OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

VPN connected but unable to access machines inside

https://forums.openvpn.net/viewtopic.php?t=14362

Page 1 of 1

VPN connected but unable to access machines inside

Posted: Wed Nov 20, 2013 10:38 pm
by chrisspen
I'm on an Ubuntu laptop connected wirelessly, attempting to VPN into my network. It seems to connect successfully, showing "Initialization Sequence Completed", but I can't ping or otherwise access anything on my internal DNS. How do I diagnose and fix this?

My localhost's ifconfig:

Code: Select all

eth0      Link encap:Ethernet  HWaddr 64:b9:e8:cd:4f:b7  
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:16404625 errors:19551 dropped:0 overruns:14673 frame:4876
          TX packets:10208590 errors:153 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:16893172357 (16.8 GB)  TX bytes:5147821663 (5.1 GB)
          Interrupt:44 Base address:0x8000 

eth2      Link encap:Ethernet  HWaddr 00:26:bb:1b:90:cd  
          inet addr:192.168.2.100  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::226:bbff:fe1b:90cc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:15842 errors:7 dropped:0 overruns:0 frame:1207832
          TX packets:18278 errors:339 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:9669843 (9.6 MB)  TX bytes:3365110 (3.3 MB)
          Interrupt:23 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:44565696 errors:0 dropped:0 overruns:0 frame:0
          TX packets:44565696 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:5063385088 (5.0 GB)  TX bytes:5063385088 (5.0 GB)

tap0      Link encap:Ethernet  HWaddr 36:4c:8f:ab:b2:26  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:634 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:0 (0.0 B)  TX bytes:46302 (46.3 KB)
My localhost's route:

Code: Select all

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.2.254   0.0.0.0         UG    0      0        0 eth2
10.8.0.0        *               255.255.255.0   U     0      0        0 tap0
10.157.10.0     10.8.0.1        255.255.255.0   UG    0      0        0 tap0
link-local      *               255.255.0.0     U     1000   0        0 eth2
192.168.2.0     *               255.255.255.0   U     2      0        0 eth2
My openvpn server's conf:

Code: Select all

port 1194

proto udp

dev tap0

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key  # This file should be kept secret

dh /etc/openvpn/keys/dh1024.pem

ifconfig-pool-persist ipp.txt

server-bridge 10.8.0.1 255.255.255.0 10.8.0.200 10.8.0.250

push "route 10.157.10.0 255.255.255.0 10.8.0.1"

# The IP and domain of my internal DNS server.
push "dhcp-option DNS 10.157.10.12"
push "dhcp-option DOMAIN mydomain.com"

keepalive 10 120

comp-lzo

user nobody
group nobody

persist-key
persist-tun

status openvpn-status.log

log-append  /var/log/openvpn.log

verb 3
After looking at some other posts here, the only possible problem I could find was that I needed to bridge my tap0 and eth2 (wireless) interfaces. However, my wireless interface apparently doesn't support bridging, as `sudo brctl addif vpn0 eth2 tap0` failed with the error "can't add eth2 to bridge vpn0: Operation not supported"

Re: VPN connected but unable to access machines inside

Posted: Wed Nov 20, 2013 10:58 pm
by chrisspen
debbie10t wrote:How are you actually trying to create the bridge, from scratch ?
By following these instructions.

Code: Select all

sudo ip addr flush dev eth2
sudo ip addr flush dev tap0 # interface created by `openvpn --config mydomain.conf`
sudo brctl addbr vpn0
sudo brctl addif vpn0 eth2 tap0 # this fails
sudo ip link set dev vpn0 up

Re: VPN connected but unable to access machines inside

Posted: Wed Dec 04, 2013 3:27 pm
by chrisspen
debbie10t wrote:You will have to plug in an ethernet cable and it will render your wireless device redundant.
Well, that's the problem. I only have a wireless connection. Also, with some wireless drivers and/or a bug in the new resolv.conf configuration on Ubuntu, I've had problems enabling my wired and wireless interfaces at the same time.

Re: VPN connected but unable to access machines inside

Posted: Thu Dec 05, 2013 5:57 am
by chrisspen
No. eth0 is wired. eth2 is wireless.
debbie10t wrote:You have eth0 and eth2 ... are they both wireless cards ?
chrisspen wrote:

Code: Select all

eth0      Link encap:Ethernet  HWaddr 64:b9:e8:cd:4f:b7 
          UP BROADCAST MULTICAST  MTU:1500  Metric:1
          RX packets:16404625 errors:19551 dropped:0 overruns:14673 frame:4876
          TX packets:10208590 errors:153 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:16893172357 (16.8 GB)  TX bytes:5147821663 (5.1 GB)
          Interrupt:44 Base address:0x8000

eth2      Link encap:Ethernet  HWaddr 00:26:bb:1b:90:cd 
          inet addr:192.168.2.100  Bcast:192.168.2.255  Mask:255.255.255.0
          inet6 addr: fe80::226:bbff:fe1b:90cc/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:15842 errors:7 dropped:0 overruns:0 frame:1207832
          TX packets:18278 errors:339 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:9669843 (9.6 MB)  TX bytes:3365110 (3.3 MB)
          Interrupt:23
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/