OpenVPN Client dropping every second state
-
So PIA support noticed that the Failed connections' source was 10.1.70.1 which is my OpenVPN server's network. Disabling the server fixed the issue. Now I need to determine why this is happening so I can re enable the Server. They suggested I use manual outbound NAT rather than hybrid NAT but that hasn't changed anything.
-
@ooimo said in OpenVPN Client dropping every second state:
10.1.70.0/24 link#15 U 0 1500 em0.70 10.1.70.1 link#16 UHS 0 16384 lo0 10.1.70.2 link#16 UH 15800 1500 ovpns2 10.1.70.254 link#15 UHS 418 16384 lo0For starters, it looks like you are using the same network as a tunnel network and the numbering on em0.70.
They must be different.
-
I see, do I specify the PIA client's tunnel network in the client configuration?
-
That is on an OpenVPN server, not a client.
-
I think I solved it by changing the outbound NAT from "OpenVPN Address" to "PIA_VPN Address".
This is what the states now look like:
And this is the output of
netstat -rnW:Routing tables Internet: Destination Gateway Flags Use Mtu Netif Expire default 10.20.25.96 UGS 13372704 1492 pppoe0 10.0.10.1 10.88.10.5 UGHS 17379 1500 ovpnc1 10.1.1.0/24 link#1 U 51920099 1500 em0 10.1.1.1 link#1 UHS 473 16384 lo0 10.1.10.0/24 link#7 U 96185720 1500 em0.10 10.1.10.254 link#7 UHS 449 16384 lo0 10.1.20.0/24 link#8 U 1623465 1500 em0.20 10.1.20.254 link#8 UHS 342 16384 lo0 10.1.30.0/24 link#9 U 319811 1500 em0.30 10.1.30.254 link#9 UHS 342 16384 lo0 10.1.40.0/24 link#10 U 0 1500 em0.40 10.1.40.254 link#10 UHS 418 16384 lo0 10.1.50.0/24 link#11 U 26192375 1500 em0.50 10.1.50.254 link#11 UHS 418 16384 lo0 10.1.60.0/24 link#14 U 23111437 1500 em0.60 10.1.60.254 link#14 UHS 200 16384 lo0 10.1.70.0/24 link#15 U 0 1500 em0.70 10.1.70.1 link#16 UHS 0 16384 lo0 10.1.70.2 link#16 UH 0 1500 ovpns2 10.1.70.254 link#15 UHS 0 16384 lo0 10.1.250.0/30 link#17 U 184733 1500 em0.250 10.1.250.2 link#17 UHS 347 16384 lo0 10.20.25.96 link#12 UH 274490 1492 pppoe0 10.88.10.5 link#13 UH 6 1500 ovpnc1 10.88.10.6 link#13 UHS 0 16384 lo0 27.33.144.81 link#12 UHS 2 16384 lo0 127.0.0.1 link#2 UH 269295168 16384 lo0I couldn't see anything about this in the tutorial. Thanks for your help :)
-
10.1.70.0/24 still looks wrong.
-
That's the OpenVPN server's tunnel network. Clients that are connected get put in that range. What's the correct way to do it?
-
It's in the same subnet as em0.70. It shouldn't be.
-
I wasn't looking at the 10.1.70.x but yeah that does overlap.
Also "OpenVPN" is an interface group not an interface, so using it as a NAT destination may not always do what you expect, especially for outbound NAT since it would effectively round-robin in that way for outbound.
-
@jimp said in OpenVPN Client dropping every second state:
Also "OpenVPN" is an interface group not an interface, so using it as a NAT destination may not always do what you expect, especially for outbound NAT since it would effectively round-robin in that way for outbound.
Yeah I didn't realise it would round robin like that but now I do.
@derelict said in OpenVPN Client dropping every second state:
10.1.70.0/24 still looks wrong.
I removed that em0.70 interface and configured the server properly, Now that route isn't there which is good.
