[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Client can't reach route-gateway



Title: [Openvpn-users] Client can't reach route-gateway
Hi!
 
The line :
push "route-gateway 192.168.1.2"
is wrong and unnecessary, the gateway is set automatically in TUN mode.
 
David


From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx on behalf of Phusion
Sent: Fri 26-Oct-07 15:56
To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Subject: [Openvpn-users] Client can't reach route-gateway

I have OpenVPN 2.0.6 running on a FreeBSD 6-STABLE server. I have it
set where the external Windows XP client can connect to the VPN, but
get the following messages in the status log on the client side.

-----client status log-----
Wed Oct 24 11:47:23 2007 [VPN-server] Peer Connection Initiated with
x.x.x.x:1194
Wed Oct 24 11:47:25 2007 SENT CONTROL [VPN-server]: 'PUSH_REQUEST' (status=1)
Wed Oct 24 11:47:25 2007 PUSH: Received control message:
'PUSH_REPLY,route 192.168.1.0 255.255.255.0,route-gateway
192.168.1.2,dhcp-option WINS 192.168.1.20,dhcp-option DNS
192.168.1.20,dhcp-option DOMAIN test.local,route 10.8.0.1,ping
10,ping-restart 60,ifconfig 10.8.0.6 10.8.0.5'
Wed Oct 24 11:47:25 2007 OPTIONS IMPORT: timers and/or timeouts modified
Wed Oct 24 11:47:25 2007 OPTIONS IMPORT: --ifconfig/up options modified
Wed Oct 24 11:47:25 2007 OPTIONS IMPORT: route options modified
Wed Oct 24 11:47:25 2007 OPTIONS IMPORT: --ip-win32 and/or
--dhcp-option options modified
Wed Oct 24 11:47:25 2007 TAP-WIN32 device [VPN] opened:
\\.\Global\{63EAE761-89A8-4CDC-9EC2-88D199B99453}.tap
Wed Oct 24 11:47:25 2007 TAP-Win32 Driver Version 8.4
Wed Oct 24 11:47:25 2007 TAP-Win32 MTU=1500
Wed Oct 24 11:47:25 2007 Notified TAP-Win32 driver to set a DHCP
IP/netmask of 10.8.0.6/255.255.255.252 on interface
{63EAE761-89A8-4CDC-9EC2-88D199B99453} [DHCP-serv: 10.8.0.5,
lease-time: 31536000]
Wed Oct 24 11:47:25 2007 Successful ARP Flush on interface [3]
{63EAE761-89A8-4CDC-9EC2-88D199B99453}
Wed Oct 24 11:47:25 2007 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Wed Oct 24 11:47:25 2007 Route: Waiting for TUN/TAP interface to come up...
Wed Oct 24 11:47:26 2007 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Wed Oct 24 11:47:26 2007 Route: Waiting for TUN/TAP interface to come up...
Wed Oct 24 11:47:28 2007 TEST ROUTES: 0/0 succeeded len=2 ret=0 a=0 u/d=down
Wed Oct 24 11:47:28 2007 Route: Waiting for TUN/TAP interface to come up...
...
...
...
Wed Oct 24 11:47:55 2007 TEST ROUTES: 0/2 succeeded len=2 ret=0 a=0 u/d=up
Wed Oct 24 11:47:55 2007 route ADD 192.168.1.0 MASK 255.255.255.0 192.168.1.2
Wed Oct 24 11:47:55 2007 Warning: route gateway is not reachable on
any active network adapters: 192.168.1.2
Wed Oct 24 11:47:55 2007 Route addition via IPAPI failed
Wed Oct 24 11:47:55 2007 route ADD 10.8.0.1 MASK 255.255.255.255 192.168.1.2
Wed Oct 24 11:47:55 2007 Warning: route gateway is not reachable on
any active network adapters: 192.168.1.2
Wed Oct 24 11:47:55 2007 Route addition via IPAPI failed
Wed Oct 24 11:47:55 2007 Initialization Sequence Completed With Errors
( see http://openvpn.net/faq.html#dhcpclientserv )
-----client status log-----

The VPN server has the IP address of 192.168.1.61. Our network has the
following subnets: 192.168.1.0, 192.168.2.0, 192.168.10.0,
192.168.40.0, 192.168.101.0, 192.168.102.0, 192.168.103.0,
192.168.104.0. Below are copies of the server and client config files.

-----openvpn.conf-----
dev tun
comp-lzo
port 1194
proto udp
ping-timer-rem
persist-tun
persist-key
dh /usr/local/etc/openvpn/keys/dh1024.pem
ca /usr/local/etc/openvpn/keys/ca.crt
cert /usr/local/etc/openvpn/keys/VPN-server.crt
key /usr/local/etc/openvpn/keys/VPN-server.key
keepalive 10 60
group nobody
daemon
server 10.8.0.0 255.255.255.0
push "route 192.168.1.0 255.255.255.0"
push "route-gateway 192.168.1.2"
push "dhcp-option WINS 192.168.1.20"
push "dhcp-option DNS 192.168.1.20"
push "dhcp-option DOMAIN test.local"
ifconfig-pool-persist ips.txt 60
plugin /usr/local/lib/openvpn-auth-ldap.so /usr/local/etc/openvpn/auth-ldap.conf
-----openvpn.conf-----

-----vpn.ovpn-----
client
remote x.x.x.x 1194
dev tun
comp-lzo
ca ca.crt
cert VPN-client.crt
key VPN-client.key
verb 3
auth-user-pass
nobind
-----vpn.ovpn-----

>From the client status log it looks like there is a problem with the
server configuration.

Phusion

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users