Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem with windos 7

    Scheduled Pinned Locked Moved OpenVPN
    7 Posts 3 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      Vorms
      last edited by

      I install a server on a raspberry.
      I install a client on my iphone.
      I install a separate client on my pc (windows 7)

      With the iphone I can acces on local machine like file server on the local subnet of the openvpn server

      On window, when the client connect the server, there is no error message. but nothing work at all.

      Here is the server conf:
      dev tun
      proto udp
      port 1194
      ca /etc/openvpn/easy-rsa/keys/ca.crt
      cert /etc/openvpn/easy-rsa/keys/server.crt
      key /etc/openvpn/easy-rsa/keys/server.key
      dh /etc/openvpn/easy-rsa/keys/dh1024.pem
      keepalive 10 120
      max-clients 5
      user nobody
      group nogroup
      server 10.8.0.0 255.255.255.0
      persist-key
      persist-tun
      status /var/log/openvpn-status.log
      verb 3
      client-to-client
      push "redirect-gateway def1"
      #set the dns servers
      push "dhcp-option DNS 8.8.8.8"
      push "dhcp-option DNS 8.8.4.4"
      push "redirect-gateway local def1"
      log-append /var/log/openvpn
      comp-lzo

      here is the client conf
      dev tun
      client
      proto udp
      remote 81.28.206.197 1194
      float
      redirect-gateway def1
      resolv-retry infinite
      nobind
      persist-key
      persist-tun
      ca ca.crt
      cert client1.crt
      key client1.key
      comp-lzo
      verb 3
      route-method exe
      route-delay 2

      Here is the log of the client
      Sun Jun 16 13:21:27 2013 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Jun  3 2013
      Sun Jun 16 13:21:27 2013 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25342
      Sun Jun 16 13:21:27 2013 Need hold release from management interface, waiting…
      Sun Jun 16 13:21:27 2013 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25342
      Sun Jun 16 13:21:27 2013 MANAGEMENT: CMD 'state on'
      Sun Jun 16 13:21:27 2013 MANAGEMENT: CMD 'log all on'
      Sun Jun 16 13:21:27 2013 MANAGEMENT: CMD 'hold off'
      Sun Jun 16 13:21:27 2013 MANAGEMENT: CMD 'hold release'
      Sun Jun 16 13:21:27 2013 WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
      Sun Jun 16 13:21:28 2013 Socket Buffers: R=[8192->8192] S=[8192->8192]
      Sun Jun 16 13:21:28 2013 UDPv4 link local: [undef]
      Sun Jun 16 13:21:28 2013 UDPv4 link remote: [AF_INET]81.28.206.197:1194
      Sun Jun 16 13:21:28 2013 MANAGEMENT: >STATE:1371385288,WAIT,,,
      Sun Jun 16 13:21:28 2013 MANAGEMENT: >STATE:1371385288,AUTH,,,
      Sun Jun 16 13:21:28 2013 TLS: Initial packet from [AF_INET]81.28.206.197:1194, sid=f155d6c3 d8ad4eb2
      Sun Jun 16 13:21:28 2013 VERIFY OK: depth=1, C=FR, ST=AIN, L=Prevessin, O=toto, OU=changeme, CN=Vorms, name=Vorms, emailAddress=vormsty@gmail.com
      Sun Jun 16 13:21:28 2013 VERIFY OK: depth=0, C=FR, ST=AIN, L=Prevessin, O=toto, OU=changeme, CN=Vorms, name=Vorms, emailAddress=vormsty@gmail.com
      Sun Jun 16 13:21:29 2013 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
      Sun Jun 16 13:21:29 2013 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Sun Jun 16 13:21:29 2013 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
      Sun Jun 16 13:21:29 2013 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Sun Jun 16 13:21:29 2013 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
      Sun Jun 16 13:21:29 2013 [Vorms] Peer Connection Initiated with [AF_INET]81.28.206.197:1194
      Sun Jun 16 13:21:30 2013 MANAGEMENT: >STATE:1371385290,GET_CONFIG,,,
      Sun Jun 16 13:21:31 2013 SENT CONTROL [Vorms]: 'PUSH_REQUEST' (status=1)
      Sun Jun 16 13:21:31 2013 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,redirect-gateway local def1,route 10.8.0.0 255.255.255.0,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
      Sun Jun 16 13:21:31 2013 OPTIONS IMPORT: timers and/or timeouts modified
      Sun Jun 16 13:21:31 2013 OPTIONS IMPORT: –ifconfig/up options modified
      Sun Jun 16 13:21:31 2013 OPTIONS IMPORT: route options modified
      Sun Jun 16 13:21:31 2013 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
      Sun Jun 16 13:21:31 2013 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
      Sun Jun 16 13:21:31 2013 MANAGEMENT: >STATE:1371385291,ASSIGN_IP,,10.8.0.6,
      Sun Jun 16 13:21:31 2013 open_tun, tt->ipv6=0
      Sun Jun 16 13:21:31 2013 TAP-WIN32 device [OpenVPN] opened: \.\Global{E54947A9-4F1B-4909-A15C-DC9FFE4F8007}.tap
      Sun Jun 16 13:21:31 2013 TAP-Windows Driver Version 9.9
      Sun Jun 16 13:21:31 2013 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {E54947A9-4F1B-4909-A15C-DC9FFE4F8007} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
      Sun Jun 16 13:21:31 2013 Successful ARP Flush on interface [16] {E54947A9-4F1B-4909-A15C-DC9FFE4F8007}
      Sun Jun 16 13:21:33 2013 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
      Sun Jun 16 13:21:33 2013 C:\Windows\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
      Sun Jun 16 13:21:33 2013 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
      Sun Jun 16 13:21:33 2013 C:\Windows\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
      Sun Jun 16 13:21:33 2013 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
      Sun Jun 16 13:21:33 2013 MANAGEMENT: >STATE:1371385293,ADD_ROUTES,,,
      Sun Jun 16 13:21:33 2013 C:\Windows\system32\route.exe ADD 10.8.0.0 MASK 255.255.255.0 10.8.0.5
      Sun Jun 16 13:21:33 2013 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
      Sun Jun 16 13:21:33 2013 Initialization Sequence Completed
      Sun Jun 16 13:21:33 2013 MANAGEMENT: >STATE:1371385293,CONNECTED,SUCCESS,10.8.0.6,81.28.206.197

      I see the last line connected success, but ping 10.8.0.6,81 doesn't work nor 81.28.206.197 or 192.168.1.8 (local adress of the pi)

      If somebody can help me I would be very happy…

      Best regards and many thanks for your help.

      Thierry Vorms

      1 Reply Last reply Reply Quote 0
      • C
        colreg
        last edited by

        Hi,
        I think you don't have permission to route from windows 7 to server.
        I think you can run openvpn with administrator (run as administrator) or you can set that in property.

        1 Reply Last reply Reply Quote 0
        • V
          Vorms
          last edited by

          Hello
          Thanks for your reply.
          I am the only one user of this PC, I am the administrator.
          I try to run the gui in adminstrator mode, but nothing change.
          Must I start other binary in the openvpn folder in administrator mode ?

          I am so disapointed…

          Thanks for your help.
          Best regards
          Thierry

          1 Reply Last reply Reply Quote 0
          • N
            Nachtfalke
            last edited by

            Make sure you allowed traffic from<openvpn on="" your="" pfsense="" firewall="" (openvpn-tab)<br="">Further you need to run OpenVPN as administrator when using windows Vista/7.

            If you are using the management interface and the OpenVPN Manager as client then OpenVPN runs as service and no need to use admin rights.

            All can be downloaded from the OpenVPN Export Utility package on pfsense.</openvpn>

            1 Reply Last reply Reply Quote 0
            • V
              Vorms
              last edited by

              Hello again,

              I disabled the avas firewall.
              I disabled the windows firewall.
              I install the software from the openvpn web site.

              I run the gui, the openvpn is not install in a service.

              I think when I launch the openVPN GUI as administrator, the openvpn software is launched in adminstator too ?

              thanks for your help, best regards

              Thierry

              1 Reply Last reply Reply Quote 0
              • N
                Nachtfalke
                last edited by

                Did you set ALLOW firewall rules on pfsense OpenVPN tab?

                1 Reply Last reply Reply Quote 0
                • V
                  Vorms
                  last edited by

                  I deactivate the windows firewall and the AVAST firewall.

                  Best regards

                  Thierry

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.