OpenVPN Support Forum

Posted: **Thu Jan 09, 2014 7:59 pm**

Hello!

I am relatively new in this VPN/openvpn thingy, but i must ask a few question becouse we setted up a VPN and i have functionality issues.

We did made a configuration to lan gaming. Its working on a so-so condition. But i have some problem, and i would like ask a help. We have a remote server what is the bridged connection between all clients. We see each other thru tap and udp. We can play, we have internet besides the connection on our machines, but...

On our bridged server we are running an other service(namely a game server). Now then. After we join our VPN and it starting to work, the domain name itself stops working(We tried local lan and outsider IPs too without vpn and with vpn, the server ip address and domain name stops working until restart.), and we cannot connect to it other then the vpn ip addresses(Outsiders cannot connect too, becouse the dns and the external IP stops working) and we cannot know why is this and how should we solve it....

My other problem is, we are using UDP connection. But we want use TCP too, under the same circumstances... How can this be done. I checked google and more things, but i cannot found what i searched...

My server config is:

Code: Select all

tls-server 1
port 1194
proto udp
dev tap
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server-bridge 192.168.200.1 255.255.255.0 192.168.200.1 192.168.200.200
push dhcp-option DNS 192.168.200.1
client-to-client 1
comp-lzo yes
keepalive 10 120
persist-key 1
persist-tun 1
verb 3
mute 20

My client Config is:

Code: Select all

client
dev tap
proto udp
remote my_host_name 1194
resolv-retry infinite
mute-replay-warnings
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
keepalive 10 120

I dont know what is seems to be a problem, can anyone help me? I DID searched thru internet but i cannot find what i need...

In short:
1. To make the dns avaliable on the server(bridge) machine to that we can use the server's other services(Like web port 80, ftp, ect...)
2. Use UDP and TCP at the same time(We try to make a smaller little vpn like hamachi or tunggle)

PS: Is there any GUI to SETUP openvpn? Or its just this config file meddling?

Posted: **Thu Jan 09, 2014 10:58 pm**

Thx for the reply, erm.. i did fixed the config as you mentioned, but i should take out Verb 3 parameter(its a log thingy)? also since i fixed the things you mentioned in the arp list the other clients are not appear, not even the tap interface...

also i did read the mentioned parts, that is the result where i got so far...

oh and at connect i often get this messages for a few minute before connect:

Code: Select all

TEST ROUTES: 0/0 succeeded len=-1 ret=0 a=0 u/d=down
Route: Waiting for TUN/TAP interface to come up...

Posted: **Fri Jan 10, 2014 12:04 am**

OK nvmd (sorry for dbl post)

I solved the route problem with disabling the un necesarry protocols. and btw fixing the server config seems to fixed the error...

However, the tcp would be still a good option to have both...

Posted: **Fri Jan 10, 2014 7:13 pm**

I figured out the tap wont start problem under win7/8.1 that is fine, i turned off all un necesarry protocol exept ipv4, now its connecting instantly. And it is working flawlessly, the internet too. Chenged the client's metrics to 5.

However my problem that is the domain name becomes useless, is still an issue...

debbie10t wrote:Is 192.168.200.1 your server address or your LAN gateway address ?

No. 192.168.200.1 is the VPN address what i have when i connect to the VPN server. i choosed this, so there will wont be conflict with other settings...

My Local lan ip is: 192.168.1.100
Remote VPN adresses can be: 192.168.200.1 to 192.168.200.200 mine is the 1, i tested with one of my friend, and his address is ending to 200.2. so that is fine. But the gameserver what is running on the server(what is the bridge) is not working anymore,(Not in external ip, not with dns, but sometimes does)

I tryed flush dns, did not helped.... sometimes the gameserver's external ip works, for a few minutes, but after a few query it stops working...(EG: We cannot connect to the game-server but VPN and broadcast works good.)

Posted: **Fri Jan 10, 2014 10:10 pm**

Ok then:

Code: Select all

Microsoft Windows [Version 6.1.7601]
Copyright (c) 2009 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : MY-SERVER
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 08-60-6E-7A-F0-C6
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::91e0:97ce:c63:b212%12(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.13(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 2014. január 10. 10:02:46
   Lease Expires . . . . . . . . . . : 2014. január 11. 20:32:46
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 252207214
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-70-87-09-08-60-6E-7A-F0-C6

   DNS Servers . . . . . . . . . . . : 84.2.44.1
                                       84.2.46.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Win32 Adapter V9
   Physical Address. . . . . . . . . : 00-FF-EA-03-EF-17
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::853a:d47d:5b79:7dbb%19(Preferred)
   Autoconfiguration IPv4 Address. . : 169.254.125.187(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.0.0
   Default Gateway . . . . . . . . . :
   DHCPv6 IAID . . . . . . . . . . . : 318832618
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-70-87-09-08-60-6E-7A-F0-C6

   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{DD9B247F-F80A-4A7A-A3AA-153D5F46E349}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.{EA03EF17-7047-40EB-B675-AD90CA43EAF4}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Posted: **Fri Jan 10, 2014 11:15 pm**

debbie10t wrote:Why does your server config use:
P373R wrote:
Code: Select all
server-bridge 192.168.200.1 255.255.255.0 192.168.200.1 192.168.200.200
but your ipconfig says:
P373R wrote:
Code: Select all
IPv4 Address. . . . . . . . . . . : 192.168.0.13(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
not much we can do if you keep meddling.

Ok lets be straight i am not meddleing. Its the same since i wrote the config

maybe you dont get the whole picture :\ let me explain:

Server VPN:

192.168.0.13 is the server's lan. its a remote server, not in my LAN it is hosted elsewhere, i have a win2008 server up and running. Why should i set the pool to 192.168.0.13, if i can give unique ips...? i just did not wanted to use 10.8.0.1 and like theese... so i came up with a different range. Or i just need to change the ip to the mentioned one?

192.168.200.1 - I given this pool to use non conflict virtual ips... we intended to make a tunnggle like thing (if you check, tunggle you can see that you will get a unique ip address so...)

THIS server has a dynamic hostname too what is updating frequently as the ISP reconnects the connection and changes ip.

------------------------------------------------------------------------------

CLIENT(Me at the end of the cord):I have a separate LAN at home what is:
192.168.1.1 -> My Router
192.168.1.100 -> My machine physical
192.168.200.1 -> IP what i got from the remote server.

if i mess up then how should i correct the bridge-server parameter? at the first parameter give the 192.168.0.13 and the rest is the desired range?! I know that i doing something wrong, so... thats why i asked help...

Posted: **Fri Jan 10, 2014 11:26 pm**

I checked up that already, but not hurt to reherse.... hm i am really not a brain surgeon, but then in the meantime if i write this config:

server-bridge 192.168.0.13 255.255.255.0 192.168.200.1 192.168.200.200

will suffice then? :\ or it MUST to be at the same range as the router? :\

Edit:
I seee i think i get it now.... thx for your patience btw, sooooo i changed to:

server-bridge 192.168.0.13 255.255.255.0 192.168.0.100 192.168.0.200

well see how its working

Posted: **Sun Jan 12, 2014 3:02 pm**

Okay. so. i read that and i changed my config to:

Code: Select all

tls-server
port 1194
proto udp
dev tap
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server-bridge 192.168.0.13 255.255.255.0 192.168.0.100 192.168.0.200
push "dhcp-option DNS 192.168.0.13"
client-to-client
comp-lzo
keepalive 10 120
persist-key
persist-tun
verb 3
mute 3

Error is still: if the driver/service is on, the domain name is useless. Clients can connect, but cannot use the external wanip/domain anymore on the server... :\ Everything else is works...

I tried everything, even firewall disable on both server and router, still nothing. VPN passtrough is on, 1194 is forwarded, and still nothing... Later on i did tryed to rename the connection too, to

tap-bridge and added a config file this line:
dev-node tap-bridge

Still it is not working... :\(I did read the tutorials, if i could don about it i never would asked here so please dont stick it in my eye always the tutorial session i have a specific problem, please tell me what i am doing wrong...)

Posted: **Sun Jan 12, 2014 9:28 pm**

debbie10t wrote:Please post "ipconfig /all" for your new configuration.

What new?! I modified the server ovpn config file to my network, not my network to the ovpn... the config is the same, i posted the new server config, see above...

ipconfig is the same as you seen in my previous posts... what should i modify on them?!

Posted: **Wed Jan 15, 2014 5:45 pm**

Ok thx the info i will setup right now, but also i have to mention that we figured out that the domain not working error is not related with the openpn. its the fault of our server's router, and thx for your help!

OpenVPN Support Forum

OpenVPN and DNS update problem, and TCP Problem

OpenVPN and DNS update problem, and TCP Problem

Re: OpenVPN and DNS update problem, and TCP Problem

Re: OpenVPN and DNS update problem, and TCP Problem

Re: OpenVPN and DNS update problem, and TCP Problem

Re: OpenVPN and DNS update problem, and TCP Problem

Re: OpenVPN and DNS update problem, and TCP Problem

Re: OpenVPN and DNS update problem, and TCP Problem

Re: OpenVPN and DNS update problem, and TCP Problem

Re: OpenVPN and DNS update problem, and TCP Problem

Re: OpenVPN and DNS update problem, and TCP Problem