[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] 2.0rc, w2k <-> Linux, default gw problem


  • Subject: [Openvpn-users] 2.0rc, w2k <-> Linux, default gw problem
  • From: Ferenc-Jan <ferenc@xxxxxxxxxxxxx>
  • Date: Mon, 13 Dec 2004 22:23:18 +0100

Hi there!

Let me say a big Thank You! to the developers of openvpn. I am using 1.6.0 very happily to secure my w2k laptop WLAN connection to my (linux) gateway. But I too am yet another punter with a problem.

I have a second w2k laptop with WLAN so I thought to step up to 2.0rc,
and run it in server mode:

 <snip>
 server 192.168.4.0 255.255.255.0
 ifconfig-pool-persist ipp.txt

The client(s) can connect fine, and I can ping (and do Samba!) through
the tunnel. So it seems to be working fine. The routing for TAP on w2k
looks strange to me however:

 <snip>
 192.168.4.1    255.255.255.255  192.168.4.5  192.168.4.6  1
 192.168.4.4    255.255.255.252  192.168.4.6  192.168.4.6  1
 192.168.4.6    255.255.255.255  127.0.0.1    127.0.0.1    1
 192.168.4.255  255.255.255.255  192.168.4.6  192.168.4.6  1

Can't imagine life without google, so I try to add a route. The route to the default gateway. But:

 route ADD 0.0.0.0 MASK 0.0.0.0  192.168.4.1

fails in a (to me) incomprehensible manner, I'll spare you the (dutch)
error message but it complains about 'incorrect interface-index' and
that I need  to check the 'IP-address-table.'

Where should I look for information? I don't entirely understand the W2K
routing table entries after TAP has been set up. Has probably got something to do with the fake DHCP server? Point-to-point mode,
which incidentally runs fine, adds three entries to the routing table:
192.168.4.0, 192.168.4.2 & 192.168.4.255 that look perfectly normal to me. I hope a kind soul will point me where to look, because if I understand this I would like to use it to secure the WLAN at work. Thanks in advance!


cheers,
Ferenc

Below I've pasted the confs and routing tables. Sorry for the long post!

<server>
local 192.168.2.8
port 1194
dev tun

ca sample-keys/tmp-ca.crt
cert sample-keys/server.crt
key sample-keys/server.key
dh sample-keys/dh1024.pem

server 192.168.4.0 255.255.255.0
ifconfig-pool-persist ipp.txt

keepalive 10 120
persist-key
persist-tun

status status.log


<client> client dev tun

remote 192.168.2.8 1194

ca sample-keys/tmp-ca.crt
cert sample-keys/client.crt
key sample-keys/client.key

persist-key
persist-tun
verb 4

<after setting up WLAN but before openvpn is started>
C:\>route print
======================================================================
Interfacelijst
0x1 ........................... MS TCP Loopback interface
0x2 ...00 ff c1 13 6a 5a ...... TAP-Win32 Adapter V8
0x1000004 ...00 30 f1 db dc 9c ...... SpeedTouch 110g Wireless PC Card
======================================================================
======================================================================
Actieve routes:
Netwerkadres    Netmask         Gateway       Interface    Metric
0.0.0.0         0.0.0.0         192.168.2.8   192.168.2.12      1
127.0.0.0       255.0.0.0       127.0.0.1     127.0.0.1         1
192.168.2.0     255.255.255.0   192.168.2.12  192.168.2.12      1
192.168.2.12    255.255.255.255 127.0.0.1     127.0.0.1         1
192.168.2.255   255.255.255.255 192.168.2.12  192.168.2.12      1
224.0.0.0       224.0.0.0       192.168.2.12  192.168.2.12      1
255.255.255.255 255.255.255.255 192.168.2.12             2      1
======================================================================
Permanente routes:
  Geen

<after the openvpn service is up>
C:\>route print
======================================================================
Interfacelijst
0x1 ........................... MS TCP Loopback interface
0x2 ...00 ff c1 13 6a 5a ...... TAP-Win32 Adapter V8
0x1000004 ...00 30 f1 db dc 9c ...... SpeedTouch 110g Wireless PC Card
======================================================================
======================================================================
Actieve routes:
Netwerkadres    Netmask         Gateway       Interface     Metric
  0.0.0.0         0.0.0.0       192.168.2.8   192.168.2.12       1
127.0.0.0       255.0.0.0       127.0.0.1     127.0.0.1          1
192.168.2.0     255.255.255.0   192.168.2.12  192.168.2.12       1
192.168.2.12    255.255.255.255 127.0.0.1     127.0.0.1          1
192.168.2.255   255.255.255.255 192.168.2.12  192.168.2.12       1
192.168.4.1     255.255.255.255 192.168.4.5   192.168.4.6        1
192.168.4.4     255.255.255.252 192.168.4.6   192.168.4.6        1
192.168.4.6     255.255.255.255 127.0.0.1     127.0.0.1          1
192.168.4.255   255.255.255.255 192.168.4.6   192.168.4.6        1
224.0.0.0       224.0.0.0       192.168.2.12  192.168.2.12       1
224.0.0.0       224.0.0.0       192.168.4.6   192.168.4.6        1
255.255.255.255 255.255.255.255 192.168.4.6   192.168.4.6        1
======================================================================
Permanente routes:
  Geen

<the (dutch) error message>
C:\>route add 0.0.0.0 mask 0.0.0.0 192.168.4.1
Kan niet toevoegen aan de route: De interface-index is onjuist of de
gateway bevindt zich niet in hetzelfde netwerk als de interface.
Controleer de IP-adrestabel van de computer.
("Can't add to the route: the interface-index is incorrect or the gateway is not in the same network as the interface. Check the IP-address-table of the computer.")


____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users