Validating certificate extended key usage
Wed Nov 27 01:30:23 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Wed Nov 27 01:30:23 2019 VERIFY EKU OK
Wed Nov 27 01:30:23 2019 VERIFY OK: depth=0, C=PL, ST=PL, L=Zyrardow, O=DPS, OU=changeme, CN=changeme, name=changeme, emailAddress=it@dpssosabowski.pl
Wed Nov 27 01:30:23 2019 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Wed Nov 27 01:30:23 2019 [changeme] Peer Connection Initiated with [AF_INET]82.160.124.120:1194
Wed Nov 27 01:30:24 2019 MANAGEMENT: >STATE:1574814624,GET_CONFIG,,,,,,
Wed Nov 27 01:30:24 2019 SENT CONTROL [changeme]: 'PUSH_REQUEST' (status=1)
Wed Nov 27 01:30:24 2019 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,dhcp-option DNS 192.168.0.1,dhcp-option DNS 8.8.8.8,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM'
Wed Nov 27 01:30:24 2019 OPTIONS IMPORT: timers and/or timeouts modified
Wed Nov 27 01:30:24 2019 OPTIONS IMPORT: --ifconfig/up options modified
Wed Nov 27 01:30:24 2019 OPTIONS IMPORT: route options modified
Wed Nov 27 01:30:24 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Wed Nov 27 01:30:24 2019 OPTIONS IMPORT: peer-id set
Wed Nov 27 01:30:24 2019 OPTIONS IMPORT: adjusting link_mtu to 1624
Wed Nov 27 01:30:24 2019 OPTIONS IMPORT: data channel crypto options modified
Wed Nov 27 01:30:24 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Wed Nov 27 01:30:24 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Nov 27 01:30:24 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Nov 27 01:30:24 2019 interactive service msg_channel=724
Wed Nov 27 01:30:24 2019 ROUTE_GATEWAY 10.5.236.254/255.255.255.0 I=11 HWADDR=fc:aa:14:72:82:8b
Wed Nov 27 01:30:24 2019 open_tun
Wed Nov 27 01:30:24 2019 TAP-WIN32 device [Połączenie lokalne 2] opened: \\.\Global\{96555132-7F8B-41CC-A182-0D3E9D962F01}.tap
Wed Nov 27 01:30:24 2019 TAP-Windows Driver Version 9.24 
Wed Nov 27 01:30:24 2019 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {96555132-7F8B-41CC-A182-0D3E9D962F01} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Wed Nov 27 01:30:24 2019 Successful ARP Flush on interface [28] {96555132-7F8B-41CC-A182-0D3E9D962F01}
Wed Nov 27 01:30:24 2019 MANAGEMENT: >STATE:1574814624,ASSIGN_IP,,10.8.0.6,,,,
Wed Nov 27 01:30:29 2019 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
Wed Nov 27 01:30:29 2019 MANAGEMENT: >STATE:1574814629,ADD_ROUTES,,,,,,
Wed Nov 27 01:30:29 2019 C:\WINDOWS\system32\route.exe ADD 192.168.0.0 MASK 255.255.255.0 10.8.0.5
Wed Nov 27 01:30:29 2019 Route addition via service succeeded
Wed Nov 27 01:30:29 2019 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.5
Wed Nov 27 01:30:29 2019 Route addition via service succeeded
Wed Nov 27 01:30:29 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Wed Nov 27 01:30:29 2019 Initialization Sequence Completed
Wed Nov 27 01:30:29 2019 MANAGEMENT: >STATE:1574814629,CONNECTED,SUCCESS,10.8.0.6,82.160.124.120,1194,,
The Local network on the server side is 192.168.0.0 / 255.255.255.0

Here are the ipconfing configuration from the server:

Code: Select all

Unknown adapter Połączenie lokalne:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-B1-A5-15-F3
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c147:aad3:642a:7760%17(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.8.0.1(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.252
   Lease Obtained. . . . . . . . . . : 27 listopada 2019 01:49:14
   Lease Expires . . . . . . . . . . : 26 listopada 2020 01:49:14
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . : 10.8.0.2
   DHCPv6 IAID . . . . . . . . . . . : 520159153
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-B8-66-B8-A0-1D-48-97-EB-90

   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : HP Ethernet 1Gb 2-port 332i Adapter
   Physical Address. . . . . . . . . : A0-1D-48-97-EB-90
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::41b2:d1a:7452:8c11%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.180(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 262151496
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-B8-66-B8-A0-1D-48-97-EB-

   DNS Servers . . . . . . . . . . . : ::1
                                       192.168.0.1
                                       8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled
And the one from the client site:

Code: Select all

Ethernet adapter Połączenie lokalne:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GbE Family Controller
   Physical Address. . . . . . . . . : FC-AA-14-72-82-8B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::ddbf:3626:51ef:d326%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.5.236.108(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 26 listopada 2019 20:30:08
   Lease Expires . . . . . . . . . . : 27 listopada 2019 20:30:06
   Default Gateway . . . . . . . . . : 10.5.236.254
   DHCP Server . . . . . . . . . . . : 10.5.236.254
   DHCPv6 IAID . . . . . . . . . . . : 251439636
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-14-D2-60-FC-AA-14-72-82-8B
   DNS Servers . . . . . . . . . . . : 10.5.236.254
   NetBIOS over Tcpip. . . . . . . . : Enabled

Unknown adapter Połączenie lokalne 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-96-55-51-32
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::65b5:b350:4514:9da1%28(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.8.0.6(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.252
   Lease Obtained. . . . . . . . . . : 27 listopada 2019 01:50:47
   Lease Expires . . . . . . . . . . : 26 listopada 2020 01:50:47
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . : 10.8.0.5
   DHCPv6 IAID . . . . . . . . . . . : 469827478
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1E-14-D2-60-FC-AA-14-72-82-8B
   DNS Servers . . . . . . . . . . . : 192.168.0.1
                                       8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled
No ping possible from the client:

Code: Select all

C:\Users\Luk>ping 10.8.0.1

Pinging 10.8.0.1 with 32 bytes of data:
Control-C
^C
C:\Users\Luk>ping 192.168.0.180

Pinging 192.168.0.180 with 32 bytes of data:
Control-C
^C
C:\Users\Luk>
I will be really grateful I you could advice me what I am doing wrong.

Best regards,
Lukasz

kalatos
OpenVpn Newbie
Posts: 10
Joined: Wed Nov 27, 2019 12:36 am

Re: OpenVPN connection establish but no access to local devices

Post by kalatos » Sun Dec 01, 2019 9:43 pm

May I ask your support?

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN connection establish but no access to local devices

Post by TinCanTech » Sun Dec 01, 2019 11:11 pm

kalatos wrote:
Wed Nov 27, 2019 12:53 am
Hello Dears
Hello ....
kalatos wrote:
Sun Dec 01, 2019 9:43 pm
May I ask your support?
You read the howto, right ?

Notes:
  • No server log
  • Code: Select all

    push "route 192.168.0.0 255.255.255.0"
    See your server log.
  • kalatos wrote:
    Wed Nov 27, 2019 12:53 am
    No ping possible from the client
    Firewall.
https://community.openvpn.net/openvpn/ ... versubnet.

kalatos
OpenVpn Newbie
Posts: 10
Joined: Wed Nov 27, 2019 12:36 am

Re: OpenVPN connection establish but no access to local devices

Post by kalatos » Tue Dec 03, 2019 9:38 pm

Hello again,

thanks for the answer.

First of all just to have better view on the configuration file on the server site I managed to delete all the comments and here is the current state:

Code: Select all

local 192.168.0.180
port 1194
proto udp
dev tun

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\server.crt"
key "C:\\Program Files\\OpenVPN\\config\\server.key"
dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem"

server 10.8.0.0 255.255.255.0
#ifconfig-pool-persist ipp.txt
client-to-client

route 192.168.0.0 255.255.255.0
push "route 192.168.0.0 255.255.255.0"
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.0.1"

keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
persist-key
persist-tun
status openvpn-status.log
verb 6
explicit-exit-notify 1
route-method exe
route-delay 2
I have changed log level into 6 in order to have deeper info:

Code: Select all

Tue Dec 03 22:30:10 2019 us=257777 Current Parameter Settings:
Tue Dec 03 22:30:10 2019 us=257777   config = 'C:\Program Files\OpenVPN\config\server.ovpn'
Tue Dec 03 22:30:10 2019 us=257777   mode = 1
Tue Dec 03 22:30:10 2019 us=257777   show_ciphers = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   show_digests = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   show_engines = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   genkey = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   key_pass_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=257777   show_tls_ciphers = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   connect_retry_max = 0
Tue Dec 03 22:30:10 2019 us=257777 Connection profiles [0]:
Tue Dec 03 22:30:10 2019 us=257777   proto = udp
Tue Dec 03 22:30:10 2019 us=257777   local = '192.168.0.180'
Tue Dec 03 22:30:10 2019 us=257777   local_port = '1194'
Tue Dec 03 22:30:10 2019 us=257777   remote = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=257777   remote_port = '1194'
Tue Dec 03 22:30:10 2019 us=257777   remote_float = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   bind_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   bind_local = ENABLED
Tue Dec 03 22:30:10 2019 us=257777   bind_ipv6_only = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   connect_retry_seconds = 5
Tue Dec 03 22:30:10 2019 us=257777   connect_timeout = 120
Tue Dec 03 22:30:10 2019 us=257777   socks_proxy_server = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=257777   socks_proxy_port = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=257777   tun_mtu = 1500
Tue Dec 03 22:30:10 2019 us=257777   tun_mtu_defined = ENABLED
Tue Dec 03 22:30:10 2019 us=257777   link_mtu = 1500
Tue Dec 03 22:30:10 2019 us=257777   link_mtu_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   tun_mtu_extra = 0
Tue Dec 03 22:30:10 2019 us=257777   tun_mtu_extra_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   mtu_discover_type = -1
Tue Dec 03 22:30:10 2019 us=257777   fragment = 0
Tue Dec 03 22:30:10 2019 us=257777   mssfix = 1450
Tue Dec 03 22:30:10 2019 us=257777   explicit_exit_notification = 1
Tue Dec 03 22:30:10 2019 us=273404 Connection profiles END
Tue Dec 03 22:30:10 2019 us=273404   remote_random = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   ipchange = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   dev = 'tun'
Tue Dec 03 22:30:10 2019 us=273404   dev_type = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   dev_node = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   lladdr = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   topology = 1
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_local = '10.8.0.1'
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_remote_netmask = '10.8.0.2'
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_noexec = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_nowarn = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_ipv6_local = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_ipv6_netbits = 0
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_ipv6_remote = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   shaper = 0
Tue Dec 03 22:30:10 2019 us=273404   mtu_test = 0
Tue Dec 03 22:30:10 2019 us=273404   mlock = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   keepalive_ping = 10
Tue Dec 03 22:30:10 2019 us=273404   keepalive_timeout = 120
Tue Dec 03 22:30:10 2019 us=273404   inactivity_timeout = 0
Tue Dec 03 22:30:10 2019 us=273404   ping_send_timeout = 10
Tue Dec 03 22:30:10 2019 us=273404   ping_rec_timeout = 240
Tue Dec 03 22:30:10 2019 us=273404   ping_rec_timeout_action = 2
Tue Dec 03 22:30:10 2019 us=273404   ping_timer_remote = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   remap_sigusr1 = 0
Tue Dec 03 22:30:10 2019 us=273404   persist_tun = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   persist_local_ip = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   persist_remote_ip = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   persist_key = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   passtos = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   resolve_retry_seconds = 1000000000
Tue Dec 03 22:30:10 2019 us=273404   resolve_in_advance = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   username = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   groupname = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   chroot_dir = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   cd_dir = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   writepid = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   up_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   down_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   down_pre = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   up_restart = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   up_delay = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   daemon = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   inetd = 0
Tue Dec 03 22:30:10 2019 us=273404   log = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   suppress_timestamps = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   machine_readable_output = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   nice = 0
Tue Dec 03 22:30:10 2019 us=273404   verbosity = 6
Tue Dec 03 22:30:10 2019 us=273404   mute = 0
Tue Dec 03 22:30:10 2019 us=273404   gremlin = 0
Tue Dec 03 22:30:10 2019 us=273404   status_file = 'openvpn-status.log'
Tue Dec 03 22:30:10 2019 us=273404   status_file_version = 1
Tue Dec 03 22:30:10 2019 us=273404   status_file_update_freq = 60
Tue Dec 03 22:30:10 2019 us=273404   occ = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   rcvbuf = 0
Tue Dec 03 22:30:10 2019 us=273404   sndbuf = 0
Tue Dec 03 22:30:10 2019 us=273404   sockflags = 0
Tue Dec 03 22:30:10 2019 us=273404   fast_io = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   comp.alg = 0
Tue Dec 03 22:30:10 2019 us=273404   comp.flags = 0
Tue Dec 03 22:30:10 2019 us=273404   route_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   route_default_gateway = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   route_default_metric = 0
Tue Dec 03 22:30:10 2019 us=273404   route_noexec = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   route_delay = 2
Tue Dec 03 22:30:10 2019 us=273404   route_delay_window = 30
Tue Dec 03 22:30:10 2019 us=273404   route_delay_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   route_nopull = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   route_gateway_via_dhcp = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   allow_pull_fqdn = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   route 10.8.0.0/255.255.255.0/default (not set)/default (not set)
Tue Dec 03 22:30:10 2019 us=273404   route 192.168.0.0/255.255.255.0/default (not set)/default (not set)
Tue Dec 03 22:30:10 2019 us=273404   management_addr = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_port = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_user_pass = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_log_history_cache = 250
Tue Dec 03 22:30:10 2019 us=273404   management_echo_buffer_size = 100
Tue Dec 03 22:30:10 2019 us=273404   management_write_peer_info_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_client_user = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_client_group = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_flags = 0
Tue Dec 03 22:30:10 2019 us=273404   shared_secret_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   key_direction = 0
Tue Dec 03 22:30:10 2019 us=273404   ciphername = 'AES-256-CBC'
Tue Dec 03 22:30:10 2019 us=273404   ncp_enabled = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Tue Dec 03 22:30:10 2019 us=273404   authname = 'SHA1'
Tue Dec 03 22:30:10 2019 us=273404   prng_hash = 'SHA1'
Tue Dec 03 22:30:10 2019 us=273404   prng_nonce_secret_len = 16
Tue Dec 03 22:30:10 2019 us=273404   keysize = 0
Tue Dec 03 22:30:10 2019 us=273404   engine = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   replay = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   mute_replay_warnings = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   replay_window = 64
Tue Dec 03 22:30:10 2019 us=273404   replay_time = 15
Tue Dec 03 22:30:10 2019 us=273404   packet_id_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   use_iv = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   test_crypto = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   tls_server = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   tls_client = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   key_method = 2
Tue Dec 03 22:30:10 2019 us=273404   ca_file = 'C:\Program Files\OpenVPN\config\ca.crt'
Tue Dec 03 22:30:10 2019 us=273404   ca_path = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   dh_file = 'C:\Program Files\OpenVPN\config\dh2048.pem'
Tue Dec 03 22:30:10 2019 us=273404   cert_file = 'C:\Program Files\OpenVPN\config\server.crt'
Tue Dec 03 22:30:10 2019 us=273404   extra_certs_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   priv_key_file = 'C:\Program Files\OpenVPN\config\server.key'
Tue Dec 03 22:30:10 2019 us=273404   pkcs12_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   cryptoapi_cert = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   cipher_list = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   cipher_list_tls13 = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   tls_cert_profile = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   tls_verify = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   tls_export_cert = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   verify_x509_type = 0
Tue Dec 03 22:30:10 2019 us=273404   verify_x509_name = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   crl_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   ns_cert_type = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=288993   remote_cert_eku = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=288993   ssl_flags = 0
Tue Dec 03 22:30:10 2019 us=288993   tls_timeout = 2
Tue Dec 03 22:30:10 2019 us=288993   renegotiate_bytes = -1
Tue Dec 03 22:30:10 2019 us=288993   renegotiate_packets = 0
Tue Dec 03 22:30:10 2019 us=288993   renegotiate_seconds = 3600
Tue Dec 03 22:30:10 2019 us=288993   handshake_window = 60
Tue Dec 03 22:30:10 2019 us=288993   transition_window = 3600
Tue Dec 03 22:30:10 2019 us=288993   single_session = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   push_peer_info = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   tls_exit = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   tls_auth_file = 'ta.key'
Tue Dec 03 22:30:10 2019 us=288993   tls_crypt_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_pin_cache_period = -1
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_id = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_id_management = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   server_network = 10.8.0.0
Tue Dec 03 22:30:10 2019 us=288993   server_netmask = 255.255.255.0
Tue Dec 03 22:30:10 2019 us=304654   server_network_ipv6 = ::
Tue Dec 03 22:30:10 2019 us=304654   server_netbits_ipv6 = 0
Tue Dec 03 22:30:10 2019 us=304654   server_bridge_ip = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   server_bridge_netmask = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   server_bridge_pool_start = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   server_bridge_pool_end = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'route 192.168.0.0 255.255.255.0'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'redirect-gateway def1'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'dhcp-option DNS 192.168.0.1'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'route 10.8.0.0 255.255.255.0'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'topology net30'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'ping 10'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'ping-restart 120'
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_defined = ENABLED
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_start = 10.8.0.4
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_end = 10.8.0.251
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_netmask = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_persist_filename = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_persist_refresh_freq = 600
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_ipv6_pool_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_ipv6_pool_base = ::
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_ipv6_pool_netbits = 0
Tue Dec 03 22:30:10 2019 us=304654   n_bcast_buf = 256
Tue Dec 03 22:30:10 2019 us=304654   tcp_queue_limit = 64
Tue Dec 03 22:30:10 2019 us=304654   real_hash_size = 256
Tue Dec 03 22:30:10 2019 us=304654   virtual_hash_size = 256
Tue Dec 03 22:30:10 2019 us=304654   client_connect_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   learn_address_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   client_disconnect_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   client_config_dir = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   ccd_exclusive = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   tmp_dir = 'C:\Windows\TEMP\'
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_local = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_remote_netmask = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_ipv6_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_ipv6_local = ::/0
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_ipv6_remote = ::
Tue Dec 03 22:30:10 2019 us=304654   enable_c2c = ENABLED
Tue Dec 03 22:30:10 2019 us=304654   duplicate_cn = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   cf_max = 0
Tue Dec 03 22:30:10 2019 us=304654   cf_per = 0
Tue Dec 03 22:30:10 2019 us=304654   max_clients = 1024
Tue Dec 03 22:30:10 2019 us=304654   max_routes_per_client = 256
Tue Dec 03 22:30:10 2019 us=304654   auth_user_pass_verify_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   auth_user_pass_verify_script_via_file = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   auth_token_generate = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   auth_token_lifetime = 0
Tue Dec 03 22:30:10 2019 us=304654   client = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   pull = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   auth_user_pass_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   show_net_up = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   route_method = 2
Tue Dec 03 22:30:10 2019 us=304654   block_outside_dns = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   ip_win32_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   ip_win32_type = 3
Tue Dec 03 22:30:10 2019 us=304654   dhcp_masq_offset = 0
Tue Dec 03 22:30:10 2019 us=304654   dhcp_lease_time = 31536000
Tue Dec 03 22:30:10 2019 us=304654   tap_sleep = 2
Tue Dec 03 22:30:10 2019 us=304654   dhcp_options = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   dhcp_renew = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   dhcp_pre_release = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   domain = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   netbios_scope = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   netbios_node_type = 0
Tue Dec 03 22:30:10 2019 us=304654   disable_nbt = DISABLED
Tue Dec 03 22:30:10 2019 us=304654 OpenVPN 2.4.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 31 2019
Tue Dec 03 22:30:10 2019 us=304654 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Dec 03 22:30:10 2019 us=304654 library versions: OpenSSL 1.1.0l  10 Sep 2019, LZO 2.10
Tue Dec 03 22:30:10 2019 us=320246 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x.  Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Tue Dec 03 22:30:10 2019 us=335869 Diffie-Hellman initialized with 2048 bit key
Tue Dec 03 22:30:10 2019 us=367155 Failed to extract curve from certificate (UNDEF), using secp384r1 instead.
Tue Dec 03 22:30:10 2019 us=367155 ECDH curve secp384r1 added
Tue Dec 03 22:30:10 2019 us=367155 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Dec 03 22:30:10 2019 us=367155 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Dec 03 22:30:10 2019 us=367155 TLS-Auth MTU parms [ L:1621 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Tue Dec 03 22:30:10 2019 us=367155 interactive service msg_channel=0
Tue Dec 03 22:30:10 2019 us=382764 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 I=12 HWADDR=a0:1d:48:97:eb:90
Tue Dec 03 22:30:10 2019 us=382764 open_tun
Tue Dec 03 22:30:10 2019 us=382764 TAP-WIN32 device [Połączenie lokalne] opened: \\.\Global\{B1A515F3-6DEE-4F63-9F7C-CC52F8158CDF}.tap
Tue Dec 03 22:30:10 2019 us=382764 TAP-Windows Driver Version 9.24 
Tue Dec 03 22:30:10 2019 us=382764 TAP-Windows MTU=1500
Tue Dec 03 22:30:10 2019 us=382764 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {B1A515F3-6DEE-4F63-9F7C-CC52F8158CDF} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Tue Dec 03 22:30:10 2019 us=382764 Sleeping for 2 seconds...
Tue Dec 03 22:30:12 2019 us=404843 Successful ARP Flush on interface [17] {B1A515F3-6DEE-4F63-9F7C-CC52F8158CDF}
Tue Dec 03 22:30:12 2019 us=404843 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Dec 03 22:30:12 2019 us=404843 C:\Windows\system32\route.exe ADD 192.168.0.0 MASK 255.255.255.0 10.8.0.2
Tue Dec 03 22:30:12 2019 us=404843 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Tue Dec 03 22:30:12 2019 us=436093 C:\Windows\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Tue Dec 03 22:30:12 2019 us=436093 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Tue Dec 03 22:30:12 2019 us=451710 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Tue Dec 03 22:30:12 2019 us=451710 Could not determine IPv4/IPv6 protocol. Using AF_INET
Tue Dec 03 22:30:12 2019 us=451710 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Dec 03 22:30:12 2019 us=451710 UDPv4 link local (bound): [AF_INET]192.168.0.180:1194
Tue Dec 03 22:30:12 2019 us=451710 UDPv4 link remote: [AF_UNSPEC]
Tue Dec 03 22:30:12 2019 us=451710 MULTI: multi_init called, r=256 v=256
Tue Dec 03 22:30:12 2019 us=451710 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Tue Dec 03 22:30:12 2019 us=451710 Initialization Sequence Completed
Telling that honestly based on it I am not able to tell what is wrong.

There is even problem to ping from the client side OpenVPN server.

Here is the log on the client side:

Code: Select all

Tue Dec 03 22:33:11 2019 OpenVPN 2.4.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 31 2019
Tue Dec 03 22:33:11 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Dec 03 22:33:11 2019 library versions: OpenSSL 1.1.0l  10 Sep 2019, LZO 2.10
Enter Management Password:
Tue Dec 03 22:33:11 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Dec 03 22:33:11 2019 Need hold release from management interface, waiting...
Tue Dec 03 22:33:12 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'state on'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'log all on'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'echo all on'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'bytecount 5'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'hold off'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'hold release'
Tue Dec 03 22:33:12 2019 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Dec 03 22:33:12 2019 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Dec 03 22:33:12 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]82.160.124.120:1194
Tue Dec 03 22:33:12 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Dec 03 22:33:12 2019 UDP link local: (not bound)
Tue Dec 03 22:33:12 2019 UDP link remote: [AF_INET]82.160.124.120:1194
Tue Dec 03 22:33:12 2019 MANAGEMENT: >STATE:1575408792,WAIT,,,,,,
Tue Dec 03 22:33:12 2019 MANAGEMENT: >STATE:1575408792,AUTH,,,,,,
Tue Dec 03 22:33:12 2019 TLS: Initial packet from [AF_INET]82.160.124.120:1194, sid=59784c37 9a7dd8a7
Tue Dec 03 22:33:12 2019 VERIFY OK: depth=1, C=PL, ST=Mazowieckie, L=Zyrardow, O=DPSSosabowski, OU=changeme, CN=OpenVPNCA-DPS, name=OpenVPNCA-DPS, emailAddress=it@dpssosabowski.pl
Tue Dec 03 22:33:12 2019 VERIFY KU OK
Tue Dec 03 22:33:12 2019 Validating certificate extended key usage
Tue Dec 03 22:33:12 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Dec 03 22:33:12 2019 VERIFY EKU OK
Tue Dec 03 22:33:12 2019 VERIFY OK: depth=0, C=PL, ST=PL, L=Zyrardow, O=DPS, OU=changeme, CN=changeme, name=changeme, emailAddress=it@dpssosabowski.pl
Tue Dec 03 22:33:12 2019 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Tue Dec 03 22:33:12 2019 [changeme] Peer Connection Initiated with [AF_INET]82.160.124.120:1194
Tue Dec 03 22:33:13 2019 MANAGEMENT: >STATE:1575408793,GET_CONFIG,,,,,,
Tue Dec 03 22:33:13 2019 SENT CONTROL [changeme]: 'PUSH_REQUEST' (status=1)
Tue Dec 03 22:33:13 2019 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,redirect-gateway def1,dhcp-option DNS 192.168.0.1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM'
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: timers and/or timeouts modified
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: --ifconfig/up options modified
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: route options modified
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: peer-id set
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: adjusting link_mtu to 1624
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: data channel crypto options modified
Tue Dec 03 22:33:13 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Tue Dec 03 22:33:13 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Dec 03 22:33:13 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Dec 03 22:33:13 2019 interactive service msg_channel=584
Tue Dec 03 22:33:13 2019 ROUTE_GATEWAY 10.5.236.254/255.255.255.0 I=12 HWADDR=fc:aa:14:72:82:8b
Tue Dec 03 22:33:13 2019 open_tun
Tue Dec 03 22:33:13 2019 TAP-WIN32 device [Połączenie lokalne 2] opened: \\.\Global\{96555132-7F8B-41CC-A182-0D3E9D962F01}.tap
Tue Dec 03 22:33:13 2019 TAP-Windows Driver Version 9.24 
Tue Dec 03 22:33:13 2019 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {96555132-7F8B-41CC-A182-0D3E9D962F01} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Tue Dec 03 22:33:13 2019 Successful ARP Flush on interface [9] {96555132-7F8B-41CC-A182-0D3E9D962F01}
Tue Dec 03 22:33:13 2019 MANAGEMENT: >STATE:1575408793,ASSIGN_IP,,10.8.0.6,,,,
Tue Dec 03 22:33:19 2019 TEST ROUTES: 3/3 succeeded len=2 ret=1 a=0 u/d=up
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 82.160.124.120 MASK 255.255.255.255 10.5.236.254
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 MANAGEMENT: >STATE:1575408799,ADD_ROUTES,,,,,,
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 192.168.0.0 MASK 255.255.255.0 10.8.0.5
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.5
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Dec 03 22:33:19 2019 Initialization Sequence Completed
Tue Dec 03 22:33:19 2019 MANAGEMENT: >STATE:1575408799,CONNECTED,SUCCESS,10.8.0.6,82.160.124.120,1194,,
As I mentioned all the firewalls on the client and server side has been disabled for test purposes but nothing was changed:

Code: Select all

C:\Users\Luk>ping 10.8.0.1

Pinging 10.8.0.1 with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 10.8.0.1:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Control-C
^C
C:\Users\Luk>tracert 10.8.0.1

Tracing route to 10.8.0.1 over a maximum of 30 hops

  1     *        *        *     Request timed out.
  2     *     ^C

C:\Users\Luk>ping 10.8.0.6

Pinging 10.8.0.6 with 32 bytes of data:
Reply from 10.8.0.6: bytes=32 time<1ms TTL=128

Ping statistics for 10.8.0.6:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

kalatos
OpenVpn Newbie
Posts: 10
Joined: Wed Nov 27, 2019 12:36 am

Re: OpenVPN connection establish but no access to local devices

Post by kalatos » Tue Dec 03, 2019 9:41 pm

Hello again,

thanks for the answer.

First of all just to have better view on the configuration file on the server site I managed to delete all the comments and here is the current state:

[oconf=]local 192.168.0.180
port 1194
proto udp
dev tun

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\server.crt"
key "C:\\Program Files\\OpenVPN\\config\\server.key"
dh "C:\\Program Files\\OpenVPN\\config\\dh2048.pem"

server 10.8.0.0 255.255.255.0
#ifconfig-pool-persist ipp.txt
client-to-client

route 192.168.0.0 255.255.255.0
push "route 192.168.0.0 255.255.255.0"
push "redirect-gateway def1"
push "dhcp-option DNS 192.168.0.1"

keepalive 10 120
tls-auth ta.key 0 # This file is secret
cipher AES-256-CBC
persist-key
persist-tun
status openvpn-status.log
verb 6
explicit-exit-notify 1
route-method exe
route-delay 2[/oconf]

I have changed log level into 6 in order to have deeper info:

Code: Select all

Tue Dec 03 22:30:10 2019 us=257777 Current Parameter Settings:
Tue Dec 03 22:30:10 2019 us=257777   config = 'C:\Program Files\OpenVPN\config\server.ovpn'
Tue Dec 03 22:30:10 2019 us=257777   mode = 1
Tue Dec 03 22:30:10 2019 us=257777   show_ciphers = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   show_digests = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   show_engines = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   genkey = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   key_pass_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=257777   show_tls_ciphers = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   connect_retry_max = 0
Tue Dec 03 22:30:10 2019 us=257777 Connection profiles [0]:
Tue Dec 03 22:30:10 2019 us=257777   proto = udp
Tue Dec 03 22:30:10 2019 us=257777   local = '192.168.0.180'
Tue Dec 03 22:30:10 2019 us=257777   local_port = '1194'
Tue Dec 03 22:30:10 2019 us=257777   remote = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=257777   remote_port = '1194'
Tue Dec 03 22:30:10 2019 us=257777   remote_float = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   bind_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   bind_local = ENABLED
Tue Dec 03 22:30:10 2019 us=257777   bind_ipv6_only = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   connect_retry_seconds = 5
Tue Dec 03 22:30:10 2019 us=257777   connect_timeout = 120
Tue Dec 03 22:30:10 2019 us=257777   socks_proxy_server = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=257777   socks_proxy_port = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=257777   tun_mtu = 1500
Tue Dec 03 22:30:10 2019 us=257777   tun_mtu_defined = ENABLED
Tue Dec 03 22:30:10 2019 us=257777   link_mtu = 1500
Tue Dec 03 22:30:10 2019 us=257777   link_mtu_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   tun_mtu_extra = 0
Tue Dec 03 22:30:10 2019 us=257777   tun_mtu_extra_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=257777   mtu_discover_type = -1
Tue Dec 03 22:30:10 2019 us=257777   fragment = 0
Tue Dec 03 22:30:10 2019 us=257777   mssfix = 1450
Tue Dec 03 22:30:10 2019 us=257777   explicit_exit_notification = 1
Tue Dec 03 22:30:10 2019 us=273404 Connection profiles END
Tue Dec 03 22:30:10 2019 us=273404   remote_random = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   ipchange = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   dev = 'tun'
Tue Dec 03 22:30:10 2019 us=273404   dev_type = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   dev_node = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   lladdr = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   topology = 1
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_local = '10.8.0.1'
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_remote_netmask = '10.8.0.2'
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_noexec = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_nowarn = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_ipv6_local = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_ipv6_netbits = 0
Tue Dec 03 22:30:10 2019 us=273404   ifconfig_ipv6_remote = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   shaper = 0
Tue Dec 03 22:30:10 2019 us=273404   mtu_test = 0
Tue Dec 03 22:30:10 2019 us=273404   mlock = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   keepalive_ping = 10
Tue Dec 03 22:30:10 2019 us=273404   keepalive_timeout = 120
Tue Dec 03 22:30:10 2019 us=273404   inactivity_timeout = 0
Tue Dec 03 22:30:10 2019 us=273404   ping_send_timeout = 10
Tue Dec 03 22:30:10 2019 us=273404   ping_rec_timeout = 240
Tue Dec 03 22:30:10 2019 us=273404   ping_rec_timeout_action = 2
Tue Dec 03 22:30:10 2019 us=273404   ping_timer_remote = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   remap_sigusr1 = 0
Tue Dec 03 22:30:10 2019 us=273404   persist_tun = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   persist_local_ip = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   persist_remote_ip = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   persist_key = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   passtos = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   resolve_retry_seconds = 1000000000
Tue Dec 03 22:30:10 2019 us=273404   resolve_in_advance = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   username = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   groupname = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   chroot_dir = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   cd_dir = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   writepid = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   up_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   down_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   down_pre = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   up_restart = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   up_delay = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   daemon = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   inetd = 0
Tue Dec 03 22:30:10 2019 us=273404   log = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   suppress_timestamps = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   machine_readable_output = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   nice = 0
Tue Dec 03 22:30:10 2019 us=273404   verbosity = 6
Tue Dec 03 22:30:10 2019 us=273404   mute = 0
Tue Dec 03 22:30:10 2019 us=273404   gremlin = 0
Tue Dec 03 22:30:10 2019 us=273404   status_file = 'openvpn-status.log'
Tue Dec 03 22:30:10 2019 us=273404   status_file_version = 1
Tue Dec 03 22:30:10 2019 us=273404   status_file_update_freq = 60
Tue Dec 03 22:30:10 2019 us=273404   occ = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   rcvbuf = 0
Tue Dec 03 22:30:10 2019 us=273404   sndbuf = 0
Tue Dec 03 22:30:10 2019 us=273404   sockflags = 0
Tue Dec 03 22:30:10 2019 us=273404   fast_io = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   comp.alg = 0
Tue Dec 03 22:30:10 2019 us=273404   comp.flags = 0
Tue Dec 03 22:30:10 2019 us=273404   route_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   route_default_gateway = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   route_default_metric = 0
Tue Dec 03 22:30:10 2019 us=273404   route_noexec = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   route_delay = 2
Tue Dec 03 22:30:10 2019 us=273404   route_delay_window = 30
Tue Dec 03 22:30:10 2019 us=273404   route_delay_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   route_nopull = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   route_gateway_via_dhcp = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   allow_pull_fqdn = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   route 10.8.0.0/255.255.255.0/default (not set)/default (not set)
Tue Dec 03 22:30:10 2019 us=273404   route 192.168.0.0/255.255.255.0/default (not set)/default (not set)
Tue Dec 03 22:30:10 2019 us=273404   management_addr = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_port = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_user_pass = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_log_history_cache = 250
Tue Dec 03 22:30:10 2019 us=273404   management_echo_buffer_size = 100
Tue Dec 03 22:30:10 2019 us=273404   management_write_peer_info_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_client_user = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_client_group = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   management_flags = 0
Tue Dec 03 22:30:10 2019 us=273404   shared_secret_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   key_direction = 0
Tue Dec 03 22:30:10 2019 us=273404   ciphername = 'AES-256-CBC'
Tue Dec 03 22:30:10 2019 us=273404   ncp_enabled = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   ncp_ciphers = 'AES-256-GCM:AES-128-GCM'
Tue Dec 03 22:30:10 2019 us=273404   authname = 'SHA1'
Tue Dec 03 22:30:10 2019 us=273404   prng_hash = 'SHA1'
Tue Dec 03 22:30:10 2019 us=273404   prng_nonce_secret_len = 16
Tue Dec 03 22:30:10 2019 us=273404   keysize = 0
Tue Dec 03 22:30:10 2019 us=273404   engine = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   replay = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   mute_replay_warnings = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   replay_window = 64
Tue Dec 03 22:30:10 2019 us=273404   replay_time = 15
Tue Dec 03 22:30:10 2019 us=273404   packet_id_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   use_iv = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   test_crypto = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   tls_server = ENABLED
Tue Dec 03 22:30:10 2019 us=273404   tls_client = DISABLED
Tue Dec 03 22:30:10 2019 us=273404   key_method = 2
Tue Dec 03 22:30:10 2019 us=273404   ca_file = 'C:\Program Files\OpenVPN\config\ca.crt'
Tue Dec 03 22:30:10 2019 us=273404   ca_path = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   dh_file = 'C:\Program Files\OpenVPN\config\dh2048.pem'
Tue Dec 03 22:30:10 2019 us=273404   cert_file = 'C:\Program Files\OpenVPN\config\server.crt'
Tue Dec 03 22:30:10 2019 us=273404   extra_certs_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   priv_key_file = 'C:\Program Files\OpenVPN\config\server.key'
Tue Dec 03 22:30:10 2019 us=273404   pkcs12_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   cryptoapi_cert = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   cipher_list = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   cipher_list_tls13 = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   tls_cert_profile = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   tls_verify = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   tls_export_cert = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   verify_x509_type = 0
Tue Dec 03 22:30:10 2019 us=273404   verify_x509_name = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   crl_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=273404   ns_cert_type = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=273404   remote_cert_ku[i] = 0
Tue Dec 03 22:30:10 2019 us=288993   remote_cert_eku = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=288993   ssl_flags = 0
Tue Dec 03 22:30:10 2019 us=288993   tls_timeout = 2
Tue Dec 03 22:30:10 2019 us=288993   renegotiate_bytes = -1
Tue Dec 03 22:30:10 2019 us=288993   renegotiate_packets = 0
Tue Dec 03 22:30:10 2019 us=288993   renegotiate_seconds = 3600
Tue Dec 03 22:30:10 2019 us=288993   handshake_window = 60
Tue Dec 03 22:30:10 2019 us=288993   transition_window = 3600
Tue Dec 03 22:30:10 2019 us=288993   single_session = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   push_peer_info = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   tls_exit = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   tls_auth_file = 'ta.key'
Tue Dec 03 22:30:10 2019 us=288993   tls_crypt_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_protected_authentication = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_private_mode = 00000000
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_cert_private = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_pin_cache_period = -1
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_id = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=288993   pkcs11_id_management = DISABLED
Tue Dec 03 22:30:10 2019 us=288993   server_network = 10.8.0.0
Tue Dec 03 22:30:10 2019 us=288993   server_netmask = 255.255.255.0
Tue Dec 03 22:30:10 2019 us=304654   server_network_ipv6 = ::
Tue Dec 03 22:30:10 2019 us=304654   server_netbits_ipv6 = 0
Tue Dec 03 22:30:10 2019 us=304654   server_bridge_ip = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   server_bridge_netmask = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   server_bridge_pool_start = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   server_bridge_pool_end = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'route 192.168.0.0 255.255.255.0'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'redirect-gateway def1'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'dhcp-option DNS 192.168.0.1'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'route 10.8.0.0 255.255.255.0'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'topology net30'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'ping 10'
Tue Dec 03 22:30:10 2019 us=304654   push_entry = 'ping-restart 120'
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_defined = ENABLED
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_start = 10.8.0.4
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_end = 10.8.0.251
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_netmask = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_persist_filename = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_pool_persist_refresh_freq = 600
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_ipv6_pool_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_ipv6_pool_base = ::
Tue Dec 03 22:30:10 2019 us=304654   ifconfig_ipv6_pool_netbits = 0
Tue Dec 03 22:30:10 2019 us=304654   n_bcast_buf = 256
Tue Dec 03 22:30:10 2019 us=304654   tcp_queue_limit = 64
Tue Dec 03 22:30:10 2019 us=304654   real_hash_size = 256
Tue Dec 03 22:30:10 2019 us=304654   virtual_hash_size = 256
Tue Dec 03 22:30:10 2019 us=304654   client_connect_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   learn_address_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   client_disconnect_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   client_config_dir = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   ccd_exclusive = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   tmp_dir = 'C:\Windows\TEMP\'
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_local = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_remote_netmask = 0.0.0.0
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_ipv6_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_ipv6_local = ::/0
Tue Dec 03 22:30:10 2019 us=304654   push_ifconfig_ipv6_remote = ::
Tue Dec 03 22:30:10 2019 us=304654   enable_c2c = ENABLED
Tue Dec 03 22:30:10 2019 us=304654   duplicate_cn = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   cf_max = 0
Tue Dec 03 22:30:10 2019 us=304654   cf_per = 0
Tue Dec 03 22:30:10 2019 us=304654   max_clients = 1024
Tue Dec 03 22:30:10 2019 us=304654   max_routes_per_client = 256
Tue Dec 03 22:30:10 2019 us=304654   auth_user_pass_verify_script = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   auth_user_pass_verify_script_via_file = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   auth_token_generate = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   auth_token_lifetime = 0
Tue Dec 03 22:30:10 2019 us=304654   client = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   pull = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   auth_user_pass_file = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   show_net_up = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   route_method = 2
Tue Dec 03 22:30:10 2019 us=304654   block_outside_dns = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   ip_win32_defined = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   ip_win32_type = 3
Tue Dec 03 22:30:10 2019 us=304654   dhcp_masq_offset = 0
Tue Dec 03 22:30:10 2019 us=304654   dhcp_lease_time = 31536000
Tue Dec 03 22:30:10 2019 us=304654   tap_sleep = 2
Tue Dec 03 22:30:10 2019 us=304654   dhcp_options = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   dhcp_renew = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   dhcp_pre_release = DISABLED
Tue Dec 03 22:30:10 2019 us=304654   domain = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   netbios_scope = '[UNDEF]'
Tue Dec 03 22:30:10 2019 us=304654   netbios_node_type = 0
Tue Dec 03 22:30:10 2019 us=304654   disable_nbt = DISABLED
Tue Dec 03 22:30:10 2019 us=304654 OpenVPN 2.4.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 31 2019
Tue Dec 03 22:30:10 2019 us=304654 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Dec 03 22:30:10 2019 us=304654 library versions: OpenSSL 1.1.0l  10 Sep 2019, LZO 2.10
Tue Dec 03 22:30:10 2019 us=320246 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x.  Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet.
Tue Dec 03 22:30:10 2019 us=335869 Diffie-Hellman initialized with 2048 bit key
Tue Dec 03 22:30:10 2019 us=367155 Failed to extract curve from certificate (UNDEF), using secp384r1 instead.
Tue Dec 03 22:30:10 2019 us=367155 ECDH curve secp384r1 added
Tue Dec 03 22:30:10 2019 us=367155 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Dec 03 22:30:10 2019 us=367155 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Dec 03 22:30:10 2019 us=367155 TLS-Auth MTU parms [ L:1621 D:1184 EF:66 EB:0 ET:0 EL:3 ]
Tue Dec 03 22:30:10 2019 us=367155 interactive service msg_channel=0
Tue Dec 03 22:30:10 2019 us=382764 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 I=12 HWADDR=a0:1d:48:97:eb:90
Tue Dec 03 22:30:10 2019 us=382764 open_tun
Tue Dec 03 22:30:10 2019 us=382764 TAP-WIN32 device [Połączenie lokalne] opened: \\.\Global\{B1A515F3-6DEE-4F63-9F7C-CC52F8158CDF}.tap
Tue Dec 03 22:30:10 2019 us=382764 TAP-Windows Driver Version 9.24 
Tue Dec 03 22:30:10 2019 us=382764 TAP-Windows MTU=1500
Tue Dec 03 22:30:10 2019 us=382764 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.1/255.255.255.252 on interface {B1A515F3-6DEE-4F63-9F7C-CC52F8158CDF} [DHCP-serv: 10.8.0.2, lease-time: 31536000]
Tue Dec 03 22:30:10 2019 us=382764 Sleeping for 2 seconds...
Tue Dec 03 22:30:12 2019 us=404843 Successful ARP Flush on interface [17] {B1A515F3-6DEE-4F63-9F7C-CC52F8158CDF}
Tue Dec 03 22:30:12 2019 us=404843 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Tue Dec 03 22:30:12 2019 us=404843 C:\Windows\system32\route.exe ADD 192.168.0.0 MASK 255.255.255.0 10.8.0.2
Tue Dec 03 22:30:12 2019 us=404843 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Tue Dec 03 22:30:12 2019 us=436093 C:\Windows\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.2
Tue Dec 03 22:30:12 2019 us=436093 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Tue Dec 03 22:30:12 2019 us=451710 Data Channel MTU parms [ L:1621 D:1450 EF:121 EB:406 ET:0 EL:3 ]
Tue Dec 03 22:30:12 2019 us=451710 Could not determine IPv4/IPv6 protocol. Using AF_INET
Tue Dec 03 22:30:12 2019 us=451710 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Dec 03 22:30:12 2019 us=451710 UDPv4 link local (bound): [AF_INET]192.168.0.180:1194
Tue Dec 03 22:30:12 2019 us=451710 UDPv4 link remote: [AF_UNSPEC]
Tue Dec 03 22:30:12 2019 us=451710 MULTI: multi_init called, r=256 v=256
Tue Dec 03 22:30:12 2019 us=451710 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Tue Dec 03 22:30:12 2019 us=451710 Initialization Sequence Completed
Telling that honestly based on it I am not able to tell what is wrong.

There is even problem to ping from the client side OpenVPN server.

Here is the log on the client side:

Code: Select all

Tue Dec 03 22:33:11 2019 OpenVPN 2.4.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 31 2019
Tue Dec 03 22:33:11 2019 Windows version 6.2 (Windows 8 or greater) 64bit
Tue Dec 03 22:33:11 2019 library versions: OpenSSL 1.1.0l  10 Sep 2019, LZO 2.10
Enter Management Password:
Tue Dec 03 22:33:11 2019 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
Tue Dec 03 22:33:11 2019 Need hold release from management interface, waiting...
Tue Dec 03 22:33:12 2019 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'state on'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'log all on'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'echo all on'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'bytecount 5'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'hold off'
Tue Dec 03 22:33:12 2019 MANAGEMENT: CMD 'hold release'
Tue Dec 03 22:33:12 2019 Outgoing Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Dec 03 22:33:12 2019 Incoming Control Channel Authentication: Using 160 bit message hash 'SHA1' for HMAC authentication
Tue Dec 03 22:33:12 2019 TCP/UDP: Preserving recently used remote address: [AF_INET]82.160.124.120:1194
Tue Dec 03 22:33:12 2019 Socket Buffers: R=[65536->65536] S=[65536->65536]
Tue Dec 03 22:33:12 2019 UDP link local: (not bound)
Tue Dec 03 22:33:12 2019 UDP link remote: [AF_INET]82.160.124.120:1194
Tue Dec 03 22:33:12 2019 MANAGEMENT: >STATE:1575408792,WAIT,,,,,,
Tue Dec 03 22:33:12 2019 MANAGEMENT: >STATE:1575408792,AUTH,,,,,,
Tue Dec 03 22:33:12 2019 TLS: Initial packet from [AF_INET]82.160.124.120:1194, sid=59784c37 9a7dd8a7
Tue Dec 03 22:33:12 2019 VERIFY OK: depth=1, C=PL, ST=Mazowieckie, L=Zyrardow, O=DPSSosabowski, OU=changeme, CN=OpenVPNCA-DPS, name=OpenVPNCA-DPS, emailAddress=it@dpssosabowski.pl
Tue Dec 03 22:33:12 2019 VERIFY KU OK
Tue Dec 03 22:33:12 2019 Validating certificate extended key usage
Tue Dec 03 22:33:12 2019 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Tue Dec 03 22:33:12 2019 VERIFY EKU OK
Tue Dec 03 22:33:12 2019 VERIFY OK: depth=0, C=PL, ST=PL, L=Zyrardow, O=DPS, OU=changeme, CN=changeme, name=changeme, emailAddress=it@dpssosabowski.pl
Tue Dec 03 22:33:12 2019 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Tue Dec 03 22:33:12 2019 [changeme] Peer Connection Initiated with [AF_INET]82.160.124.120:1194
Tue Dec 03 22:33:13 2019 MANAGEMENT: >STATE:1575408793,GET_CONFIG,,,,,,
Tue Dec 03 22:33:13 2019 SENT CONTROL [changeme]: 'PUSH_REQUEST' (status=1)
Tue Dec 03 22:33:13 2019 PUSH: Received control message: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,redirect-gateway def1,dhcp-option DNS 192.168.0.1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM'
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: timers and/or timeouts modified
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: --ifconfig/up options modified
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: route options modified
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: peer-id set
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: adjusting link_mtu to 1624
Tue Dec 03 22:33:13 2019 OPTIONS IMPORT: data channel crypto options modified
Tue Dec 03 22:33:13 2019 Data Channel: using negotiated cipher 'AES-256-GCM'
Tue Dec 03 22:33:13 2019 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Dec 03 22:33:13 2019 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Tue Dec 03 22:33:13 2019 interactive service msg_channel=584
Tue Dec 03 22:33:13 2019 ROUTE_GATEWAY 10.5.236.254/255.255.255.0 I=12 HWADDR=fc:aa:14:72:82:8b
Tue Dec 03 22:33:13 2019 open_tun
Tue Dec 03 22:33:13 2019 TAP-WIN32 device [Połączenie lokalne 2] opened: \\.\Global\{96555132-7F8B-41CC-A182-0D3E9D962F01}.tap
Tue Dec 03 22:33:13 2019 TAP-Windows Driver Version 9.24 
Tue Dec 03 22:33:13 2019 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {96555132-7F8B-41CC-A182-0D3E9D962F01} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Tue Dec 03 22:33:13 2019 Successful ARP Flush on interface [9] {96555132-7F8B-41CC-A182-0D3E9D962F01}
Tue Dec 03 22:33:13 2019 MANAGEMENT: >STATE:1575408793,ASSIGN_IP,,10.8.0.6,,,,
Tue Dec 03 22:33:19 2019 TEST ROUTES: 3/3 succeeded len=2 ret=1 a=0 u/d=up
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 82.160.124.120 MASK 255.255.255.255 10.5.236.254
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 MANAGEMENT: >STATE:1575408799,ADD_ROUTES,,,,,,
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 192.168.0.0 MASK 255.255.255.0 10.8.0.5
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 C:\WINDOWS\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.5
Tue Dec 03 22:33:19 2019 Route addition via service succeeded
Tue Dec 03 22:33:19 2019 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Dec 03 22:33:19 2019 Initialization Sequence Completed
Tue Dec 03 22:33:19 2019 MANAGEMENT: >STATE:1575408799,CONNECTED,SUCCESS,10.8.0.6,82.160.124.120,1194,,
As I mentioned all the firewalls on the client and server side has been disabled for test purposes but nothing was changed:

Code: Select all

C:\Users\Luk>ping 10.8.0.1

Pinging 10.8.0.1 with 32 bytes of data:
Request timed out.
Request timed out.

Ping statistics for 10.8.0.1:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
Control-C
^C
C:\Users\Luk>tracert 10.8.0.1

Tracing route to 10.8.0.1 over a maximum of 30 hops

  1     *        *        *     Request timed out.
  2     *     ^C

C:\Users\Luk>ping 10.8.0.6

Pinging 10.8.0.6 with 32 bytes of data:
Reply from 10.8.0.6: bytes=32 time<1ms TTL=128

Ping statistics for 10.8.0.6:
    Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: OpenVPN connection establish but no access to local devices

Post by 300000 » Wed Dec 04, 2019 12:52 am

you need nat from 10.8.0.0 to 192.168.0.180 so you can access local devices and internet.

kalatos
OpenVpn Newbie
Posts: 10
Joined: Wed Nov 27, 2019 12:36 am

Re: OpenVPN connection establish but no access to local devices

Post by kalatos » Wed Dec 04, 2019 10:42 am

Hey,
thanks for prompt answer. It seems on the server side NAT is enabled on the router. I also setup static routing in that way:

Image

Sorry this is in polish but on the screen you can see NAT is enabled and there is static routing setup into the 10.8.0.0 network on mask 255.255.255.0 and gateway is 192.168.0.180 which is IP of the Windows Server where OpenVPN is installed.

Shall I setup anything else?

Thanks in advance,
Lukasz

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: OpenVPN connection establish but no access to local devices

Post by 300000 » Wed Dec 04, 2019 11:24 am

You need to install routing and remote service on server and NAT on windows not router.

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: OpenVPN connection establish but no access to local devices

Post by 300000 » Wed Dec 04, 2019 11:28 am

Install routing and remote service .

NAT. internet network card to public.
Open networks card private

Restart server.

No NAT on server will never work and only connect to server only by IP 10.8.0.1

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN connection establish but no access to local devices

Post by TinCanTech » Wed Dec 04, 2019 2:58 pm

NAT is not required if routing is setup correctly.

The problem is that the client cannot ping the server on 10.8.0.1 or 192.168.0.180

Also, you should not use 192.168.0.0/24 for your server LAN.
https://community.openvpn.net/openvpn/w ... gConflicts

kalatos
OpenVpn Newbie
Posts: 10
Joined: Wed Nov 27, 2019 12:36 am

Re: OpenVPN connection establish but no access to local devices

Post by kalatos » Wed Dec 04, 2019 9:41 pm

300000 wrote:
Wed Dec 04, 2019 11:28 am
Install routing and remote service .

NAT. internet network card to public.
Open networks card private

Restart server.

No NAT on server will never work and only connect to server only by IP 10.8.0.1
Do you mean Windows server services?
TinCanTech wrote:
Wed Dec 04, 2019 2:58 pm
NAT is not required if routing is setup correctly.

The problem is that the client cannot ping the server on 10.8.0.1 or 192.168.0.180

Also, you should not use 192.168.0.0/24 for your server LAN.
https://community.openvpn.net/openvpn/w ... gConflicts
I am aware this is typical local network but for this particular case my local network from the client side is 10.5.236.0 so It should be no any conflict. Moreover the logs on server side while connecting by client also looks pretty well but still I cannot ping even 10.8.0.1 :(

Code: Select all

Wed Dec 04 22:37:51 2019 us=641570 217.11.128.166:53522 UDPv4 WRITE [298] to [AF_INET]217.11.128.166:53522: P_CONTROL_V1 kid=0 pid=[ #11 ] [ 6 ] pid=7 DATA len=244
Wed Dec 04 22:37:51 2019 us=676478 217.11.128.166:53522 UDPv4 READ [50] from [AF_INET]217.11.128.166:53522: P_ACK_V1 kid=0 pid=[ #13 ] [ 7 ]
Wed Dec 04 22:37:51 2019 us=676478 217.11.128.166:53522 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Wed Dec 04 22:37:51 2019 us=676478 217.11.128.166:53522 [changeme] Peer Connection Initiated with [AF_INET]217.11.128.166:53522
Wed Dec 04 22:37:51 2019 us=676478 changeme/217.11.128.166:53522 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled)
Wed Dec 04 22:37:51 2019 us=676478 changeme/217.11.128.166:53522 MULTI: Learn: 10.8.0.6 -> changeme/217.11.128.166:53522
Wed Dec 04 22:37:51 2019 us=676478 changeme/217.11.128.166:53522 MULTI: primary virtual IP for changeme/217.11.128.166:53522: 10.8.0.6
Wed Dec 04 22:37:52 2019 us=698719 changeme/217.11.128.166:53522 UDPv4 READ [84] from [AF_INET]217.11.128.166:53522: P_CONTROL_V1 kid=0 pid=[ #14 ] [ ] pid=7 DATA len=42
Wed Dec 04 22:37:52 2019 us=698719 changeme/217.11.128.166:53522 PUSH: Received control message: 'PUSH_REQUEST'
Wed Dec 04 22:37:52 2019 us=698719 changeme/217.11.128.166:53522 SENT CONTROL [changeme]: 'PUSH_REPLY,route 192.168.0.0 255.255.255.0,redirect-gateway def1,dhcp-option DNS 192.168.0.1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5,peer-id 0,cipher AES-256-GCM' (status=1)
Wed Dec 04 22:37:52 2019 us=698719 changeme/217.11.128.166:53522 Data Channel: using negotiated cipher 'AES-256-GCM'
Wed Dec 04 22:37:52 2019 us=698719 changeme/217.11.128.166:53522 Data Channel MTU parms [ L:1549 D:1450 EF:49 EB:406 ET:0 EL:3 ]
Wed Dec 04 22:37:52 2019 us=698719 changeme/217.11.128.166:53522 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Dec 04 22:37:52 2019 us=698719 changeme/217.11.128.166:53522 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
Wed Dec 04 22:37:52 2019 us=698719 changeme/217.11.128.166:53522 UDPv4 WRITE [50] to [AF_INET]217.11.128.166:53522: P_ACK_V1 kid=0 pid=[ #12 ] [ 7 ]
Wed Dec 04 22:37:52 2019 us=698719 changeme/217.11.128.166:53522 UDPv4 WRITE [289] to [AF_INET]217.11.128.166:53522: P_CONTROL_V1 kid=0 pid=[ #13 ] [ ] pid=8 DATA len=247
Wed Dec 04 22:37:52 2019 us=761244 changeme/217.11.128.166:53522 UDPv4 READ [50] from [AF_INET]217.11.128.166:53522: P_ACK_V1 kid=0 pid=[ #15 ] [ 8 ]
Wed Dec 04 22:38:01 2019 us=931900 changeme/217.11.128.166:53522 UDPv4 READ [97] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=96
Wed Dec 04 22:38:01 2019 us=931900 changeme/217.11.128.166:53522 TUN WRITE [73]
Wed Dec 04 22:38:01 2019 us=947505 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:01 2019 us=947505 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:01 2019 us=947505 changeme/217.11.128.166:53522 UDPv4 READ [97] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=96
Wed Dec 04 22:38:01 2019 us=947505 changeme/217.11.128.166:53522 TUN WRITE [73]
Wed Dec 04 22:38:02 2019 us=199094 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:02 2019 us=199094 changeme/217.11.128.166:53522 UDPv4 WRITE [40] to [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=39
Wed Dec 04 22:38:02 2019 us=199094 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:02 2019 us=951535 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:02 2019 us=951535 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:03 2019 us=232787 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:03 2019 us=232787 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:04 2019 us=972267 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:04 2019 us=972267 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:05 2019 us=239392 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:05 2019 us=239392 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:05 2019 us=931612 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:05 2019 us=931612 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:06 2019 us=951387 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:06 2019 us=951387 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:08 2019 us=972833 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:08 2019 us=972833 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:08 2019 us=972833 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:08 2019 us=972833 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:12 2019 us=317289 changeme/217.11.128.166:53522 UDPv4 WRITE [40] to [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=39
Wed Dec 04 22:38:13 2019 us=5624 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:13 2019 us=5624 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:16 2019 us=468613 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:16 2019 us=468613 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:17 2019 us=5172 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:17 2019 us=5172 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:17 2019 us=492663 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:17 2019 us=492663 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:19 2019 us=489438 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:19 2019 us=489438 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:22 2019 us=34741 changeme/217.11.128.166:53522 UDPv4 WRITE [40] to [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=39
Wed Dec 04 22:38:23 2019 us=12308 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:23 2019 us=12308 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:23 2019 us=12308 changeme/217.11.128.166:53522 UDPv4 READ [97] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=96
Wed Dec 04 22:38:23 2019 us=12308 changeme/217.11.128.166:53522 TUN WRITE [73]
Wed Dec 04 22:38:23 2019 us=45041 changeme/217.11.128.166:53522 UDPv4 READ [97] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=96
Wed Dec 04 22:38:23 2019 us=45041 changeme/217.11.128.166:53522 TUN WRITE [73]
Wed Dec 04 22:38:23 2019 us=279993 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:23 2019 us=279993 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:23 2019 us=498745 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:23 2019 us=498745 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:24 2019 us=14378 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:24 2019 us=14378 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:24 2019 us=296724 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:24 2019 us=296724 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:26 2019 us=11327 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:26 2019 us=11327 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:26 2019 us=295642 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:26 2019 us=295642 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:28 2019 us=900430 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:28 2019 us=900430 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:29 2019 us=902542 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:29 2019 us=902542 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:30 2019 us=11918 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:30 2019 us=11918 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:30 2019 us=293172 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:30 2019 us=293172 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:31 2019 us=924119 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:31 2019 us=924119 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:31 2019 us=986620 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:32 2019 us=2211 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:32 2019 us=581031 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:32 2019 us=581031 changeme/217.11.128.166:53522 UDPv4 WRITE [40] to [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=39
Wed Dec 04 22:38:32 2019 us=581031 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:32 2019 us=596655 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:32 2019 us=596655 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:32 2019 us=596655 changeme/217.11.128.166:53522 UDPv4 READ [84] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=83
Wed Dec 04 22:38:32 2019 us=596655 changeme/217.11.128.166:53522 TUN WRITE [60]
Wed Dec 04 22:38:33 2019 us=2912 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:33 2019 us=2912 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:33 2019 us=598394 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:33 2019 us=598394 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:33 2019 us=598394 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:33 2019 us=598394 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:35 2019 us=14450 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:35 2019 us=14450 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:35 2019 us=139452 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:35 2019 us=139452 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:35 2019 us=595698 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:35 2019 us=595698 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:35 2019 us=595698 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:35 2019 us=595698 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:35 2019 us=940256 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:35 2019 us=940256 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:35 2019 us=955897 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:35 2019 us=955897 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:36 2019 us=174640 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:36 2019 us=174640 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:36 2019 us=252776 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:36 2019 us=252776 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:36 2019 us=268401 changeme/217.11.128.166:53522 UDPv4 READ [84] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=83
Wed Dec 04 22:38:36 2019 us=268401 changeme/217.11.128.166:53522 TUN WRITE [60]
Wed Dec 04 22:38:36 2019 us=284026 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:36 2019 us=284026 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:36 2019 us=955875 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:36 2019 us=955875 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:37 2019 us=268938 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:37 2019 us=268938 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:37 2019 us=268938 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:37 2019 us=268938 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:38 2019 us=23706 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:38 2019 us=23706 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:38 2019 us=179959 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:38 2019 us=179959 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:38 2019 us=305946 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:38 2019 us=305946 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:38 2019 us=963440 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:38 2019 us=963440 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:39 2019 us=10317 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:39 2019 us=10317 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:39 2019 us=276847 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:39 2019 us=276847 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:39 2019 us=276847 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:39 2019 us=276847 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:39 2019 us=591419 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:39 2019 us=591419 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:39 2019 us=591419 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:39 2019 us=591419 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:40 2019 us=16377 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:40 2019 us=16377 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:40 2019 us=31987 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:40 2019 us=31987 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:40 2019 us=942167 changeme/217.11.128.166:53522 UDPv4 READ [84] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=83
Wed Dec 04 22:38:40 2019 us=942167 changeme/217.11.128.166:53522 TUN WRITE [60]
Wed Dec 04 22:38:41 2019 us=38210 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:41 2019 us=38210 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:41 2019 us=38210 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:41 2019 us=38210 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:42 2019 us=181396 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:42 2019 us=181396 changeme/217.11.128.166:53522 UDPv4 WRITE [40] to [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=39
Wed Dec 04 22:38:42 2019 us=181396 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:42 2019 us=525166 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:42 2019 us=525166 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:42 2019 us=540776 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:42 2019 us=540776 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:42 2019 us=962657 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:42 2019 us=962657 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:43 2019 us=56756 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:43 2019 us=56756 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:43 2019 us=56756 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:43 2019 us=56756 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:43 2019 us=275495 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:43 2019 us=275495 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:43 2019 us=291135 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:43 2019 us=291135 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:43 2019 us=371200 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:43 2019 us=371200 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:43 2019 us=527458 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:43 2019 us=527458 changeme/217.11.128.166:53522 TUN WRITE [52]
Wed Dec 04 22:38:43 2019 us=543115 changeme/217.11.128.166:53522 UDPv4 READ [76] from [AF_INET]217.11.128.166:53522: P_DATA_V2 kid=0 DATA len=75
Wed Dec 04 22:38:43 2019 us=543115 changeme/217.11.128.166:53522 TUN WRITE [52]

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: OpenVPN connection establish but no access to local devices

Post by 300000 » Wed Dec 04, 2019 11:48 pm

there is no way making it work if you dont install remote sevice as i wrote . in order openvpn virtual ip from 10.8.0.0 going to 192.168.0.0 you need nat so just do it.

NAT is not required if routing is setup correctly.

The problem is that the client cannot ping the server on 10.8.0.1 or 192.168.0.180

Also, you should not use 192.168.0.0/24 for your server LAN.
https://community.openvpn.net/openvpn/w ... gConflicts


he said no need nat but there is no single line of config to make it run as routing , how can you think do it work?

10.0.0.0
172.16.0.0
192.168.0.0

all of it is non public ip routing so what ever you choose is up to you does mater. as soon as it not conflict every subnet on your system.

you cant ping to server from client using its because IP forwarding not enable on windows system so you can ping or connect stop

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN connection establish but no access to local devices

Post by TinCanTech » Thu Dec 05, 2019 12:01 am

300000 wrote:
Wed Dec 04, 2019 11:48 pm
The problem is that the client cannot ping the server on 10.8.0.1 or 192.168.0.180
exactly ..

kalatos
OpenVpn Newbie
Posts: 10
Joined: Wed Nov 27, 2019 12:36 am

Re: OpenVPN connection establish but no access to local devices

Post by kalatos » Thu Dec 05, 2019 10:41 am

Reading your last posts I am a little bit lost telling that honestly. Routing is done in the OpenVPN server configuration file. As I mentioned there is also static route setting up on the router side which is telling to the network how the packages might go from 10.8.0.0 into 192.168.0.0 but thus does not work at all.

Could you be so kind and tell me next steps what else to check in order to make it up and running?

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: OpenVPN connection establish but no access to local devices

Post by 300000 » Thu Dec 05, 2019 10:51 am

as i said there is nothing to do with static route on the router side will making it work and you think it work is up to you.

when I tell you what to do to make it works and you didnt do it , you've done your way and think it is correct now it not works , what can i do tell you now?

kalatos
OpenVpn Newbie
Posts: 10
Joined: Wed Nov 27, 2019 12:36 am

Re: OpenVPN connection establish but no access to local devices

Post by kalatos » Thu Dec 05, 2019 12:12 pm

I asked you the question without answer. While telling about install routing and remote service you mean Windows server services? Could you please provide the exact names of services which needs to be installed and the way of configuration?

Thanks,
Lukasz

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: OpenVPN connection establish but no access to local devices

Post by 300000 » Thu Dec 05, 2019 12:41 pm

you need install routing and remote access Windows server services making it NAT both network , you shoul choose internet face network card public and openvpn netword card private , after you install and config it will work for you.make sure turn off firewall for test first .

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN connection establish but no access to local devices

Post by TinCanTech » Thu Dec 05, 2019 2:00 pm

300000 wrote:
Thu Dec 05, 2019 12:41 pm
you need install routing and remote access Windows server services making it NAT
This will not solve the problem of ping ..

kalatos
OpenVpn Newbie
Posts: 10
Joined: Wed Nov 27, 2019 12:36 am

Re: OpenVPN connection establish but no access to local devices

Post by kalatos » Wed Dec 11, 2019 1:36 am

TinCanTech wrote:
Thu Dec 05, 2019 2:00 pm
300000 wrote:
Thu Dec 05, 2019 12:41 pm
you need install routing and remote access Windows server services making it NAT
This will not solve the problem of ping ..
What will help then?

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: OpenVPN connection establish but no access to local devices

Post by 300000 » Wed Dec 11, 2019 12:29 pm

Install routing and remote access is working for you now or not?

Post Reply