OpenVPN Support Forum

I hope this is the right place, and I apologize if not. I'm trying to set up an OpenVPN server to tunnel all traffic for travellers. My configuration works fine under XP, but my testing under Windows 7 is weird. After initial connection (using OpenVPN GUI) all traffic is tunneled, but a few minutes later the tunnel is still established, but Windows has rewritten the route table back to use my LAN gateway as the default route, and sure enough traceroute ignores the tunnel gateway.

Here's the Windows route table after connect:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.8.0.5 10.8.0.6 31
10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 31
10.8.0.4 255.255.255.252 On-link 10.8.0.6 286
10.8.0.6 255.255.255.255 On-link 10.8.0.6 286
10.8.0.7 255.255.255.255 On-link 10.8.0.6 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
129.129.0.0 255.255.0.0 192.168.40.2 192.168.40.12 11
169.254.0.0 255.255.0.0 On-link 169.254.35.159 276
169.254.35.159 255.255.255.255 On-link 169.254.35.159 276
169.254.255.255 255.255.255.255 On-link 169.254.35.159 276
192.67.63.39 255.255.255.255 192.168.40.1 192.168.40.12 11
192.168.40.0 255.255.255.0 On-link 192.168.40.12 266
192.168.40.12 255.255.255.255 On-link 192.168.40.12 266
192.168.40.255 255.255.255.255 On-link 192.168.40.12 266
192.168.44.0 255.255.255.0 192.168.40.2 192.168.40.12 11
192.168.45.0 255.255.255.0 192.168.40.2 192.168.40.12 11
192.168.46.0 255.255.255.0 192.168.40.2 192.168.40.12 11
192.168.192.0 255.255.255.0 On-link 192.168.192.1 276
192.168.192.1 255.255.255.255 On-link 192.168.192.1 276
192.168.192.255 255.255.255.255 On-link 192.168.192.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.8.0.6 286
224.0.0.0 240.0.0.0 On-link 192.168.40.12 266
224.0.0.0 240.0.0.0 On-link 169.254.35.159 276
224.0.0.0 240.0.0.0 On-link 192.168.192.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.8.0.6 286
255.255.255.255 255.255.255.255 On-link 192.168.40.12 266
255.255.255.255 255.255.255.255 On-link 169.254.35.159 276
255.255.255.255 255.255.255.255 On-link 192.168.192.1 276
===========================================================================
Persistent Routes:
None

Here it is an hour later, with no VPN changes:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 10.8.0.5 10.8.0.6 31
0.0.0.0 0.0.0.0 192.168.40.1 192.168.40.12 10
10.8.0.1 255.255.255.255 10.8.0.5 10.8.0.6 31
10.8.0.4 255.255.255.252 On-link 10.8.0.6 286
10.8.0.6 255.255.255.255 On-link 10.8.0.6 286
10.8.0.7 255.255.255.255 On-link 10.8.0.6 286
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
129.129.0.0 255.255.0.0 192.168.40.2 192.168.40.12 11
169.254.0.0 255.255.0.0 On-link 169.254.35.159 276
169.254.35.159 255.255.255.255 On-link 169.254.35.159 276
169.254.255.255 255.255.255.255 On-link 169.254.35.159 276
192.67.63.39 255.255.255.255 192.168.40.1 192.168.40.12 11
192.168.40.0 255.255.255.0 On-link 192.168.40.12 266
192.168.40.12 255.255.255.255 On-link 192.168.40.12 266
192.168.40.255 255.255.255.255 On-link 192.168.40.12 266
192.168.44.0 255.255.255.0 192.168.40.2 192.168.40.12 11
192.168.45.0 255.255.255.0 192.168.40.2 192.168.40.12 11
192.168.46.0 255.255.255.0 192.168.40.2 192.168.40.12 11
192.168.192.0 255.255.255.0 On-link 192.168.192.1 276
192.168.192.1 255.255.255.255 On-link 192.168.192.1 276
192.168.192.255 255.255.255.255 On-link 192.168.192.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 10.8.0.6 286
224.0.0.0 240.0.0.0 On-link 192.168.40.12 266
224.0.0.0 240.0.0.0 On-link 169.254.35.159 276
224.0.0.0 240.0.0.0 On-link 192.168.192.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 10.8.0.6 286
255.255.255.255 255.255.255.255 On-link 192.168.40.12 266
255.255.255.255 255.255.255.255 On-link 169.254.35.159 276
255.255.255.255 255.255.255.255 On-link 192.168.192.1 276
===========================================================================
Persistent Routes:
None

I have no idea where the default route via 192.168.40.1 (our non-VPN route) popped up from.

If this exact issue has been reported elsewhere I couldn't find it, and apologize if my weak google skills have led me to a common problem.

Client config: (comments removed)
client
dev tun
proto tcp
remote kirika.webl.com 22
resolv-retry infinite
nobind
persist-key
persist-tun
ca webl-ca.crt
cert kaimu.crt
key kaimu.key
comp-lzo
verb 3
route-method exe
route-delay 2

Server config:
script-security 2
local 192.67.63.39
port 22
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key # This file should be kept secret
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-config-dir ccd
route 192.168.40.0 255.255.255.0
push "redirect-gateway"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
up ./up-10.8.0
down ./down-10.8.0
tls-timeout 60

use and try again.

Don't you just LOVE Windows 7

Aww, dammit. I have that (with bypass-dhcp) on all of the work servers, but not on my own that I'm using for testing. IIRC I was using an older Debian build of OpenVPN, and of course it didn't seem to make any difference under XP...

Sure enough, I'm maintaining my correct path now. Thanks!

And as for Win7, I'm only a few weeks into it so far, and I'm not hating it as much as I expected. Which I think hits exactly the right tone.