[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Works on Windows but not Ubuntu or Nokia N800 (Debian-based ) Linux


  • Subject: Re: [Openvpn-users] Works on Windows but not Ubuntu or Nokia N800 (Debian-based ) Linux
  • From: Stefan Lamby <slamby@xxxxxx>
  • Date: Thu, 13 Sep 2007 20:47:36 +0200

I would still recommend to disable the firewall on the ubuntu machine first,
enable ip-forward again and test with this machine if you are able to
connect and i.e. browse.

If that doesnt work we could have a look at other things.

What drives me is the fact that you are able to connect with the win
client and imo we should focus at iptables first. And it is a fast way
to eliminate one issue.

mfresh schrieb:
> Hi Stefan.
>
> I haven't modified the Ubuntu machine at all, but still am having problems. 
> To recap, I have a Windows machine, a Ubuntu machine and a Nokia N800 all 
> running OpenVPN 2 and all using identical client confs:
>
> remote xxx.xxx.xxx.xxx
> port 1194
> dev tap
> secret static.key
> proto udp
> comp-lzo
> verb 3
> route-gateway 192.168.75.1
> redirect-gateway
>
> The Windows machine with OpenVPNGui works fine, and visiting a site like 
> whatsmyip.org confirms that the traffic is passing through the tunnel and 
> on to the Internet.
>
>   However the Ubuntu and N800 machines both appear to connect but nothing 
> happens once they are connected. No browsing is possible for example. The 
> OpenVPN server is running on a router at 192.168.75.1. The external network 
> I am connecting from has a gateway at 192.168.0.1
>
> Here's the Ubuntu log:
>
> root@acer:/etc/openvpn# openvpn --config router2.ovpn
> Thu Sep 13 18:42:43 2007 OpenVPN 2.0.9 i486-pc-linux-gnu [SSL] [LZO]
> Thu Sep 13 18:42:43 2007 LZO compression initialized
> Thu Sep 13 18:42:43 2007 TUN/TAP device tap0 opened
> Thu Sep 13 18:42:43 2007 route add -net 80.229.31.252 netmask
> 255.255.255.255 gw 192.168.0.1
> Thu Sep 13 18:42:43 2007 route add -net 0.0.0.0 netmask 128.0.0.0 gw
> 192.168.75.1
> Thu Sep 13 18:42:43 2007 route add -net 128.0.0.0 netmask 128.0.0.0 gw
> 192.168.75.1
> Thu Sep 13 18:42:43 2007 Data Channel MTU parms [ L:1577 D:1450 EF:45
> EB:135 ET:32 EL:0 AF:3/1 ]
> Thu Sep 13 18:42:43 2007 Local Options hash (VER=V4): '83c3b015'
> Thu Sep 13 18:42:43 2007 Expected Remote Options hash (VER=V4):
> '83c3b015'
> Thu Sep 13 18:42:43 2007 UDPv4 link local (bound): [undef]:1194
> Thu Sep 13 18:42:43 2007 UDPv4 link remote: XX.XX.XX.XX:1194
> Thu Sep 13 18:42:45 2007 Peer Connection Initiated with
> 80.229.31.252:1194
> Thu Sep 13 18:42:45 2007 Initialization Sequence Completed
>
>
> The Nokia N800 also fails to connect properly, but the log is slightly 
> different:
>
>
> /etc/openvpn # openvpn --config router2.ovpn
> Thu Sep 13 18:51:54 2007 OpenVPN 2.0.7 arm-unknown-linux [SSL] [LZO] 
> [EPOLL] built on Jul 17 2006
> Thu Sep 13 18:51:54 2007 LZO compression initialized
> Thu Sep 13 18:51:54 2007 TUN/TAP device tap0 opened
> Thu Sep 13 18:51:54 2007 /sbin/route add -net xx.xx.xx.xx netmask 
> 255.255.255.255 gw 192.168.0.1
> Thu Sep 13 18:51:54 2007 /sbin/route del -net 0.0.0.0 netmask 0.0.0.0
> Thu Sep 13 18:51:55 2007 /sbin/route add -net 0.0.0.0 netmask 0.0.0.0 gw 
> 192.168.75.1
> route: SIOC[ADD|DEL]RT: Network is unreachable
> Thu Sep 13 18:51:55 2007 ERROR: Linux route add command failed: shell 
> command exited with error status: 1
> Thu Sep 13 18:51:55 2007 Data Channel MTU parms [ L:1577 D:1450 EF:45 
> EB:135 ET:32 EL:0 AF:3/1 ]
> Thu Sep 13 18:51:55 2007 Local Options hash (VER=V4): '83c3b015'
> Thu Sep 13 18:51:55 2007 Expected Remote Options hash (VER=V4): '83c3b015'
> Thu Sep 13 18:51:55 2007 UDPv4 link local (bound): [undef]:1194
> Thu Sep 13 18:51:55 2007 UDPv4 link remote: xx.xx.xx.xx:1194
> Thu Sep 13 18:51:55 2007 Peer Connection Initiated with xx.xx.xx.xx:1194
> Thu Sep 13 18:51:56 2007 Initialization Sequence Completed
>
> Here's the server config on the router:
>
>
> openvpn --mktun --dev tap0
> brctl addif br0 tap0
> ifconfig tap0 0.0.0.0 promisc up
> echo "
> -----BEGIN OpenVPN Static key V1-----
> XXXXXX
> -----END OpenVPN Static key V1-----
> " > /tmp/static.key
> ln -s /usr/sbin/openvpn /tmp/myvpn
> /tmp/myvpn --dev tap0 --secret /tmp/static.key --comp-lzo --port 1194 
> --proto udp --verb 3 --daemon
>
>
> So the question is:
> Why does this set up work fine in windows, refuse to add a route on the 
> N800, and appear to work but not on the Ubuntu machine, all connecting to 
> the same AP in the same room?
>
> Any help or ideas gratefully received...
>
>
>
>
>
> At 17:07 13/09/2007, you wrote:
>   
>> Please tell me what you did that the ubuntu machine no longer fails to
>> add the route.
>> Please post your server.conf also.
>>
>> Please if answering to the mail use answer to all or something similar
>> or the list wont be able to participate anymore.
>>
>> Thanks
>> Stefan
>>
>>
>> mfresh schrieb:
>>     
>>> Hi Stefan
>>>
>>> I'm not sure what you mean. As far as I know I am not running a
>>> software client on the Ubuntu machine.
>>>
>>>
>>> Here's what's puzzling me:
>>>
>>> On the Ubuntu machine I am no longer getting the route add failed, but
>>> look at line 2. I do not understand where the 192.168.1.1 comes from.
>>> My gateway is 192.168.75.1 so where does it get 192.168.1.1 from?
>>>
>>>
>>> Thu Sep 13 16:13:35 2007 TUN/TAP device tap0 opened
>>> Thu Sep 13 16:13:35 2007 route add -net xx.xx.xx.xx netmask
>>> 255.255.255.255 gw 192.168.1.1
>>> Thu Sep 13 16:13:35 2007 route del -net 0.0.0.0 netmask 0.0.0.0
>>> Thu Sep 13 16:13:35 2007 route add -net 0.0.0.0 netmask 0.0.0.0 gw
>>> 192.168.75.1
>>> Thu Sep 13 16:13:35 2007 Data Channel MTU parms [ L:1577 D:1450 EF:45
>>> EB:135 ET:32 EL:0 AF:3/1 ]
>>> Thu Sep 13 16:13:35 2007 Local Options hash (VER=V4): '83c3b015'
>>> Thu Sep 13 16:13:35 2007 Expected Remote Options hash (VER=V4):
>>> '83c3b015'
>>> Thu Sep 13 16:13:35 2007 UDPv4 link local (bound): [undef]:1194
>>> Thu Sep 13 16:13:35 2007 UDPv4 link remote: xx.xx.xx.xx:1194
>>> Thu Sep 13 16:13:37 2007 Peer Connection Initiated with
>>> 80.229.31.252:1194
>>> Thu Sep 13 16:13:37 2007 Initialization Sequence Completed
>>>
>>>
>>> Thanks again for your help so far!
>>>
>>> Paul
>>>
>>>
>>> At 15:37 13/09/2007, you wrote:
>>>       
>>>> Please disable the firewall at the ubuntu client, and run openvpn client
>>>> as user root and see what happens.
>>>>
>>>> mfresh schrieb:
>>>>         
>>>>> Hi Stefan.
>>>>>
>>>>> Thanks for your suggestion but I've tried being root on both the
>>>>> Ubuntu and N800 machines, but it still won't get the route.
>>>>>
>>>>> On Windows, it is all fine.
>>>>>
>>>>> Any other ideas?
>>>>>
>>>>> Thanks again for your input,
>>>>>
>>>>>
>>>>> mfresh
>>>>>
>>>>>
>>>>> At 13:06 13/09/2007, you wrote:
>>>>>
>>>>>           
>>>>>> Just an idea: Could you try running the client as user root and
>>>>>>             
>>>> see if
>>>>         
>>>>>> it still fails to add the route?
>>>>>>
>>>>>>
>>>>>>
>>>>>>             
>>>>>>> Initialization Sequence Complete
>>>>>>>
>>>>>>> My client config is
>>>>>>> remote xxx.xxx.xxx.xxx
>>>>>>> port 1194
>>>>>>> dev tap
>>>>>>> secret static.key
>>>>>>> proto udp
>>>>>>> comp-lzo
>>>>>>> route-gateway 192.168.75.1
>>>>>>> redirect-gateway
>>>>>>>
>>>>>>> The weird thing is this client config works in Windows, but not
>>>>>>>               
>>>> Linux:
>>>>         
>>>>>>> although the connection seems to be made, I can't browse the
>>>>>>>               
>>>>>> Internet while
>>>>>>             
>>>>>>> the OpenVPN connection is up.
>>>>>>>
>>>>>>> Any help gratefully received!
>>>>>>>
>>>>>>> Cheers,
>>>>>>>
>>>>>>> mfresh
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>               
>>>> -------------------------------------------------------------------------
>>>>
>>>>         
>>>>>>> This SF.net email is sponsored by: Microsoft
>>>>>>> Defy all challenges. Microsoft(R) Visual Studio 2005.
>>>>>>> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
>>>>>>> _______________________________________________
>>>>>>> Openvpn-users mailing list
>>>>>>> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
>>>>>>> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>>>>>>>
>>>>>>>
>>>>>>>               
>>>>>> Cheers,
>>>>>> Stefan
>>>>>>
>>>>>> --
>>>>>> This email has been verified as Virus free
>>>>>> Virus Protection and more available at http://www.plus.net
>>>>>>             
>>>> --
>>>> This email has been verified as Virus free
>>>> Virus Protection and more available at http://www.plus.net
>>>>         
>> --
>> This email has been verified as Virus free
>> Virus Protection and more available at http://www.plus.net
>>     
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Microsoft
> Defy all challenges. Microsoft(R) Visual Studio 2005.
> http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
> _______________________________________________
> Openvpn-users mailing list
> Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
> https://lists.sourceforge.net/lists/listinfo/openvpn-users
>
>   

____________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users