openvpn client not connecting
-
@Gertjan
Thank u. But my server conf was "tun" only since starting not tap. Hav any clue why I am not getting GW and DNS ? -
@Cleetus-Antony said in openvpn client not connecting:
But my server conf was "tun" only since starting not tap
Your client side ( ? ) as showing a tap connection.
-
@Gertjan
Yes sir, Thats what bit confusing. Please let me know if u need to see any particular configuration in server, I can show the screenshot. My "Device mode" conf is tun only. -
@Cleetus-Antony
Did you even provide a DNS server in the OpenVPN server settings?A Default Gateway is not meant to be set on the VPN interface, as far as I know. There is no need for it.
What's your actual issue now?
-
@viragomann
I assigned dns in server settings and client getting the same.
But issue is client is not getting internet.
I even added redirect-gateway def1 option also.My conf file is as below:-
dev tun
persist-tun
persist-key
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305:AES-256-CBC
data-ciphers-fallback AES-256-CBC
auth SHA256
tls-client
client
resolv-retry infinite
remote pallickal.duckdns.org 1194 udp4
setenv opt block-outside-dns
nobind
auth-user-pass
remote-cert-tls server
explicit-exit-notify
redirect-gateway def1<ca>
-----BEGIN CERTIFICATE-----
MIIECDCCAvCgAwIBAgIIe52lR6T8wlowDQYJKoZIhvcNAQELBQAwXDETMBEGA1UE
AxQKT3BlbnZwbl9DQTELMAkGA1UEBhMCSU4xDzANBgNVBAgTBktlcmFsYTESMBAG
A1UEBxMJQWxhcHB1emhhMRMwEQYDVQQKEwpwYWxsaWNrYW5zMB4XDTI0MDYyNDA3
MTU1NFoXDTM0MDYyMjA3MTU1NFowXDETMBEGA1UEAxQKT3BlbnZwbl9DQTELMAkG
A1UEBhMCSU4xDzANBgNVBAgTBktlcmFsYTESMBAGA1UEBxMJQWxhcHB1emhhMRMw
EQYDVQQKEwpwYWxsaWNrYW5zMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEA+LbeHSX8vVylxArGi/TI5EZaoRqznasUZxXs2OdPSGtQ8k5sNS8IoRejyt+Y
FV1ujYY4gjSmnsZhRxcSAWVG1/amGUrK5HOGkAEaUcXQB5+T6KaLp4c3RRBwrBSD
IKmO9fuuKlTLPxt4m87TF9SejbQI47uVX82e8ff8jxxh6u8EC3WzhF25Gx7MbkjL
KuHrRohehyq97Nl+rWmLafDSrCyEktoemb6rSp1+sabHwiwEuZzDC4q5Td4gA/Jr
o/08jbHqiO1MC3FdLcLxslgL2tyc5XmNmE9GfBq1dYw9QodTqND29r0EaYTnpURc
HskHBftm7Ux2iIiVTspvmTGjGQIDAQABo4HNMIHKMB0GA1UdDgQWBBTf7XNYM7C8
ip1ZRfHinjhO6Ysi3zCBjQYDVR0jBIGFMIGCgBTf7XNYM7C8ip1ZRfHinjhO6Ysi
36FgpF4wXDETMBEGA1UEAxQKT3BlbnZwbl9DQTELMAkGA1UEBhMCSU4xDzANBgNV
BAgTBktlcmFsYTESMBAGA1UEBxMJQWxhcHB1emhhMRMwEQYDVQQKEwpwYWxsaWNr
YW5zggh7naVHpPzCWjAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG
9w0BAQsFAAOCAQEA8TRPbTAteXxGFWs3Q/Z/29mcTFwp/GHaPDmQzaBaMQEqNAcG
0tRQm9kLmn+55oJ/liCj+RUBcdLMWvQvKEi/DiL1iBeujW5PpkyWMVV+QjWCYcKh
vu5TEmkgdzyTcYaftxg9861np/mldyVJclg7FUOOgtxjlMhpYBEbzaESJoUHZMbN
tMdY1EdIRsMLNt2yqyIV/3wQ+9EQ2MvbFx3gj/OSNPXMkkF6fX8PId/iSi3MFx2L
bskELM7t/R0vpuZXRLKuvbrGZJL315mhzliRbXWJIhzezJfTZIXfTsk+s1wOHgWw
RxBR4Y9rsipH9zEhPk/fe9WK5DaMqxF6amjqgg==
-----END CERTIFICATE-----
</ca>
setenv CLIENT_CERT 0
key-direction 1
<tls-auth>2048 bit OpenVPN static key
-----BEGIN OpenVPN Static key V1-----
88af59de8bc63d86f0d59f72994afbb3
1e5ff375edc4d460ff8c145afe254e03
f4e7b72a52a747485e9216f2cb04cd43
aa5139fbd0ce8f8e77c95be0f7344fce
46b31198e56896a328e1c55e69378be0
b8bf11a080bed79983d1863572f80943
ea1e24ed83278a2348c1fd0da536ccc5
f94ed219141ad36e87ef38261f5d42f1
b9a1514390e3a00f148f83980a5072e2
553a139ad06241ba7a8378f470dc3802
8dcb4f3fad3d15161af9487d3459e2d8
a96ae3048add2843d79935eb8c7e162b
3a2fd0d8b6e403f23561a926cdc0c94c
7fd01f4abff0c83c6edf9d7c032e5d0b
c36a0982f90181980d98eeb1109bbd23
dd69c02432a400e67a6ea971f80dfe20
-----END OpenVPN Static key V1-----
</tls-auth> -
@Cleetus-Antony
You should not post your client certificate and TLS key in a public forum.And the server config would be more interesting than the client.
In the server settings you have "Redirect gateway" checked, I guess?
And again the question: Did you even state a DNS server? -
@viragomann
my mistake on certificate
As I stated, I have stated dns in server settings and I am getting tunnel IP, subnet, DNS IPs and no GW in my TAP adaptor in client PC. and consequently NO internet. I can access home network. -
@Cleetus-Antony
How do you want to access the internet?
Do you want to pass internet traffic over the VPN, so that yor get the home WAN IP or do you want to access the home LAN and go to the internet using your local WAN (split tunneling)?Please post the server configuration and the clients log.
-
@viragomann
I realize that this thread was very long to fix this issue.
Now I managed to fix the NAT side and OPENVPN rule to pass the traffic to outbound. Now I can get internet in my connected clients.
Thank you very much all for the advises. -
@viragomann
Now I managed to get full tunnel and get internet in connected devices.
Sorry to make this a very long discussion.
Thank you all.
If you don't mind, could you please delete the certificate chat section in this discussion ?
