Dawid Ciecierski wrote:
1) Windows XP client, internal IP 10.77.30.101, connecting through
gateway 220.127.116.11. XP firewall turned off entirely, no anti-virus
2) Small Linux home router / server in another location. Internally machines on eth0
/ LAN are assigned 10.1.1.2 upwards.
This looks suspicious....
Sat Aug 18 11:51:51 2007 us=126086 push_list = 'route 10.0.0.0
You should check the netmask here
I just noticed that Sourceforge deleted my original attachments, so
here they are.
The route above is added as the private LAN behind the server I'm
connecting to have IPs from 10.1.1.1, and OpenVPN clients should be
getting 10.8.0.0 and above (look at the configs). As I understand it,
netmask 255.0.0.0 means that clients can take any IP from 10.0.0.0 to
10.255.255.255, so should be ok.
You can't push a 10.0.0.0/8 route as you have because your client is
given a 10.77.30.101 address on the remote side. You should never push
overlapping routes to clients, so if you push that 10.0.0.0/255.0.0.0
route, you can't connect to the VPN if your computer is on any network
in that range.
Either the client's physical default gateway becomes reachable (since
it thinks that IP should be contacted over the VPN thus taking down
your entire VPN and Internet connection until the VPN times out) or
your have a firewall issue blocking some of the traffic, and I suspect
Description: OpenPGP digital signature