[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Connection reset - cannot connect

  • Subject: Re: [Openvpn-users] Connection reset - cannot connect
  • From: Josh Cepek <josh.cepek@xxxxxxx>
  • Date: Sun, 02 Sep 2007 08:08:57 -0500
  • Openpgp: id=2E5A5127
  • Z-usanet-msgid: XID305LiBNJL0242X38

Dawid Ciecierski wrote:
1) Windows XP client, internal IP, connecting through
gateway XP firewall turned off entirely, no anti-virus
software etc.

2) Small Linux home router / server in another location. Internally machines on eth0
/ LAN are assigned upwards.
This looks suspicious....
Sat Aug 18 11:51:51 2007 us=126086   push_list = 'route,redirect-gateway,route'
You should check the netmask here

I just noticed that Sourceforge deleted my original attachments, so
here they are.

The route above is added as the private LAN behind the server I'm
connecting to have IPs from, and OpenVPN clients should be
getting and above (look at the configs). As I understand it,
netmask means that clients can take any IP from to, so should be ok.

You can't push a route as you have because your client is given a address on the remote side.  You should never push overlapping routes to clients, so if you push that route, you can't connect to the VPN if your computer is on any network in that range.

Either the client's physical default gateway becomes reachable (since it thinks that IP should be contacted over the VPN thus taking down your entire VPN and Internet connection until the VPN times out) or your have a firewall issue blocking some of the traffic, and I suspect the former.


Attachment: signature.asc
Description: OpenPGP digital signature