OpenVPN Support Forum

Hi,
my vpn is not working.i can not ping my tun interface ip 10.8.1.1.and i want to connect my lan also.here with i attached my server and client conf and what i get error in client.so please help me to resolve my issue.

Regards,
sundAr g

Server conf


local x.x.x.x
port 1194

;proto tcp
proto udp

;dev tap
dev tun


ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key

dh /etc/openvpn/keys/dh1024.pem

server 10.8.1.0 255.255.255.0

ifconfig-pool-persist ipp.txt

push "route 10.0.0.0 255.0.0.0"

push "redirect-gateway def1"

client-to-client

keepalive 10 120

cipher BF-CBC

comp-lzo yes

max-clients 100

user nobody
group nobody

persist-key
persist-tun


status openvpn-status.log

log openvpn.log

verb 3

plugin /usr/lib/openvpn/plugin/lib/openvpn-auth-ldap.so /etc/openvpn/auth/ldap.conf


client-cert-not-required
--inactive 60 --ping-exit 40


Client conf

client

dev tun

proto udp

remote x.x.x.x 1194

resolv-retry infinite

nobind

user nobody
group nobody

persist-key
persist-tun

ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/sundar.crt
key /etc/openvpn/keys/sundar.key

ns-cert-type server

cipher BF-CBC

comp-lzo

verb 3

--auth-user-pass



ERror message

Thu Nov 17 16:37:21 2011 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=59]
Thu Nov 17 16:37:21 2011 Route addition via IPAPI failed
Thu Nov 17 16:37:21 2011 route ADD 0.0.0.0 MASK 128.0.0.0 10.8.1.5
Thu Nov 17 16:37:21 2011 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=24]
Thu Nov 17 16:37:21 2011 Route addition via IPAPI failed
Thu Nov 17 16:37:21 2011 route ADD 128.0.0.0 MASK 128.0.0.0 10.8.1.5
Thu Nov 17 16:37:21 2011 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=24]
Thu Nov 17 16:37:21 2011 Route addition via IPAPI failed
Thu Nov 17 16:37:21 2011 route ADD 10.0.0.0 MASK 255.0.0.0 10.8.1.5
Thu Nov 17 16:37:21 2011 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=24]
Thu Nov 17 16:37:21 2011 Route addition via IPAPI failed
Thu Nov 17 16:37:21 2011 route ADD 10.8.1.0 MASK 255.255.255.0 10.8.1.5
Thu Nov 17 16:37:21 2011 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=24]
Thu Nov 17 16:37:21 2011 Route addition via IPAPI failed
Thu Nov 17 16:37:21 2011 Initialization Sequence Completed

please post full log of your client/server

also

what lan ip your openvpn server has?

Michael

also, post the version of windows you're running on and the version of OpenVPN you are using.
If you're not using OpenVPN 2.2, upgrade first.

Hi,
Thanks for your reply.

I have one public ip and my lan ip is 10.7.130.x
today i got different status

error message
********************
Fri Nov 18 10:17:29 2011 NOTE: --user option is not implemented on Windows
Fri Nov 18 10:17:29 2011 NOTE: --group option is not implemented on Windows
Fri Nov 18 10:17:29 2011 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO] built on Oct 1 2006
Fri Nov 18 10:17:36 2011 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Nov 18 10:17:36 2011 LZO compression initialized
Fri Nov 18 10:17:36 2011 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Nov 18 10:17:36 2011 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Nov 18 10:17:36 2011 Local Options hash (VER=V4): '41690919'
Fri Nov 18 10:17:36 2011 Expected Remote Options hash (VER=V4): '530fdded'
Fri Nov 18 10:17:36 2011 UDPv4 link local: [undef]
Fri Nov 18 10:17:36 2011 UDPv4 link remote: vpnip:1194
Fri Nov 18 10:17:36 2011 TLS: Initial packet from vpnip:1194, sid=c7ec0c97 4079e4a5
Fri Nov 18 10:17:37 2011 VERIFY OK: depth=1, /C=IN/ST=TN/L=CHENNAI/O=TENET/OU=SUPPORT/CN=TENET_CA/emailAddress=sundarece02@gmail.com
Fri Nov 18 10:17:37 2011 VERIFY OK: nsCertType=SERVER
Fri Nov 18 10:17:37 2011 VERIFY OK: depth=0, /C=IN/ST=TN/L=CHENNAI/O=TENET/OU=SUPPORT/CN=server/emailAddress=sundarece02@gmail.com
Fri Nov 18 10:17:41 2011 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Nov 18 10:17:41 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 18 10:17:41 2011 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Nov 18 10:17:41 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Nov 18 10:17:41 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Nov 18 10:17:41 2011 [server] Peer Connection Initiated with 203.199.255.61:1194
Fri Nov 18 10:17:42 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Fri Nov 18 10:17:42 2011 PUSH: Received control message: 'PUSH_REPLY,route 10.8.0.1 255.255.255.255,route 10.0.0.0 255.0.0.0,dhcp-option DNS 10.7.128.5,ping 10,ping-restart 60,ifconfig 10.8.0.14 10.8.0.13'
Fri Nov 18 10:17:42 2011 OPTIONS IMPORT: timers and/or timeouts modified
Fri Nov 18 10:17:42 2011 OPTIONS IMPORT: --ifconfig/up options modified
Fri Nov 18 10:17:42 2011 OPTIONS IMPORT: route options modified
Fri Nov 18 10:17:42 2011 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Nov 18 10:17:42 2011 TAP-WIN32 device [Local Area Connection 3] opened: \\.\Global\{F1589E71-8906-47E8-A072-EBF2A07327AC}.tap
Fri Nov 18 10:17:42 2011 TAP-Win32 Driver Version 8.4
Fri Nov 18 10:17:42 2011 TAP-Win32 MTU=1500
Fri Nov 18 10:17:42 2011 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.14/255.255.255.252 on interface {F1589E71-8906-47E8-A072-EBF2A07327AC} [DHCP-serv: 10.8.0.13, lease-time: 31536000]
Fri Nov 18 10:17:42 2011 NOTE: FlushIpNetTable failed on interface [24] {F1589E71-8906-47E8-A072-EBF2A07327AC} (status=5) : Access is denied.
Fri Nov 18 10:17:42 2011 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Fri Nov 18 10:17:42 2011 Route: Waiting for TUN/TAP interface to come up...
Fri Nov 18 10:17:44 2011 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
Fri Nov 18 10:17:44 2011 route ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.13
Fri Nov 18 10:17:44 2011 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=24]
Fri Nov 18 10:17:44 2011 Route addition via IPAPI failed
Fri Nov 18 10:17:44 2011 route ADD 10.0.0.0 MASK 255.0.0.0 10.8.0.13
Fri Nov 18 10:17:44 2011 ROUTE: route addition failed using CreateIpForwardEntry: One or more arguments are not correct. [if_index=24]
Fri Nov 18 10:17:44 2011 Route addition via IPAPI failed
Fri Nov 18 10:17:44 2011 Initialization Sequence Completed

************


Regards,
sundAr

Hi,


Thanks for your reply

I am using windows 7,XP

My openvpn server version 2.1-0.29.

Regards,
sundAr

your client uses openvpn 2.0.9 version

please use ver above 2.1.4 on win 7

Michael.

upgrade to OpenVPN 2.1.4 or 2.2.1 (the latter is preferred_

also make sure you have sufficient privileges to run openvpn (Network Administrator or Administrator rights).