[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] route not being pushed to client



Title: [Openvpn-users] route not being pushed to client
Does the client run with administrator rights ?
 
I believe this line in the server config is unneeded :
push "route 192.168.141.0 255.255.255.0"
 
Regards,
David


From: openvpn-users-bounces@xxxxxxxxxxxxxxxxxxxxx on behalf of Yan Seiner
Sent: Wed 07-Nov-07 03:41
To: openvpn-users@xxxxxxxxxxxxxxxxxxxxx
Cc: Johan Niemand
Subject: [Openvpn-users] route not being pushed to client

We're trying to bridge a linux box to a windows road warrior.

We need to bridge because of some software on the road warrior that
won't work with routed networks.

So far we've established the tunnel and we can get an IP, but no data
flows.  No pings, no nothing.

We've figured out that this is most likely due to to gateway not being
pushed to the client.  I've posted a screenshot at
http://www.seiner.com/screenshot.png

 From the manpage,

       server-bridge gateway netmask pool-start-IP pool-end-IP

              For example,  server-bridge  10.8.0.4  255.255.255.0 
10.8.0.128
              10.8.0.254 expands as follows:

              mode server
              tls-server

              ifconfig-pool 10.8.0.128 10.8.0.254 255.255.255.0
              push "route-gateway 10.8.0.4"

So the client should get a default route of 10.8.0.4

On our system, the route for the tap interface is set but the default
gateway for the tap adapter remains empty, and the default route is set
to the physical NIC.

Can anyone suggest what we need to set, for either the client or the server?

Server conf:
port 1194
proto tcp
dev tap
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.141.3 255.255.255.0 192.168.141.120 192.168.141.127
push "route 192.168.141.0 255.255.255.0"
keepalive 10 120
comp-lzo
persist-key
status openvpn-status.log
verb 3

client conf:
client
dev tap
proto tcp
remote x.x.x.x 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert tiffini.crt
key tiffini.key
comp-lzo
verb 3

Thanks,

--Yan



-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Openvpn-users mailing list
Openvpn-users@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/openvpn-users