On Thu, 13 Jan 2005 21:22:09, Andreas Iwanowski wrote:
> There is no routing issue I know of, and I didn't come up with anything. I'm not using RIP(what exactly is that?) ,
> and the default gateway does not lose the route either. The problem also onl occurs if a client tries to use the route
> while it is down, as I have found out. Please read my previous post as to why it might happen. I will try this and
> then post if this is the cause.
> There is no routing issue I know of, and I didn't come up with anything.
You must have routing issues somewhere, and you can't possibly know that because things aren't working. Do a 'route PRINT' and paste the complete output, obviously masking any public IPs you don't want people to see.
Can you get any clients to successfully deliver traffic across the networks to your servers and ping them at any time? That isn't clear from what you've written. Can the servers ping back?
Try replicating your server set-up on an ordinary Windows XP or 2000 machine if possible and comparing the routing tables from them with the server when you bring OpenVPN up. Are they the equivalent?
What about the routing tables on the clients - are they set right?
Do you have any networks around that conflict with your VPN network?
When you ping anywhere, does it try and deliver the network traffic through the wrong gateway?
If you'd read some other threads around here you'd have read that there can be issues with a route not being set on Windows 2000/2003 when bringing up an interface if RRA is on. This is critical to routing traffic through the VPN. Since I didn't need RRA on I got around the problem, but I don't know what caused it.
I would try radically symplifying your set-up and building it up piece by piece, server by server. Get one up and running, ping, run network traffic over it and see if it breaks. If you add another piece of the infrastructure and it breaks, you know what caused it. Basically, get a simple routing set up working and work up from there because at the moment I just think what you've got is too complex to troubleshoot, certainly on a mailing list. It could be many things, especially where Windows is concerned.
The answer you get is only as good as the information you give.