Guess what??? I can't connect. OpenVPN Tap instance
-
Hey everyone,
I am back to beg this wonderful community for advice on my OpenVPN setup.
I have OpenVPN configured with a tap instance, and my openVPN client says it can connect to the server from both within and without.
HOWEVER
The tap adapter in my windows clients both within and without show an unidentified network with no incoming traffic, same issue within and without.
I have tried disabling windows firewall, but this has no effect. Also thinking about it, I am unsure if this would affect it since I am getting assigned a local IP address within my subnet.
pfsense shows that I have a connection:
vpnuser 10.24.1.58:64134 10.24.1.125 Thu Jun 23 02:08:44 2016 213 KiB 85 KiB
and this is the log from the VPN client:
Thu Jun 23 01:50:03 2016 OpenVPN 2.3.11 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May 10 2016 Thu Jun 23 01:50:03 2016 Windows version 6.2 (Windows 8 or greater) 64bit Thu Jun 23 01:50:03 2016 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.09 Thu Jun 23 01:50:09 2016 Control Channel Authentication: using 'pfSense-TCP-1194-vpnuser-tls.key' as a OpenVPN static key file Thu Jun 23 01:50:09 2016 Attempting to establish TCP connection with [AF_INET](redacted):1194 [nonblock] Thu Jun 23 01:50:10 2016 TCP connection established with [AF_INET](redacted):1194 Thu Jun 23 01:50:10 2016 TCPv4_CLIENT link local (bound): [undef] Thu Jun 23 01:50:10 2016 TCPv4_CLIENT link remote: [AF_INET](redacted):1194 Thu Jun 23 01:50:10 2016 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Thu Jun 23 01:50:11 2016 [The JT Show Server] Peer Connection Initiated with [AF_INET](redacted):1194 Thu Jun 23 01:50:13 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Thu Jun 23 01:50:13 2016 open_tun, tt->ipv6=0 Thu Jun 23 01:50:13 2016 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{A73F74A4-A730-4406-B28D-910370DC2B84}.tap Thu Jun 23 01:50:13 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.24.1.125/255.255.255.0 on interface {A73F74A4-A730-4406-B28D-910370DC2B84} [DHCP-serv: 10.24.1.0, lease-time: 31536000] Thu Jun 23 01:50:13 2016 Successful ARP Flush on interface [37] {A73F74A4-A730-4406-B28D-910370DC2B84} Thu Jun 23 01:50:18 2016 Initialization Sequence Completed
ipconfig shows this:
Ethernet adapter Ethernet 2: Connection-specific DNS Suffix . : Link-local IPv6 Address . . . . . : fe80::9ce0:cc91:1b5d:afba%37 IPv4 Address. . . . . . . . . . . : 10.24.1.125 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . :
current openvpn config info that I think would be relevent (feel free to ask for more):
OpenVPN Firewall rule: 0/0B, IPv4*, the rest are *
Wan Firewall rule: 0/0B, IPv4 TCP/UDP, *, *, WAN address, 1194, *, nonedevice mode: tap
interface: wan
port: 1194tunnel networks: empty
bridge dhcp: checked
bridge interface: lan
dhcp start: 10.24.1.125
end: 10.24.1.140
redirect gateway: unchecked
ipv4 local networks: 10.24.1.0/24dynamic ip: checked
address pool: checkedadvanced options: all unchecked
custom options: emptyI have an interface enabled for ovpns1, not for tap1
I also have a bridge between LAN and ovpns1.Not quite sure what I am missing.. I followed this guide as much as I could: https://forum.pfsense.org/index.php?topic=46984.0
I am sure I have missed something stupidly easy, but as with most things I cannot see what is right under my nose. If you need/want any more info I am happy to provide it.