Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Resizing VPN Subnet

    Scheduled Pinned Locked Moved OpenVPN
    2 Posts 2 Posters 541 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      peshta
      last edited by

      Hi everyone,
      I am running OpenVPN on Netgate SG-8860.
      Our usual setup was a /24 range.
      As our company is increasing in size, I wanted to expand that range to /22 (for future)

      Now on the first step, where I have edited the Tunnel network, assigned myself a client specific override with a IP from the far end of the new IP range, my VPN (client connection failed).

      I will post the log here. As you can see the ip assignment is successful, but something is wrong with the entire range, the mask is incorrect (should be .252.0 ). Seems like it was broken down to 3 /24 ranges. Plus the whole route issue.

      Thanks for helping

      2021-11-04 18:00:44 OpenVPN 2.5.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 21 2021
      2021-11-04 18:00:44 Windows version 10.0 (Windows 10 or greater) 64bit
      2021-11-04 18:00:44 library versions: OpenSSL 1.1.1k 25 Mar 2021, LZO 2.10
      Enter Management Password:
      2021-11-04 18:00:46 TCP/UDP: Preserving recently used remote address: [AF_INET]XXXXXXXXXXXXXX:4020
      2021-11-04 18:00:46 UDPv4 link local (bound): [AF_INET][undef]:1194
      2021-11-04 18:00:46 UDPv4 link remote: [AF_INET]XXXXXXXXXXXX:4020
      2021-11-04 18:00:50 [mistral-server-cert] Peer Connection Initiated with [AF_INET]XXXXXXXXXXXX:4020
      2021-11-04 18:00:54 open_tun
      2021-11-04 18:00:54 tap-windows6 device [OpenVPN TAP-Windows6] opened
      2021-11-04 18:00:54 Set TAP-Windows TUN subnet mode network/local/netmask = 192.168.23.0/192.168.23.143/255.255.255.0 [SUCCEEDED]
      2021-11-04 18:00:54 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.23.143/255.255.255.0 on interface {8DEDD34A-93D4-492B-9EAD-7D2EBA5F04E2} [DHCP-serv: 192.168.23.254, lease-time: 31536000]
      2021-11-04 18:00:54 Successful ARP Flush on interface [12] {8DEDD34A-93D4-492B-9EAD-7D2EBA5F04E2}
      2021-11-04 18:00:54 IPv4 MTU set to 1500 on interface 12 using service
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:01:29 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
      SYSTEM ROUTING TABLE
      0.0.0.0 0.0.0.0 192.168.30.1 p=0 i=3 t=4 pr=3 a=53 h=0 m=30/0/0/0/0
      85.158.33.35 255.255.255.255 192.168.30.1 p=0 i=3 t=4 pr=3 a=0 h=0 m=286/0/0/0/0
      127.0.0.0 255.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=2 a=32601 h=0 m=331/0/0/0/0
      127.0.0.1 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=32601 h=0 m=331/0/0/0/0
      127.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=32601 h=0 m=331/0/0/0/0
      192.168.23.0 255.255.255.0 192.168.23.143 p=0 i=12 t=3 pr=2 a=35 h=0 m=281/0/0/0/0
      192.168.23.143 255.255.255.255 192.168.23.143 p=0 i=12 t=3 pr=2 a=35 h=0 m=281/0/0/0/0
      192.168.23.255 255.255.255.255 192.168.23.143 p=0 i=12 t=3 pr=2 a=35 h=0 m=281/0/0/0/0
      172.18.176.0 255.255.240.0 172.18.176.1 p=0 i=30 t=3 pr=2 a=53 h=0 m=271/0/0/0/0
      172.18.176.1 255.255.255.255 172.18.176.1 p=0 i=30 t=3 pr=2 a=53 h=0 m=271/0/0/0/0
      172.18.191.255 255.255.255.255 172.18.176.1 p=0 i=30 t=3 pr=2 a=53 h=0 m=271/0/0/0/0
      192.168.30.0 255.255.255.0 192.168.30.52 p=0 i=3 t=3 pr=2 a=53 h=0 m=286/0/0/0/0
      192.168.30.52 255.255.255.255 192.168.30.52 p=0 i=3 t=3 pr=2 a=53 h=0 m=286/0/0/0/0
      192.168.30.255 255.255.255.255 192.168.30.52 p=0 i=3 t=3 pr=2 a=53 h=0 m=286/0/0/0/0
      224.0.0.0 240.0.0.0 127.0.0.1 p=0 i=1 t=3 pr=2 a=32601 h=0 m=331/0/0/0/0
      224.0.0.0 240.0.0.0 192.168.23.143 p=0 i=12 t=3 pr=2 a=32598 h=0 m=281/0/0/0/0
      224.0.0.0 240.0.0.0 192.168.30.52 p=0 i=3 t=3 pr=2 a=32593 h=0 m=286/0/0/0/0
      224.0.0.0 240.0.0.0 172.18.176.1 p=0 i=30 t=3 pr=2 a=53 h=0 m=271/0/0/0/0
      255.255.255.255 255.255.255.255 127.0.0.1 p=0 i=1 t=3 pr=2 a=32601 h=0 m=331/0/0/0/0
      255.255.255.255 255.255.255.255 192.168.23.143 p=0 i=12 t=3 pr=2 a=32598 h=0 m=281/0/0/0/0
      255.255.255.255 255.255.255.255 192.168.30.52 p=0 i=3 t=3 pr=2 a=32593 h=0 m=286/0/0/0/0
      255.255.255.255 255.255.255.255 172.18.176.1 p=0 i=30 t=3 pr=2 a=53 h=0 m=271/0/0/0/0
      SYSTEM ADAPTER LIST
      Bluetooth Device (Personal Area Network)
      Index = 13
      GUID = {904BA375-BA7D-4D7D-A93C-708D24AAF4B5}
      IP = 0.0.0.0/0.0.0.0
      MAC = 70💿0d:9f:57:62
      GATEWAY = 0.0.0.0/255.255.255.255
      DHCP SERV =
      DHCP LEASE OBTAINED = 2021-11-04 18:01:29
      DHCP LEASE EXPIRES = 2021-11-04 18:01:29
      DNS SERV =
      Hyper-V Virtual Ethernet Adapter
      Index = 30
      GUID = {53DD1EDF-72E3-40AD-B88C-0BAD1505BDF3}
      IP = 172.18.176.1/255.255.240.0
      MAC = 00:15:5d:84:3a:87
      GATEWAY = 0.0.0.0/255.255.255.255
      DNS SERV =
      Wintun Userspace Tunnel
      Index = 22
      GUID = {FD0D7A2B-EB36-4513-A57E-1051C0B6027F}
      IP = 0.0.0.0/0.0.0.0
      MAC =
      GATEWAY = 0.0.0.0/255.255.255.255
      DNS SERV =
      TAP-Windows Adapter V9
      Index = 12
      GUID = {8DEDD34A-93D4-492B-9EAD-7D2EBA5F04E2}
      IP = 192.168.23.143/255.255.255.0
      MAC = 00:ff:8d:ed:d3:4a
      GATEWAY = 0.0.0.0/255.255.255.255
      DHCP SERV = 192.168.23.254/255.255.255.255
      DHCP LEASE OBTAINED = 2021-11-04 18:00:54
      DHCP LEASE EXPIRES = 2022-11-04 18:00:54
      DNS SERV = 10.0.100.4/255.255.255.255 192.168.70.32/255.255.255.255
      Intel(R) Wi-Fi 6 AX201 160MHz
      Index = 3
      GUID = {241D527E-A51C-48B2-9840-3932E31F4071}
      IP = 192.168.30.52/255.255.255.0
      MAC = 70💿0d:9f:57:5e
      GATEWAY = 192.168.30.1/255.255.255.255
      DHCP SERV = 192.168.30.3/255.255.255.255
      DHCP LEASE OBTAINED = 2021-11-04 18:00:35
      DHCP LEASE EXPIRES = 2021-11-04 20:00:35
      DNS SERV = 8.8.8.8/255.255.255.255 8.8.4.4/255.255.255.255
      Microsoft Wi-Fi Direct Virtual Adapter
      Index = 9
      GUID = {7B2B88EB-A217-40E6-B250-A440896A2588}
      IP = 0.0.0.0/0.0.0.0
      MAC = 70💿0d:9f:57:5f
      GATEWAY = 0.0.0.0/255.255.255.255
      DHCP SERV =
      DHCP LEASE OBTAINED = 2021-11-04 18:01:29
      DHCP LEASE EXPIRES = 2021-11-04 18:01:29
      DNS SERV =
      Microsoft Wi-Fi Direct Virtual Adapter #2
      Index = 7
      GUID = {584EC58D-64D3-4F11-9A05-3C60984E67E5}
      IP = 0.0.0.0/0.0.0.0
      MAC = 72💿0d:9f:57:5e
      GATEWAY = 0.0.0.0/255.255.255.255
      DHCP SERV =
      DHCP LEASE OBTAINED = 2021-11-04 18:01:29
      DHCP LEASE EXPIRES = 2021-11-04 18:01:29
      DNS SERV =
      2021-11-04 18:01:29 Initialization Sequence Completed With Errors ( see http://openvpn.net/faq.html#dhcpclientserv )
      2021-11-04 18:01:29 Register_dns request sent to the service
      2021-11-04 18:02:00 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1
      2021-11-04 18:02:00 Warning: route gateway is not reachable on any active network adapters: 192.168.20.1

      1 Reply Last reply Reply Quote 0
      • J
        johnnyy
        last edited by stephenw10

        This post is deleted!
        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.