There is a problem in your selection of --ifconfig endpoints
Posted: Mon Jan 23, 2012 8:10 am
Openvpn always worked fine. It still does from my Iphone. Suddenly from a Windows XP machine I cannot connect anymore.
Please help!
Mon Jan 23 09:00:23 2012 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 192.168.33.0 255.255.255.0,route 192.168.33.1,topology net30,ping 10,ping-restart 60,ifconfig 192.168.33.6 255.255.255.0'
Mon Jan 23 09:00:23 2012 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jan 23 09:00:23 2012 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jan 23 09:00:23 2012 OPTIONS IMPORT: route options modified
Mon Jan 23 09:00:23 2012 WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (255.255.255.0) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
Mon Jan 23 09:00:23 2012 ROUTE default_gateway=10.161.21.220
Mon Jan 23 09:00:23 2012 There is a problem in your selection of --ifconfig endpoints [local=192.168.33.6, remote=255.255.255.0]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of --dev tun when used with the TAP-WIN32 driver. Try 'openvpn --show-valid-subnets' option for more info.
Mon Jan 23 09:00:23 2012 Exiting
This is my clientconfig:
dev tun
tls-client
remote mysite 8080
# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)
#redirect-gateway
#auth-nocache
#auto-proxy
pull
proto tcp-client
#proto udp
script-security 2
ca ca.crt
comp-lzo
reneg-sec 0
auth-user-pass
verb 3
----
THIS IS THE SERVERCONFIG (WORKED FOR MONTHS NOW):
#push "redirect-gateway def1"
#route 10.0.0.0 255.0.0.0 net_gateway
#route 172.16.0.0 255.240.0.0 net_gateway
#route 192.168.0.0 255.255.0.0 net_gateway
push "route 192.168.1.0 255.255.255.0"
push "route 192.168.33.0 255.255.255.0"
dev tun
management 192.168.1.6 1195
server 192.168.33.0 255.255.255.0
dh /usr/local/synovpn/etc/openvpn/keys/dh1024.pem
ca /usr/local/synovpn/etc/openvpn/keys/ca.crt
cert /usr/local/synovpn/etc/openvpn/keys/server.crt
key /usr/local/synovpn/etc/openvpn/keys/server.key
max-clients 5
comp-lzo
persist-tun
persist-key
verb 3
#log-append /var/log/openvpn.log
keepalive 10 60
reneg-sec 0
plugin /usr/local/synovpn/lib/radiusplugin.so /usr/local/synovpn/etc/openvpn/rad
client-cert-not-required
username-as-common-name
duplicate-cn
proto tcp
~
~
~
~
~
- /usr/syno/etc/synovpn/openvpn/openvpn.conf 23/40 57%
Please help!
Mon Jan 23 09:00:23 2012 PUSH: Received control message: 'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route 192.168.33.0 255.255.255.0,route 192.168.33.1,topology net30,ping 10,ping-restart 60,ifconfig 192.168.33.6 255.255.255.0'
Mon Jan 23 09:00:23 2012 OPTIONS IMPORT: timers and/or timeouts modified
Mon Jan 23 09:00:23 2012 OPTIONS IMPORT: --ifconfig/up options modified
Mon Jan 23 09:00:23 2012 OPTIONS IMPORT: route options modified
Mon Jan 23 09:00:23 2012 WARNING: Since you are using --dev tun with a point-to-point topology, the second argument to --ifconfig must be an IP address. You are using something (255.255.255.0) that looks more like a netmask. (silence this warning with --ifconfig-nowarn)
Mon Jan 23 09:00:23 2012 ROUTE default_gateway=10.161.21.220
Mon Jan 23 09:00:23 2012 There is a problem in your selection of --ifconfig endpoints [local=192.168.33.6, remote=255.255.255.0]. The local and remote VPN endpoints must exist within the same 255.255.255.252 subnet. This is a limitation of --dev tun when used with the TAP-WIN32 driver. Try 'openvpn --show-valid-subnets' option for more info.
Mon Jan 23 09:00:23 2012 Exiting
This is my clientconfig:
dev tun
tls-client
remote mysite 8080
# If redirect-gateway is enabled, the client will redirect it's
# default network gateway through the VPN.
# It means the VPN connection will firstly connect to the VPN Server
# and then to the internet.
# (Please refer to the manual of OpenVPN for more information.)
#redirect-gateway
#auth-nocache
#auto-proxy
pull
proto tcp-client
#proto udp
script-security 2
ca ca.crt
comp-lzo
reneg-sec 0
auth-user-pass
verb 3
----
THIS IS THE SERVERCONFIG (WORKED FOR MONTHS NOW):
#push "redirect-gateway def1"
#route 10.0.0.0 255.0.0.0 net_gateway
#route 172.16.0.0 255.240.0.0 net_gateway
#route 192.168.0.0 255.255.0.0 net_gateway
push "route 192.168.1.0 255.255.255.0"
push "route 192.168.33.0 255.255.255.0"
dev tun
management 192.168.1.6 1195
server 192.168.33.0 255.255.255.0
dh /usr/local/synovpn/etc/openvpn/keys/dh1024.pem
ca /usr/local/synovpn/etc/openvpn/keys/ca.crt
cert /usr/local/synovpn/etc/openvpn/keys/server.crt
key /usr/local/synovpn/etc/openvpn/keys/server.key
max-clients 5
comp-lzo
persist-tun
persist-key
verb 3
#log-append /var/log/openvpn.log
keepalive 10 60
reneg-sec 0
plugin /usr/local/synovpn/lib/radiusplugin.so /usr/local/synovpn/etc/openvpn/rad
client-cert-not-required
username-as-common-name
duplicate-cn
proto tcp
~
~
~
~
~
- /usr/syno/etc/synovpn/openvpn/openvpn.conf 23/40 57%