OpenVPN, no gateway? No Internet



  • I log in successfully to my VPN but I can't go anywhere or access any of my home network.

    If I do an IPCONFIG, I get an IP, a subnet mask but no gateway is showing.

    Been playing this this over a week and can't figure out what I am missing…

    I have the OpenVPN config set up:

    my OPENVPN config:
    dev tun
    persist-tun
    persist-key
    proto udp
    cipher AES-256-CBC
    tls-client
    client
    resolv-retry infinite
    remote 117.57.11.132 1194
    auth-user-pass
    auth-nocache
    ca RoadWarrior-CA.crt
    pkcs12 nehwon-udp-1194.p12
    tls-auth nehwon-udp-1194-tls.key 1
    tls-remote www.techbadger.com
    comp-lzo
    pull
    verb 3
    ping 10
    nobind

    When I log in, my status log is:
    Mon Apr 18 21:27:36 2011 Local Options hash (VER=V4): '9e7066d2'
    Mon Apr 18 21:27:36 2011 Expected Remote Options hash (VER=V4): '162b04de'
    Mon Apr 18 21:27:36 2011 UDPv4 link local: [undef]
    Mon Apr 18 21:27:36 2011 UDPv4 link remote: 117.57.11.132:1194
    Mon Apr 18 21:27:36 2011 TLS: Initial packet from 117.57.11.132:1194, sid=efff5b35 e87d59ba
    Mon Apr 18 21:27:37 2011 VERIFY OK: depth=1,
    Mon Apr 18 21:27:37 2011 VERIFY X509NAME OK:
    Mon Apr 18 21:27:37 2011 VERIFY OK: depth=0,
    CBC' initialized with 256 bit key
    Mon Apr 18 21:27:39 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Mon Apr 18 21:27:39 2011 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
    Mon Apr 18 21:27:39 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
    Mon Apr 18 21:27:39 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
    Mon Apr 18 21:27:39 2011 [www.fubar.com] Peer Connection Initiated with 117.57.11.132:1194
    Mon Apr 18 21:27:41 2011 SENT CONTROL [www.techbadger.com]: 'PUSH_REQUEST' (status=1)
    Mon Apr 18 21:27:41 2011 PUSH: Received control message: 'PUSH_REPLY,route 10.2.1.0 255.255.255.0,route 10.2.200.1,topology net30,ping 10,ping-restart 60,ifconfig 10.2.200.1 10.2.200.5'
    Mon Apr 18 21:27:41 2011 OPTIONS IMPORT: timers and/or timeouts modified
    Mon Apr 18 21:27:41 2011 OPTIONS IMPORT: –ifconfig/up options modified
    Mon Apr 18 21:27:41 2011 OPTIONS IMPORT: route options modified
    Mon Apr 18 21:27:41 2011 ROUTE default_gateway=10.2.1.1
    Mon Apr 18 21:27:41 2011 TAP-WIN32 device [Local Area Connection 7] opened: \.\Global{FCD5345B-06D5-4CAA-B4DD-1A375679A20C}.tap
    Mon Apr 18 21:27:41 2011 TAP-Win32 Driver Version 9.7
    Mon Apr 18 21:27:41 2011 TAP-Win32 MTU=1500
    Mon Apr 18 21:27:41 2011 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.200.6/255.255.255.252 on interface {FCD5345B-06D5-4CAA-B4DD-1A375679A20C} [DHCP-serv: 192.168.200.5, lease-time: 31536000]
    Mon Apr 18 21:27:41 2011 Successful ARP Flush on interface [41] {FCD5345B-06D5-4CAA-B4DD-1A375679A20C}
    Mon Apr 18 21:27:46 2011 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
    Mon Apr 18 21:27:46 2011 WARNING: potential route subnet conflict between local LAN [10.2.1.0/255.255.255.0] and remote VPN [10.2.1.0/255.255.255.0]
    Mon Apr 18 21:27:46 2011 C:\WINDOWS\system32\route.exe ADD 10.2.1.0 MASK 255.255.255.0 192.168.200.5
    Mon Apr 18 21:27:46 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
    Mon Apr 18 21:27:46 2011 Route addition via IPAPI succeeded [adaptive]
    Mon Apr 18 21:27:46 2011 C:\WINDOWS\system32\route.exe ADD 10.2.200.1 MASK 255.255.255.255 10.2.200.5
    Mon Apr 18 21:27:47 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
    Mon Apr 18 21:27:47 2011 Route addition via IPAPI succeeded [adaptive]
    Mon Apr 18 21:27:47 2011 Initialization Sequence Completed

    Any idea what I have set up wrong?



  • have you set the firewall to push traffic through your vpn gateway ? check my tutorial in the stickies for ideas.



  • I have 2 rules:

    One in WAN: [click to toggle enabled/disabled status] UDP * * WAN address 1194 (OpenVPN) * none   OpenVPN OpenVPN access wizard

    and one in OPENVPN:
    [click to toggle enabled/disabled status] * * * * * * none   OpenVPN OpenVPN access wizard

    Looked in all the tutorials, how I came up with my OpenVPN config.



  • I would just like to say that I am having exactly the same issues as Disconnect.  No gateway shows up in my ipconfig.

    I successfully connect to the vpn, but 0 packets are sent/received.  I am assigned an IP address (10.0.8.6).

    I followed the windows idiots guide to pfsense OpenVPN posted and I just can't seem to get it right.  Can anyone help? Here are some screenshots:



  • @greg:  Under local network, add your LAN subnet if you want OpenVPN clients to be able to access the LAN subnet.

    If you want to have internet access redirected for the OpenVPN clients, then add the following in the Options box:

    push “redirect-gateway def1”



  • @Disconnect:  Here's your problem - Mon Apr 18 21:27:46 2011 WARNING: potential route subnet conflict between local LAN [10.2.1.0/255.255.255.0] and remote VPN [10.2.1.0/255.255.255.0]

    You need to set a different subnet for the VPN network than your client's LAN network.  Otherwise, the client system doesn't know where to route traffic to (it sees both the VPN subnet and the LAN subnet as valid choices when it tries to contact the VPN gateway).


Locked