Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Guess what??? I can't connect. OpenVPN Tap instance

    Scheduled Pinned Locked Moved OpenVPN
    1 Posts 1 Posters 674 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T Offline
      thejtshow
      last edited by

      Hey everyone,

      I am back to beg this wonderful community for advice on my OpenVPN setup.

      I have OpenVPN configured with a tap instance, and my openVPN client says it can connect to the server from both within and without.

      HOWEVER

      The tap adapter in my windows clients both within and without show an unidentified network with no incoming traffic, same issue within and without.

      I have tried disabling windows firewall, but this has no effect. Also thinking about it, I am unsure if this would affect it since I am getting assigned a local IP address within my subnet.

      pfsense shows that I have a connection:

      vpnuser	10.24.1.58:64134	10.24.1.125	Thu Jun 23 02:08:44 2016	213 KiB	85 KiB
      

      and this is the log from the VPN client:

      Thu Jun 23 01:50:03 2016 OpenVPN 2.3.11 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May 10 2016
      Thu Jun 23 01:50:03 2016 Windows version 6.2 (Windows 8 or greater) 64bit
      Thu Jun 23 01:50:03 2016 library versions: OpenSSL 1.0.1t  3 May 2016, LZO 2.09
      Thu Jun 23 01:50:09 2016 Control Channel Authentication: using 'pfSense-TCP-1194-vpnuser-tls.key' as a OpenVPN static key file
      Thu Jun 23 01:50:09 2016 Attempting to establish TCP connection with [AF_INET](redacted):1194 [nonblock]
      Thu Jun 23 01:50:10 2016 TCP connection established with [AF_INET](redacted):1194
      Thu Jun 23 01:50:10 2016 TCPv4_CLIENT link local (bound): [undef]
      Thu Jun 23 01:50:10 2016 TCPv4_CLIENT link remote: [AF_INET](redacted):1194
      Thu Jun 23 01:50:10 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
      Thu Jun 23 01:50:11 2016 [The JT Show Server] Peer Connection Initiated with [AF_INET](redacted):1194
      Thu Jun 23 01:50:13 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
      Thu Jun 23 01:50:13 2016 open_tun, tt->ipv6=0
      Thu Jun 23 01:50:13 2016 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{A73F74A4-A730-4406-B28D-910370DC2B84}.tap
      Thu Jun 23 01:50:13 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.24.1.125/255.255.255.0 on interface {A73F74A4-A730-4406-B28D-910370DC2B84} [DHCP-serv: 10.24.1.0, lease-time: 31536000]
      Thu Jun 23 01:50:13 2016 Successful ARP Flush on interface [37] {A73F74A4-A730-4406-B28D-910370DC2B84}
      Thu Jun 23 01:50:18 2016 Initialization Sequence Completed
      

      ipconfig shows this:

      Ethernet adapter Ethernet 2:
      
         Connection-specific DNS Suffix  . :
         Link-local IPv6 Address . . . . . : fe80::9ce0:cc91:1b5d:afba%37
         IPv4 Address. . . . . . . . . . . : 10.24.1.125
         Subnet Mask . . . . . . . . . . . : 255.255.255.0
         Default Gateway . . . . . . . . . :
      

      current openvpn config info that I think would be relevent (feel free to ask for more):

      OpenVPN Firewall rule: 0/0B, IPv4*, the rest are *
      Wan Firewall rule: 0/0B, IPv4 TCP/UDP, *, *, WAN address, 1194, *, none

      device mode: tap
      interface: wan
      port: 1194

      tunnel networks: empty

      bridge dhcp: checked
      bridge interface: lan
      dhcp start: 10.24.1.125
      end: 10.24.1.140
      redirect gateway: unchecked
      ipv4 local networks: 10.24.1.0/24

      dynamic ip: checked
      address pool: checked

      advanced options: all unchecked
      custom options: empty

      I have an interface enabled for ovpns1, not for tap1
      I also have a bridge between LAN and ovpns1.

      Not quite sure what I am missing.. I followed this guide as much as I could: https://forum.pfsense.org/index.php?topic=46984.0

      I am sure I have missed something stupidly easy, but as with most things I cannot see what is right under my nose. If you need/want any more info I am happy to provide it.

      –------------------------------------------------------------------

      Tinkering with things I shouldn't


      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.