2.11.1bug,client internet traffic bug.
Posted: Wed Nov 09, 2022 2:31 pm
I choose not to use vpn for the internet traffic of the client.
Result: Unable to access the Internet.
client: openvpn-connect-2.7.1.111,win10
Operating environment: as2.11.1,rhel8.6
GATEWAY=192.168.239.2
Result: Unable to access the Internet.
client: openvpn-connect-2.7.1.111,win10
Operating environment: as2.11.1,rhel8.6
GATEWAY=192.168.239.2
Client Config
# Automatically generated OpenVPN client config file
# Generated on Wed Nov 9 22:07:21 2022 by localhost.localdomain
# Note: this config file contains inline private keys
# and therefore should be kept confidential!
# Certificate serial: 3, certificate common name: shilh
# Expires 2032-11-06 22:07:21
# Note: this configuration is user-locked to the username below
# OVPN_ACCESS_SERVER_USERNAME=shilh
# Define the profile name of this particular configuration file
# OVPN_ACCESS_SERVER_PROFILE=shilh@192.168.239.131
# Default Cipher
cipher AES-256-CBC
# OVPN_ACCESS_SERVER_CLI_PREF_ALLOW_WEB_IMPORT=True
# OVPN_ACCESS_SERVER_CLI_PREF_BASIC_CLIENT=False
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_CONNECT=False
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_XD_PROXY=True
# OVPN_ACCESS_SERVER_WSHOST=192.168.239.131:443
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_START
# -----BEGIN CERTIFICATE-----
# -----END CERTIFICATE-----
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_STOP
# OVPN_ACCESS_SERVER_IS_OPENVPN_WEB_CA=1
client
server-poll-timeout 4
nobind
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 443 tcp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
dev tun
dev-type tun
remote-cert-tls server
tls-version-min 1.2
reneg-sec 604800
auth-user-pass
verb 3
push-peer-info
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
stripped inline key
-----END PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key (Server Agent)
#
-----BEGIN OpenVPN Static key V1-----
stripped inline key
-----END OpenVPN Static key V1-----
</tls-crypt>
# Extra user-defined configuration
route 192.168.239.0 255.255.255.0 vpn_gateway
route 172.27.224.0 255.255.255.0 vpn_gateway
route 172.27.240.0 255.255.255.0 vpn_gateway
## -----BEGIN RSA SIGNATURE-----
## -----END RSA SIGNATURE-----
## -----BEGIN CERTIFICATE-----
## -----END CERTIFICATE-----
## -----BEGIN CERTIFICATE-----
## -----END CERTIFICATE-----
# Generated on Wed Nov 9 22:07:21 2022 by localhost.localdomain
# Note: this config file contains inline private keys
# and therefore should be kept confidential!
# Certificate serial: 3, certificate common name: shilh
# Expires 2032-11-06 22:07:21
# Note: this configuration is user-locked to the username below
# OVPN_ACCESS_SERVER_USERNAME=shilh
# Define the profile name of this particular configuration file
# OVPN_ACCESS_SERVER_PROFILE=shilh@192.168.239.131
# Default Cipher
cipher AES-256-CBC
# OVPN_ACCESS_SERVER_CLI_PREF_ALLOW_WEB_IMPORT=True
# OVPN_ACCESS_SERVER_CLI_PREF_BASIC_CLIENT=False
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_CONNECT=False
# OVPN_ACCESS_SERVER_CLI_PREF_ENABLE_XD_PROXY=True
# OVPN_ACCESS_SERVER_WSHOST=192.168.239.131:443
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_START
# -----BEGIN CERTIFICATE-----
# -----END CERTIFICATE-----
# OVPN_ACCESS_SERVER_WEB_CA_BUNDLE_STOP
# OVPN_ACCESS_SERVER_IS_OPENVPN_WEB_CA=1
client
server-poll-timeout 4
nobind
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 443 tcp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
remote 192.168.239.131 1194 udp
dev tun
dev-type tun
remote-cert-tls server
tls-version-min 1.2
reneg-sec 604800
auth-user-pass
verb 3
push-peer-info
<ca>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
stripped inline key
-----END PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key (Server Agent)
#
-----BEGIN OpenVPN Static key V1-----
stripped inline key
-----END OpenVPN Static key V1-----
</tls-crypt>
# Extra user-defined configuration
route 192.168.239.0 255.255.255.0 vpn_gateway
route 172.27.224.0 255.255.255.0 vpn_gateway
route 172.27.240.0 255.255.255.0 vpn_gateway
## -----BEGIN RSA SIGNATURE-----
## -----END RSA SIGNATURE-----
## -----BEGIN CERTIFICATE-----
## -----END CERTIFICATE-----
## -----BEGIN CERTIFICATE-----
## -----END CERTIFICATE-----