OpenVPN LAN Issues (WAN is fine)
-
Hi guys,
I have setup an OpenVPN server on pfSense. After installing the openvpn windows x64 client on my laptop - it will successfully connect via the openvpn client and internet (such as browsing) appears to function normally. But many times the laptop will not have LAN access such as accessing mapped network folders on my windows server 2012. Or if it does get LAN access it is quite slow and videos are barley playable.
I am using my data on my smart phone as a hotspot for my laptop (windows 10) to connect externally so that I can test openvn on my laptop. I run a windows server 2012 domain.
Hopefully I've included all the details and if you need any thing else let me know! All help is greatly appreciated.
OpenVPN Serve Settings:
pfSense LAN Interface:
192.168.0.1/24OpenVPN Show Status Window on Laptop:
Wed Nov 30 11:58:08 2016 OpenVPN 2.3.11 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May 10 2016
Wed Nov 30 11:58:08 2016 Windows version 6.2 (Windows 8 or greater) 64bit
Wed Nov 30 11:58:08 2016 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.09
Wed Nov 30 11:58:19 2016 Control Channel Authentication: using 'pfSense-udp-1194-test-tls.key' as a OpenVPN static key file
Wed Nov 30 11:58:19 2016 UDPv4 link local (bound): [undef]
Wed Nov 30 11:58:19 2016 UDPv4 link remote: [AF_INET]174.7.154.251:1194
Wed Nov 30 11:58:19 2016 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Wed Nov 30 11:58:20 2016 [www.much.org] Peer Connection Initiated with [AF_INET]174.7.154.251:1194
Wed Nov 30 11:58:22 2016 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Wed Nov 30 11:58:22 2016 open_tun, tt->ipv6=0
Wed Nov 30 11:58:22 2016 TAP-WIN32 device [Ethernet 2] opened: \.\Global{90A7B67D-5ABD-41B6-9D22-0143D8D78C60}.tap
Wed Nov 30 11:58:22 2016 Set TAP-Windows TUN subnet mode network/local/netmask = 10.0.8.0/10.0.8.2/255.255.255.0 [SUCCEEDED]
Wed Nov 30 11:58:22 2016 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.8.2/255.255.255.0 on interface {90A7B67D-5ABD-41B6-9D22-0143D8D78C60} [DHCP-serv: 10.0.8.254, lease-time: 31536000]
Wed Nov 30 11:58:22 2016 Successful ARP Flush on interface [14] {90A7B67D-5ABD-41B6-9D22-0143D8D78C60}
Wed Nov 30 11:58:27 2016 Initialization Sequence CompletedIpconfig data when logged in on normal domain (no OpenVPN)
H:>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : DD-LAPTOP
Primary Dns Suffix . . . . . . . : much.org
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : much.orgWireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 1E-85-56-7B-E6-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : YesEthernet adapter Ethernet 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : pfsense.much.org
Description . . . . . . . . . . . : TAP-Windows Adapter V9
Physical Address. . . . . . . . . : 00-FF-90-A7-B6-7D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : YesWireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . : much.org
Description . . . . . . . . . . . : Qualcomm Atheros AR5BWB222 Wireless Network Adapter
Physical Address. . . . . . . . . : BC-85-56-7B-E6-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b5d2:1a1e:7bdf:1ad%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.53(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 30, 2016 12:03:03 PM
Lease Expires . . . . . . . . . . : Thursday, December 8, 2016 12:03:02 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.2
DHCPv6 IAID . . . . . . . . . . . : 113018198
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-40-36-F4-08-9E-01-B0-B6-39
DNS Servers . . . . . . . . . . . : 192.168.0.2
192.168.0.1
NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter isatap.much.org:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : much.org
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesTunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesIpconfig data when logged onto OpenVPN
H:>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : DD-LAPTOP
Primary Dns Suffix . . . . . . . : much.org
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : much.org
pfsense.much.orgWireless LAN adapter Local Area Connection* 2:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
Physical Address. . . . . . . . . : 1E-85-56-7B-E6-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : YesEthernet adapter Ethernet 2:
Connection-specific DNS Suffix . : pfsense.much.org
Description . . . . . . . . . . . : TAP-Windows Adapter V9
Physical Address. . . . . . . . . : 00-FF-90-A7-B6-7D
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::7928:7274:69e2:f775%14(Preferred)
IPv4 Address. . . . . . . . . . . : 10.0.8.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 30, 2016 11:58:22 AM
Lease Expires . . . . . . . . . . : Thursday, November 30, 2017 11:58:22 AM
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 10.0.8.254
DHCPv6 IAID . . . . . . . . . . . : 234946448
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-40-36-F4-08-9E-01-B0-B6-39
DNS Servers . . . . . . . . . . . : 192.168.0.2
192.168.0.1
NetBIOS over Tcpip. . . . . . . . : EnabledWireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Qualcomm Atheros AR5BWB222 Wireless Network Adapter
Physical Address. . . . . . . . . : BC-85-56-7B-E6-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b5d2:1a1e:7bdf:1ad%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.43.108(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Wednesday, November 30, 2016 8:05:23 AM
Lease Expires . . . . . . . . . . : Wednesday, November 30, 2016 12:58:23 PM
Default Gateway . . . . . . . . . : 192.168.43.1
DHCP Server . . . . . . . . . . . : 192.168.43.1
DHCPv6 IAID . . . . . . . . . . . : 113018198
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-40-36-F4-08-9E-01-B0-B6-39
DNS Servers . . . . . . . . . . . : 192.168.43.1
NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter Local Area Connection* 11:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft Teredo Tunneling Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesTunnel adapter isatap.pfsense.much.org:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . : pfsense.much.org
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesTunnel adapter isatap.{AD942CF4-D3DD-4259-B671-659F1558DA9D}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesMy Windows Server 2012 Server (which is the Domain Controller, DHCP server and DNS server) ipconfig details:
Windows IP Configuration
Host Name . . . . . . . . . . . . : DD-SERVER
Primary Dns Suffix . . . . . . . : much.org
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : Yes
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : much.orgEthernet adapter Ethernet 3:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Gigabit CT Desktop Adapter #2
Physical Address. . . . . . . . . : 68-05-CA-2B-9F-86
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.0.1
DNS Servers . . . . . . . . . . . : 192.168.0.2
192.168.0.1
NetBIOS over Tcpip. . . . . . . . : EnabledTunnel adapter Teredo Tunneling Pseudo-Interface:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : YesTunnel adapter isatap.{E915DE81-BD61-4C6C-ADCC-06267325ACA4}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes -
Seems you have an address conflict.
Your wifi on client site has the 192.168.0.0/24 subnet as well as the server sides LAN. You have to change one of these.
-
Thanks for your response viragomann! I went into my asus router GUI and changed the LAN to: 192.168.5.1 and changed the subnet from 255.255.255.0 to 255.255.255.248. (also for some reason I can't access the asus gui with 192.168.5.1 anymore - will probably need to hard reset it later)
Was that what you meant by changing one of them? (If so it appears the openvpn is still running slow)
Thanks again!
-
Or I kind of see what you mean. (I think) My windows server 2012 is the dhcp server and it is on 255.255.255.0 subnet. I need to somehow change the subnet that my dhcp server is on (thus changing what it hands out to the clients)?