Thank you again for your help. Here's my server config file:
########################################
# Sample OpenVPN config file for
# multi-client udp server
#
# tun-style tunnel
port 5000
dev tun
local 71.218.70.69
# nobind
status c:\\Program\ Files\\OpenVPN\\config\\tun.log 10
comp-lzo
# TLS parms
tls-server
ca c:\\Program\ Files\\OpenVPN\\my-openvpn-keys\\ca.crt
cert c:\\Program\ Files\\OpenVPN\\my-openvpn-keys\\deception.crt
key c:\\Program\ Files\\OpenVPN\\my-openvpn-keys\\deception.key
dh c:\\Program\ Files\\OpenVPN\\my-openvpn-keys\\dh1024.pem
# Tell OpenVPN to be a multi-client udp server
mode server
# The server's virtual endpoints
ifconfig 10.8.0.1 10.8.0.2
# Pool of /30 subnets to be allocated to clients.
# When a client connects, an --ifconfig command
# will be automatically generated and pushed back to
# the client.
ifconfig-pool 10.8.0.4 10.8.0.255
# Push route to client to bind it to our local
# virtual endpoint.
push "route 10.8.0.1 255.255.255.255"
# Client should attempt reconnection on link
# failure.
ping 10
ping-restart 120
push "ping 10"
push "ping-restart 60"
# Route the --ifconfig pool range into the
# OpenVPN server.
route 10.8.0.0 255.255.255.0
# The server doesn't need privileges
#user nobody
#group nobody
verb 4
I can get my sample client working with pretty much the same server
file on a Windows XP test computer so I don't THINK it's a problem with
my Mac OS X client. I'm including the file here anyway for your
reference:
#########################################
# Sample client-side OpenVPN config file
# for connecting to multi-client server.
#
# The server can be pinged at 10.8.0.1.
#
# This configuration can be used by multiple
# clients, however each client should have
# its own cert and key files.
#
# tun-style tunnel
port 5000
dev tun
remote 71.218.70.69
# TLS parms
tls-client
ca /usr/local/openvpn-2.0_beta7/sample-config-files/ca.crt
cert /usr/local/openvpn-2.0_beta7/sample-config-files/deception.crt
key /usr/local/openvpn-2.0_beta7/sample-config-files/deception.key
dh /usr/local/openvpn-2.0_beta7/sample-config-files/dh1024.pem
# This parm is required for connecting
# to a multi-client server. It tells
# the client to accept options which
# the server pushes to us.
pull
verb 4
comp-lzo
Thanks again,
- Andrew.
On Jul 24, 2004, at 14:35, James Yonan wrote:
Andrew Clarke <andrew@xxxxxxxxx> said:
Thank you very much for your response, James. I've added "local
71.218.70.69" to my .ovpn file (I also tried .65) but am still having
the same problems. The ipconfig /all output I've included below has
local 71.218.70.69 in the .ovpn file.
I also tried adding nobind and got the following line repeating
several
hundred times per second:
Wed Jul 21 17:58:20 2004 read UDPv4: Invalid argument (WSAEINVAL)
(code=10022)
So all in all I'm still having trouble! When I fire up my client, the
two computers "see" each other on the VPN and I see packets being
transferred via RWRWRWRWRRW etc. showing up in the output, but I can't
ping or do anything actually useful. I guess because my server
virtual
adapter doesn't have an IP address assigned to it!
The main problem here seems to be that the DHCP handshake to set the
TAP-Win32
adapter properties is not working correctly. It would help to be able
to look
at your config files.
The repeating "Invalid argument (WSAEINVAL)" messages may well be an
unrelated
issue, but I will log it as a possible bug.
James
Thanks again,
- Andrew.
(p.s. IP addresses changed to protect the innocent)
C:\Documents and Settings\andrew>ipconfig /all
Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : TESTSERVER
Primary DNS Suffix . . . . . . . : somecompany.com.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : somecompany.com.local
com.local
Ethernet adapter Local Area Connection 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : TAP-Win32 Adapter V8
Physical Address. . . . . . . . . : 00-FF-3E-B3-7E-D8
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 0.0.0.0
Subnet Mask . . . . . . . . . . . : 0.0.0.0
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . :
DNS Servers . . . . . . . . . . . :
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Broadcom NetXtreme
Gigabit
Ethernet
Physical Address. . . . . . . . . : 00-B0-D0-F0-2F-D6
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 71.218.70.69
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 71.218.70.68
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 71.218.70.67
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 71.218.70.66
Subnet Mask . . . . . . . . . . . : 255.255.255.0
IP Address. . . . . . . . . . . . : 71.218.70.65
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 71.218.70.1
DNS Servers . . . . . . . . . . . : 71.218.70.75
71.218.71.100
71.218.71.200
Primary WINS Server . . . . . . . : 71.218.70.75
Ethernet adapter Local Area Connection 2:
Media State . . . . . . . . . . . : Cable Disconnected
Description . . . . . . . . . . . : Intel(R) PRO/100 Network
Connection
Physical Address. . . . . . . . . : 00-B0-D0-F0-2F-D5
On Jul 21, 2004, at 13:28, James Yonan wrote:
On Wednesday 21 July 2004 11:21, Andrew Clarke wrote:
I'm trying to set up OpenVPN 2.0b7 on a Win2k Advanced Server with 5
IPs on the first ethernet adapter. It has a second adapter with no
ethernet cable plugged into it.
I'm not sure why I'm getting the errors I'm getting, but I'm
wondering
if maybe OpenVPN is confused by the multiple IPs, or is trying to
find
traffic on the wrong NIC, or something like that. I have OpenVPN
2.0b7
working on my Mac OS X, Linux and WinXP computers but can't get it
working on this one. If anybody has any suggestions, I'd really
appreciate it. I'm also including what I think are the appropriate
lines from a verb 5 test.
Are you using --local to bind to a particular adapter?
Also consider --nobind to avoid binding at all.
Thanks,
- Andrew Clarke.
Wed Jul 21 08:43:38 2004 TAP-WIN32 device [Local Area Connection 3]
opened: \\.\Global\{3EB37ED8-DE88-449A-95DC-815A25829995}.tap
Wed Jul 21 08:43:38 2004 TAP-Win32 Driver Version 8.1
Wed Jul 21 08:43:38 2004 TAP-Win32 MTU=1500
Wed Jul 21 08:43:38 2004 Notified TAP-Win32 driver to set a DHCP
IP/netmask of 10.8.0.1/255.255.255.252 on interface
{3EB37ED8-DE88-449A-95DC-815A25829995} [DHCP-serv: 10.8.0.2,
lease-time: 31536000]
Wed Jul 21 08:43:38 2004 Sleeping for 10 seconds...
Wed Jul 21 08:43:48 2004 Successful ARP Flush on interface [2]
{3EB37ED8-DE88-449A-95DC-815A25829995}
Wed Jul 21 08:43:48 2004 Attempting to lock Win32 semaphore
'openvpn_netcmd' prior to net shell command (timeout = 600 sec)
Wed Jul 21 08:43:48 2004 route ADD 10.8.0.0 MASK 255.255.255.0
10.8.0.2
The route addition failed: Either the interface index is wrong or
the
gateway does not lie on the same network as the interface. Check the
IP
Address Table for the machine.
This probably means that the system couldn't find 10.8.0.2 in an
active
interface. An "ipconfig /all" would be useful at this point to
diagnose
further.
James
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
--
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users
|