Windows 10 Pro - Ethernet Connection - OpenVPN Connected - Packets not routing via VPN Server

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
vaisam
OpenVpn Newbie
Posts: 2
Joined: Sun Aug 23, 2020 5:03 pm

Windows 10 Pro - Ethernet Connection - OpenVPN Connected - Packets not routing via VPN Server

Post by vaisam » Wed Jan 24, 2024 7:24 am

Hello,

Client OS: Windows 10 PRO
Network Interface: Ethernet
Client Version: OpenVPN GUI v11.46.0.0
Server: OpenVPN 2.6.8 on CentOS

Issue: OpenVPN client [Run As Admin] > Connects fine. See logs below but when I check whatismyip.com, it shows ISP assigned IP address & not my VPN server's IP Address.

Config
[oconf]
dev tun
proto udp
remote vpn.myserver.com 1194
<ca>
-----BEGIN CERTIFICATE-----
MIIDSzCCAjOgAwIBAgIUUogNp45PjajS8+ASfIvWHZd9ErAwDQYJKoZIhvcNAQEL
<snip>
MObgJMx1+xDbZFCJ0rDulkpNSnx8GtDgEH5ohN1q/g==
-----END CERTIFICATE-----
</ca>
remote-cert-tls server
cipher AES-256-CBC
auth SHA512
auth-nocache
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
resolv-retry infinite
compress lz4
nobind
persist-key
persist-tun
mute-replay-warnings
verb 3
auth-user-pass
[/oconf]


Connection Log

Code: Select all

2024-01-24 11:52:50 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2024-01-24 11:52:50 DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). OpenVPN ignores --cipher for cipher negotiations. 
2024-01-24 11:52:50 Note: '--allow-compression' is not set to 'no', disabling data channel offload.
2024-01-24 11:52:50 OpenVPN 2.6.8 [git:v2.6.8/3b0d9489cc423da3] Windows [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] [DCO] built on Nov 17 2023
2024-01-24 11:52:50 Windows version 10.0 (Windows 10 or greater), amd64 executable
2024-01-24 11:52:50 library versions: OpenSSL 3.1.4 24 Oct 2023, LZO 2.10
2024-01-24 11:52:50 DCO version: 1.0.0
2024-01-24 11:52:50 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
2024-01-24 11:52:50 Need hold release from management interface, waiting...
2024-01-24 11:52:50 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:62879
2024-01-24 11:52:51 MANAGEMENT: CMD 'state on'
2024-01-24 11:52:51 MANAGEMENT: CMD 'log on all'
2024-01-24 11:52:51 MANAGEMENT: CMD 'echo on all'
2024-01-24 11:52:51 MANAGEMENT: CMD 'bytecount 5'
2024-01-24 11:52:51 MANAGEMENT: CMD 'state'
2024-01-24 11:52:51 MANAGEMENT: CMD 'hold off'
2024-01-24 11:52:51 MANAGEMENT: CMD 'hold release'
2024-01-24 11:52:53 MANAGEMENT: CMD 'username "Auth" "johndoe"'
2024-01-24 11:52:53 MANAGEMENT: CMD 'password [...]'
2024-01-24 11:52:53 MANAGEMENT: >STATE:1706077373,RESOLVE,,,,,,
2024-01-24 11:52:53 TCP/UDP: Preserving recently used remote address: [AF_INET6]64:ff9b::ad68:2f8c:1194
2024-01-24 11:52:53 Socket Buffers: R=[65536->65536] S=[65536->65536]
2024-01-24 11:52:53 UDPv6 link local: (not bound)
2024-01-24 11:52:53 UDPv6 link remote: [AF_INET6]64:ff9b::ad68:2f8c:1194
2024-01-24 11:52:53 MANAGEMENT: >STATE:1706077373,WAIT,,,,,,
2024-01-24 11:52:53 MANAGEMENT: >STATE:1706077373,AUTH,,,,,,
2024-01-24 11:52:53 TLS: Initial packet from [AF_INET6]64:ff9b::ad68:2f8c:1194, sid=9de08c64 cfc5fa57
2024-01-24 11:52:53 VERIFY OK: depth=1, CN=Easy-RSA CA
2024-01-24 11:52:53 VERIFY KU OK
2024-01-24 11:52:53 Validating certificate extended key usage
2024-01-24 11:52:53 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
2024-01-24 11:52:53 VERIFY EKU OK
2024-01-24 11:52:53 VERIFY OK: depth=0, CN=VPNServer
2024-01-24 11:52:53 Control Channel: TLSv1.3, cipher TLSv1.3 TLS_AES_256_GCM_SHA384, peer certificate: 2048 bits RSA, signature: RSA-SHA256, peer temporary key: 253 bits X25519
2024-01-24 11:52:53 [VPNServer31West] Peer Connection Initiated with [AF_INET6]64:ff9b::ac69:2f8c:1194
2024-01-24 11:52:53 TLS: move_session: dest=TM_ACTIVE src=TM_INITIAL reinit_src=1
2024-01-24 11:52:53 TLS: tls_multi_process: initial untrusted session promoted to trusted
2024-01-24 11:52:54 MANAGEMENT: >STATE:1706077374,GET_CONFIG,,,,,,
2024-01-24 11:52:54 SENT CONTROL [VPNServer]: 'PUSH_REQUEST' (status=1)
2024-01-24 11:52:54 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 10.10.10.0 255.255.255.255,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.0.0.1,topology net30,ping 20,ping-restart 60,ifconfig 10.0.0.209 10.0.0.210,peer-id 2,cipher AES-256-GCM'
2024-01-24 11:52:54 OPTIONS IMPORT: --ifconfig/up options modified
2024-01-24 11:52:54 OPTIONS IMPORT: route options modified
2024-01-24 11:52:54 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2024-01-24 11:52:54 interactive service msg_channel=384
2024-01-24 11:52:54 ROUTE_GATEWAY 192.168.251.220/255.255.255.0 I=20 HWADDR=6e:dd:f2:0e:83:ef
2024-01-24 11:52:54 open_tun
2024-01-24 11:52:54 tap-windows6 device [OpenVPN TAP-Windows6] opened
2024-01-24 11:52:54 TAP-Windows Driver Version 9.26 
2024-01-24 11:52:54 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.0.209/255.255.255.252 on interface {9AE32874-D4D9-4509-A211-DA874CB93DBA} [DHCP-serv: 10.0.0.210, lease-time: 31536000]
2024-01-24 11:52:54 Successful ARP Flush on interface [22] {9AE32874-D4D9-4509-A211-DA874CB93DBA}
2024-01-24 11:52:54 MANAGEMENT: >STATE:1706077374,ASSIGN_IP,,10.0.0.209,,,,
2024-01-24 11:52:54 IPv4 MTU set to 1500 on interface 22 using service
2024-01-24 11:52:54 Data Channel: cipher 'AES-256-GCM', peer-id: 2, compression: 'lz4'
2024-01-24 11:52:54 Timers: ping 20, ping-restart 60
2024-01-24 11:52:59 TEST ROUTES: 3/3 succeeded len=2 ret=1 a=0 u/d=up
2024-01-24 11:52:59 ROUTE remote_host protocol differs from tunneled
2024-01-24 11:52:59 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.0.0.210
2024-01-24 11:52:59 Route addition via service succeeded
2024-01-24 11:52:59 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.0.0.210
2024-01-24 11:52:59 Route addition via service succeeded
2024-01-24 11:52:59 MANAGEMENT: >STATE:1706077379,ADD_ROUTES,,,,,,
2024-01-24 11:52:59 C:\Windows\system32\route.exe ADD 10.10.10.0 MASK 255.255.255.255 10.0.0.210
2024-01-24 11:52:59 Route addition via service succeeded
2024-01-24 11:52:59 C:\Windows\system32\route.exe ADD 10.0.0.1 MASK 255.255.255.255 10.0.0.210
2024-01-24 11:52:59 Route addition via service succeeded
2024-01-24 11:52:59 Initialization Sequence Completed
2024-01-24 11:52:59 MANAGEMENT: >STATE:1706077379,CONNECTED,SUCCESS,10.0.0.209,64:ff9b::ac69:2f8c,1194,,

Output of routing

Code: Select all

C:\Users\Admin>route print
===========================================================================
Interface List
 16...80 ce 62 d8 aa 1a ......Realtek PCIe GbE Family Controller
 15...........................Wintun Userspace Tunnel
 20...6e dd f2 0e 83 ef ......Remote NDIS based Internet Sharing Device
 22...00 ff 9a e3 28 74 ......TAP-Windows Adapter V9
 51...........................OpenVPN Data Channel Offload
 10...9c 30 5b d2 42 af ......Realtek RTL8723DE 802.11b/g/n PCIe Adapter
 13...9e 30 5b d2 42 af ......Microsoft Wi-Fi Direct Virtual Adapter
 19...9c 30 5b d2 42 af ......Microsoft Wi-Fi Direct Virtual Adapter #2
  7...9c 30 5b d2 42 b0 ......Bluetooth Device (Personal Area Network)
  1...........................Software Loopback Interface 1
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.251.220  192.168.251.168     25
          0.0.0.0        128.0.0.0       10.0.0.210       10.0.0.209    281
         10.0.0.1  255.255.255.255       10.0.0.210       10.0.0.209    281
       10.0.0.208  255.255.255.252         On-link        10.0.0.209    281
       10.0.0.209  255.255.255.255         On-link        10.0.0.209    281
       10.0.0.211  255.255.255.255         On-link        10.0.0.209    281
       10.10.10.0  255.255.255.255       10.0.0.210       10.0.0.209    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
        128.0.0.0        128.0.0.0       10.0.0.210       10.0.0.209    281
    192.168.251.0    255.255.255.0         On-link   192.168.251.168    281
  192.168.251.168  255.255.255.255         On-link   192.168.251.168    281
  192.168.251.255  255.255.255.255         On-link   192.168.251.168    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link   192.168.251.168    281
        224.0.0.0        240.0.0.0         On-link        10.0.0.209    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link   192.168.251.168    281
  255.255.255.255  255.255.255.255         On-link        10.0.0.209    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 20     41 ::/0                     fe80::c4c1:23ff:feb3:8bf6
  1    331 ::1/128                  On-link
 20     41 2409:40e3:1a:18ab::/64   On-link
 20    281 2409:40e3:1a:18ab:c46d:560d:4657:2742/128
                                    On-link
 20    281 2409:40e3:1a:18ab:d9a8:9e37:56a:b29e/128
                                    On-link
 20    281 fe80::/64                On-link
 22    281 fe80::/64                On-link
 22    281 fe80::1516:af86:e883:5eae/128
                                    On-link
 20    281 fe80::c46d:560d:4657:2742/128
                                    On-link
  1    331 ff00::/8                 On-link
 20    281 ff00::/8                 On-link
 22    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

C:\Users\Admin>


ipconfig details

Code: Select all

C:\Users\Admin>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-473S4SF
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek PCIe GbE Family Controller
   Physical Address. . . . . . . . . : 80-CE-62-D8-AA-1A
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Unknown adapter OpenVPN Wintun:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Wintun Userspace Tunnel
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter JIO AIR FIBER:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Remote NDIS based Internet Sharing Device
   Physical Address. . . . . . . . . : 6E-DD-F2-0E-83-EF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2409:40e3:1a:18ab:c46d:560d:4657:2742(Preferred)
   Temporary IPv6 Address. . . . . . : 2409:40e3:1a:18ab:d9a8:9e37:56a:b29e(Preferred)
   Link-local IPv6 Address . . . . . : fe80::c46d:560d:4657:2742%20(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.251.168(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, January 24, 2024 11:01:16 AM
   Lease Expires . . . . . . . . . . : Wednesday, January 24, 2024 12:31:13 PM
   Default Gateway . . . . . . . . . : fe80::c4c1:23ff:feb3:8bf6%20
                                       192.168.251.220
   DHCP Server . . . . . . . . . . . : 192.168.251.220
   DHCPv6 IAID . . . . . . . . . . . : 299501551
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-8D-7F-E6-80-CE-62-D8-AA-1A
   DNS Servers . . . . . . . . . . . : 192.168.251.220
                                       2409:40e3:1a:18ab::5d
   NetBIOS over Tcpip. . . . . . . . : Enabled

Unknown adapter OpenVPN TAP-Windows6:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-9A-E3-28-74
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1516:af86:e883:5eae%22(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.0.209(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.252
   Lease Obtained. . . . . . . . . . : Wednesday, January 24, 2024 11:52:55 AM
   Lease Expires . . . . . . . . . . : Thursday, January 23, 2025 11:52:55 AM
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . : 10.0.0.210
   DHCPv6 IAID . . . . . . . . . . . : 369164186
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-2B-8D-7F-E6-80-CE-62-D8-AA-1A
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Unknown adapter OpenVPN Data Channel Offload:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : OpenVPN Data Channel Offload
   Physical Address. . . . . . . . . :
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Realtek RTL8723DE 802.11b/g/n PCIe Adapter
   Physical Address. . . . . . . . . : 9C-30-5B-D2-42-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 8:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 9E-30-5B-D2-42-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 10:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter #2
   Physical Address. . . . . . . . . : 9C-30-5B-D2-42-AF
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Bluetooth Network Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
   Physical Address. . . . . . . . . : 9C-30-5B-D2-42-B0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

C:\Users\Admin>

I am clueless what is the issue and how to fix this. I have not encountered this before.

Please help.

TIA

Post Reply