OpenVPN -- HELP!

M

Mike P.

Hi guys,

I managed to ping the server [10.10.0.1] from the client behind a
router [192.168.1.0/24]. My private (home) LAN is 172.16.0.0/24.
Both the server and the client does receive read/write data (in the
log) but the client can't connect to the Internet while it's connected
to the VPN server. It appears to be a routing issue, but I can't
figure it out.

Here's my server config:
<hr>
port 1194
proto udp
dev tun

ca ca.crt
cert server.crt
key server.key
dh dh2048.pem

server 10.10.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

client-config-dir ccd
ccd-exclusive
route 192.168.0.0 255.255.0.0

push "redirect-gateway"
push "dhcp-option DNS 68.238.64.12"
push "dhcp-option DNS 68.238.128.12"
push "dhcp-option DNS 4.2.2.2"
push "dhcp-option DNS 4.2.2.4"

tls-auth ta.key 0 # This file is secret

cipher AES-128-CBC

comp-lzo

max-clients 5

persist-key
persist-tun
ping 15
ping-restart 300 # 5 minutes
resolv-retry 300 # 5 minutes

status openvpn-status.log
verb 6[
<hr>

I did add an "iroute 192.168.0.0 255.255.0.0" to the ccd file.

Any help would be appreciated.

Michael
 
R

Robert L [MVP - Networking]

You may have two options. Check the VPN server configuration. Or uncheck use remote network gateway on the client site. this search result may help,

routing issues on vpnCan't access the Internet while using VPN Can't access the remote network after unchecking "Use default gateway on Remote Network" ...
http://www.chicagotech.net/routingissuesonvpn.htm


Bob Lin, MS-MVP, MCSE & CNE
Networking, Internet, Routing, VPN Troubleshooting on http://www.ChicagoTech.net
How to Setup Windows, Network, VPN & Remote Access on http://www.HowToNetworking.com
Hi guys,

I managed to ping the server [10.10.0.1] from the client behind a
router [192.168.1.0/24]. My private (home) LAN is 172.16.0.0/24.
Both the server and the client does receive read/write data (in the
log) but the client can't connect to the Internet while it's connected
to the VPN server. It appears to be a routing issue, but I can't
figure it out.

Here's my server config:
<hr>
port 1194
proto udp
dev tun

ca ca.crt
cert server.crt
key server.key
dh dh2048.pem

server 10.10.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

client-config-dir ccd
ccd-exclusive
route 192.168.0.0 255.255.0.0

push "redirect-gateway"
push "dhcp-option DNS 68.238.64.12"
push "dhcp-option DNS 68.238.128.12"
push "dhcp-option DNS 4.2.2.2"
push "dhcp-option DNS 4.2.2.4"

tls-auth ta.key 0 # This file is secret

cipher AES-128-CBC

comp-lzo

max-clients 5

persist-key
persist-tun
ping 15
ping-restart 300 # 5 minutes
resolv-retry 300 # 5 minutes

status openvpn-status.log
verb 6[
<hr>

I did add an "iroute 192.168.0.0 255.255.0.0" to the ccd file.

Any help would be appreciated.

Michael
 
S

Sooner Al [MVP]

Mike P. said:
Hi guys,

I managed to ping the server [10.10.0.1] from the client behind a
router [192.168.1.0/24]. My private (home) LAN is 172.16.0.0/24.
Both the server and the client does receive read/write data (in the
log) but the client can't connect to the Internet while it's connected
to the VPN server. It appears to be a routing issue, but I can't
figure it out.

Here's my server config:
<hr>
port 1194
proto udp
dev tun

ca ca.crt
cert server.crt
key server.key
dh dh2048.pem

server 10.10.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

client-config-dir ccd
ccd-exclusive
route 192.168.0.0 255.255.0.0

push "redirect-gateway"
push "dhcp-option DNS 68.238.64.12"
push "dhcp-option DNS 68.238.128.12"
push "dhcp-option DNS 4.2.2.2"
push "dhcp-option DNS 4.2.2.4"

tls-auth ta.key 0 # This file is secret

cipher AES-128-CBC

comp-lzo

max-clients 5

persist-key
persist-tun
ping 15
ping-restart 300 # 5 minutes
resolv-retry 300 # 5 minutes

status openvpn-status.log
verb 6[
<hr>

I did add an "iroute 192.168.0.0 255.255.0.0" to the ccd file.

Any help would be appreciated.

Michael
Click to expand...

You might consider searching or posting to the OpenVPN Users Mailing List...

http://sourceforge.net/mail/?group_id=48978

....or this forum...

http://openvpn.se/bb/index.php

....for help since this is a bit outside the scope of this news group.

Beyond that, and FWIW, I used bridging (versus routing) in the past when I
ran an OpenVPN server on an XP Pro box. You can find my example server,
client and other config files here...

http://theillustratednetwork.mvps.org/OpenVPN/OpenVPN.html

In my case the IP assigned to the OpenVPN server was in the same subnet as
my home LAN, ie. home LAN 10.8.0.X with the server assigned an IP of
10.8.0.11 and clients .31 through .33 for example.

Good luck...

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

VPN Help 2
Unable to get IP address from DHCP 7
ICS b/w 2 win2k pros, while one is part of a domain? 5
Network prob. need help to find solution 6
New DGteam Firmware (DG834GT) 4
Long delay - name resolution problem on multihomed computer 2
Dump of perfection Test 1

Top