[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Vista and 2.1 rc4


  • Subject: Re: [Openvpn-users] Vista and 2.1 rc4
  • From: Josh Cepek <josh.cepek@xxxxxxx>
  • Date: Wed, 19 Dec 2007 22:44:01 -0600
  • Openpgp: id=2E5A5127
  • Z-usanet-msgid: XID419LLTDrn0189X29

Lee Rocklage wrote:
>
> I am using vista with openvpn 2.1 rc4 and am getting the errors
> below.  Has anyone seen these and know how to fix them?
>
>  
>
> Tue Dec 18 19:36:24 2007 WARNING: Since you are using --dev tap, the
> second argument to --ifconfig must be a netmask, for example something
> like 255.255.255.0. (silence this warning with --ifconfig-nowarn)
> Tue Dec 18 19:36:24 2007 OpenVPN ROUTE: OpenVPN needs a gateway
> parameter for a --route option and no default was specified by either
> --route-gateway or --ifconfig options
> Tue Dec 18 19:36:24 2007 OpenVPN ROUTE: failed to parse/resolve route
> for host/network: 72.5.73.0
> Tue Dec 18 19:36:24 2007 OpenVPN ROUTE: OpenVPN needs a gateway
> parameter for a --route option and no default was specified by either
> --route-gateway or --ifconfig options
> Tue Dec 18 19:36:24 2007 OpenVPN ROUTE: failed to parse/resolve route
> for host/network: 10.172.192.0
> Tue Dec 18 19:36:24 2007 OpenVPN ROUTE: OpenVPN needs a gateway
> parameter for a --route option and no default was specified by either
> --route-gateway or --ifconfig options
> Tue Dec 18 19:36:24 2007 OpenVPN ROUTE: failed to parse/resolve route
> for host/network: 192.168.56.1
> Tue Dec 18 19:36:24 2007 TAP-Win32 adapter 'MyTap' not found
> Tue Dec 18 19:36:24 2007 Exiting
>

The first warning is caused by an invalid netmask specified by
ifconfig.  In tap mode the "ifconfig" option requires 2 parameters: an
IP address that the computer will take and a netmask for the Ethernet
segment.  For example, the configuration "ifconfig 10.8.0.1
255.255.255.0" tells OpenVPN to set an IP of 10.8.0.1 with a netmask of
255.255.255.0 for a standard class-C network.  Fix this warning by
correcting the ifconfig statement to use the proper parameters.  VPN
clients can optionally have the server provide the IP and netmask
details if you specify "client" in the client config files and use
"ifconfig-pool" on the server.  When using "ifconfig-pool" from the
server you omit the "ifconfig" on the client side and must specify
"client" or "pull".

All 3 of the route errors exist because you didn't specify the
"route-gateway" option.  In tap mode you must specify the gateway to the
networks so OpenVPN knows how to reach each of them.  If your VPN server
is the gateway to these networks and has the IP 10.8.0.1, you would use
"route-gateway 10.8.0.1".  This too can be pushed from the server to all
clients by putting this command in the server configuration: push
"route-gateway 10.8.0.1" As above, if you push options your clients need
either "client" or "pull".  Note that in a bridged setup the gateway may
be another host on the network being bridged to rather than the VPN server.

The last error is caused because you specified a tap adapter by the name
of "MyTap" which doesn't exist on your system.  For Windows (including
Vista) you have 3 ways to specify the adapter, listed below.  You can
view the list of adapters by calling running this at a command prompt:
"openvpn --show-adapters" (remember to change to the proper directory
first, usually <Install Path>\OpenVPN\bin.)

Option 1. Use "dev tap" which will cause OpenVPN to use the first
available tap adapter on your system.  For this method do not use
"dev-node".

Option 2. Specify both "dev tap" and "dev-node ADAPTER_NAME" where the
ADAPTER_NAME is the exact name of your tap adapter.

Option 3. Specify both "dev tap" and "dev-node {GUID_OF-ADAPTER}" where
{GUID_OF_ADAPTER} is the long series of numbers including the curly
braces from the command shown above.

Normally when you install OpenVPN it automatically creates a TAP adapter
(often called "Local Area Connection 2" or similar.)  If you need to
create a new adapter run the program <Install
Path>\OpenVPN\bin\addtap.bat which will create a new adapter.  You may
also rename adapters as necessary in the Network Connections control panel.

Since you didn't provide any config files, most of the information I've
given above is conceptual and pieces may not apply to what you're trying
to do.  It's a lot more helpful if you post your client and server
config files to receive better information.

-- 
Josh


Attachment: signature.asc
Description: OpenPGP digital signature