Windows 10 1903 and OpenVPN GUI 2.4.8
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
-
- OpenVpn Newbie
- Posts: 6
- Joined: Thu Apr 09, 2020 8:34 pm
Windows 10 1903 and OpenVPN GUI 2.4.8
Hello everyone,
I have one strange issue and decide to ask here if someone could advise. We have the following situation:
Sophos UTM
Window 10 1903 Enterprise – Windows Firewall off
Active Directory domain
OpenVPN 2.4.8
We’ve deployed 2.4.8 and suddenly we began to have network issues. We found that they are caused by TrendMicro OfficeScan which activates the firewall and block the traffic. So far so good, we’ve opened a escalated issue by TrendMicro and we are waiting for answer but I’ve decided to make some tests and then things became weird.
I installed OpenVPN 2.4.6 – everything works fine
I installed OpenVPN 2.4.7 – everything works fine
Then I look and found that the version 2.4.8 is installing windows tap drivers 9.24.2. I decided and uninstall only the TAP drivers, download the 9.23.3 drivers from here: https://build.openvpn.net/downloads/releases/
And then everything works perfect as expected. Then I’ve continued to check and found following. With 9.23.3 the created network adapter is Ethernet2 when with 9.24.2 it is now Local Area Connection. Then with 9.24.2 when I open command prompt and check ipconfig /all I see the adapter as “unknown adapter local area connection” which is kind of strange because adapter in windows shows: Local Area Connection /Tap-windows adapter V9.
We could say that TrendMicro caused the problem but I have the feeling that something with the new driver is not ok.
So, any help and ideas would be greatly appreciated.
Thanks in advance
I have one strange issue and decide to ask here if someone could advise. We have the following situation:
Sophos UTM
Window 10 1903 Enterprise – Windows Firewall off
Active Directory domain
OpenVPN 2.4.8
We’ve deployed 2.4.8 and suddenly we began to have network issues. We found that they are caused by TrendMicro OfficeScan which activates the firewall and block the traffic. So far so good, we’ve opened a escalated issue by TrendMicro and we are waiting for answer but I’ve decided to make some tests and then things became weird.
I installed OpenVPN 2.4.6 – everything works fine
I installed OpenVPN 2.4.7 – everything works fine
Then I look and found that the version 2.4.8 is installing windows tap drivers 9.24.2. I decided and uninstall only the TAP drivers, download the 9.23.3 drivers from here: https://build.openvpn.net/downloads/releases/
And then everything works perfect as expected. Then I’ve continued to check and found following. With 9.23.3 the created network adapter is Ethernet2 when with 9.24.2 it is now Local Area Connection. Then with 9.24.2 when I open command prompt and check ipconfig /all I see the adapter as “unknown adapter local area connection” which is kind of strange because adapter in windows shows: Local Area Connection /Tap-windows adapter V9.
We could say that TrendMicro caused the problem but I have the feeling that something with the new driver is not ok.
So, any help and ideas would be greatly appreciated.
Thanks in advance
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
Sounds like the TAP driver is giving you issues ..kiro.ivanov wrote: ↑Thu Apr 09, 2020 8:36 pmThen I look and found that the version 2.4.8 is installing windows tap drivers 9.24.2. I decided and uninstall only the TAP drivers, download the 9.23.3 drivers from here: https://build.openvpn.net/downloads/releases/
And then everything works perfect as expected.
Take all the other crap out of the equation and see what happens.
-
- OpenVpn Newbie
- Posts: 6
- Joined: Thu Apr 09, 2020 8:34 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
yes, this is what I did but my knowledge with drivers is very limited and I hope that maybe some of the developers could look at it and help. I compared for example the inf file and I found one difference:
9.23.3
Characteristics = 0x81
*IfType = 0x6 ; IF_TYPE_ETHERNET_CSMACD
*MediaType = 0x0 ; NdisMedium802_3
*PhysicalMediaType = 14 ; NdisPhysicalMedium802_3
9.24.2
Characteristics = 0x1
*IfType = 53 ; IF_TYPE_PROP_VIRTUAL
*MediaType = 0x0 ; NdisMedium802_3
*PhysicalMediaType = 0 ; NdisPhysicalMediumUnspecified
but all other components of the driver are for me an unknown area.
9.23.3
Characteristics = 0x81
*IfType = 0x6 ; IF_TYPE_ETHERNET_CSMACD
*MediaType = 0x0 ; NdisMedium802_3
*PhysicalMediaType = 14 ; NdisPhysicalMedium802_3
9.24.2
Characteristics = 0x1
*IfType = 53 ; IF_TYPE_PROP_VIRTUAL
*MediaType = 0x0 ; NdisMedium802_3
*PhysicalMediaType = 0 ; NdisPhysicalMediumUnspecified
but all other components of the driver are for me an unknown area.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
Can you successfully uninstall and reinstall openvpn and have a working VPN ?
-
- OpenVpn Newbie
- Posts: 6
- Joined: Thu Apr 09, 2020 8:34 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
I can uninstall 2.4.8 and install 2.4.7 and have a working solution but only for the troubleshooting. It is even faster if I do it only with TAP drivers, the same time 2.4.8 remains installed without problem. The issue is that we already deployed 2.4.8 to 150+ computer and my idea was to have reg file or something which I could send to the users to solve this issue. We have computers all over the world and it is hard to arrange a time and session to replace the drivers. The users don't have administrative permissions and have problems understanding even basic computer tasks.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
You should probably hold off from major upgrades until you know you can do it safely then ..
-
- OpenVpn Newbie
- Posts: 6
- Joined: Thu Apr 09, 2020 8:34 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
Well, usually this is what we do but due to Corona Virus and pushing from the government for everyone to stay home, we had to deploy as fast as possible a solution for HomeOffice. Indeed the users can connect to the company network and after this we found that the "back" communication to the client has problems. This was first mass deployment of a VPN client for us.
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
With regard to 2.4.8 and the new TAP drivers; OpenVPN have put a lot of effort into getting them signed by Microsoft. Due to this signing, OpenVPN have had to make multiple versions of TAP to satisfy Microsoft testing etc and so there are two flavours (that I know of) Win7 and Win10 (Win8 falls in there somewhere, not sure where). Generally, this all works fine but there has been one exceptional corner case where we discovered Kaspersky are distributing their own TAP driver and there was one single failure due to unforseen conflicts.
The point is, if you can successfull uninstall/reinstall the TAP driver you should be in the clear .. but of course there could be other unforeseen problems ..
If you have problems then please document it clearly and we can take a look.
The point is, if you can successfull uninstall/reinstall the TAP driver you should be in the clear .. but of course there could be other unforeseen problems ..
If you have problems then please document it clearly and we can take a look.
-
- OpenVpn Newbie
- Posts: 6
- Joined: Thu Apr 09, 2020 8:34 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
I appreciate your help, that's why I perform some additional tests. I've uninstall everything - 2.4.8, the tap drivers, make sure that there isn't any network adapter in the device manager, then search in registry for everything related to VPN, OpenVPN etc. and removed. Then I've downloaded the SSL VPN client from the UTM and install it. Indeed, during the installation of it, there was a pop up from Windows about the drivers which I confirmed. Then I removed everything again and perform a clean installation of 2.4.8 and there was a message during the installation that maybe a confirmation about the drivers will be needed but this didn't appear, so I assumed as well that Windows accept them without problems. I've checked as well the network adapter properties and there is TrendMicro NDIS 6.0 Adapter driver but when I deactivate it I still don't have ping or remote desktop connection to a test client.
Unfortunately most likely the Corona Virus will be over when we will be finally ready with removing 9.24.2 and installing the old drivers.
If you can advice how to document it clearly I'll do it or if something is missing as information in my posts. Or maybe there is a collection tool when reproducing the issue?
Unfortunately most likely the Corona Virus will be over when we will be finally ready with removing 9.24.2 and installing the old drivers.
If you can advice how to document it clearly I'll do it or if something is missing as information in my posts. Or maybe there is a collection tool when reproducing the issue?
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
The idea behind archiving the mailing list is so that you can read it yourself and learn from it.
For the benefit of everyone, you may want to include details found here in future:
viewtopic.php?f=30&t=22603#p68963
For the benefit of everyone, you may want to include details found here in future:
viewtopic.php?f=30&t=22603#p68963
-
- OpenVpn Newbie
- Posts: 6
- Joined: Thu Apr 09, 2020 8:34 pm
Re: Windows 10 1903 and OpenVPN GUI 2.4.8
Thanks, I've open a thread there as well, now I will check about collecting more information for troubleshooting.