Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OpenVPN, no gateway? No Internet

    2.0-RC Snapshot Feedback and Problems - RETIRED
    4
    6
    20.1k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      Disconnect
      last edited by

      I log in successfully to my VPN but I can't go anywhere or access any of my home network.

      If I do an IPCONFIG, I get an IP, a subnet mask but no gateway is showing.

      Been playing this this over a week and can't figure out what I am missing…

      I have the OpenVPN config set up:

      my OPENVPN config:
      dev tun
      persist-tun
      persist-key
      proto udp
      cipher AES-256-CBC
      tls-client
      client
      resolv-retry infinite
      remote 117.57.11.132 1194
      auth-user-pass
      auth-nocache
      ca RoadWarrior-CA.crt
      pkcs12 nehwon-udp-1194.p12
      tls-auth nehwon-udp-1194-tls.key 1
      tls-remote www.techbadger.com
      comp-lzo
      pull
      verb 3
      ping 10
      nobind

      When I log in, my status log is:
      Mon Apr 18 21:27:36 2011 Local Options hash (VER=V4): '9e7066d2'
      Mon Apr 18 21:27:36 2011 Expected Remote Options hash (VER=V4): '162b04de'
      Mon Apr 18 21:27:36 2011 UDPv4 link local: [undef]
      Mon Apr 18 21:27:36 2011 UDPv4 link remote: 117.57.11.132:1194
      Mon Apr 18 21:27:36 2011 TLS: Initial packet from 117.57.11.132:1194, sid=efff5b35 e87d59ba
      Mon Apr 18 21:27:37 2011 VERIFY OK: depth=1,
      Mon Apr 18 21:27:37 2011 VERIFY X509NAME OK:
      Mon Apr 18 21:27:37 2011 VERIFY OK: depth=0,
      CBC' initialized with 256 bit key
      Mon Apr 18 21:27:39 2011 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Mon Apr 18 21:27:39 2011 Data Channel Decrypt: Cipher 'AES-256-CBC' initialized with 256 bit key
      Mon Apr 18 21:27:39 2011 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
      Mon Apr 18 21:27:39 2011 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
      Mon Apr 18 21:27:39 2011 [www.fubar.com] Peer Connection Initiated with 117.57.11.132:1194
      Mon Apr 18 21:27:41 2011 SENT CONTROL [www.techbadger.com]: 'PUSH_REQUEST' (status=1)
      Mon Apr 18 21:27:41 2011 PUSH: Received control message: 'PUSH_REPLY,route 10.2.1.0 255.255.255.0,route 10.2.200.1,topology net30,ping 10,ping-restart 60,ifconfig 10.2.200.1 10.2.200.5'
      Mon Apr 18 21:27:41 2011 OPTIONS IMPORT: timers and/or timeouts modified
      Mon Apr 18 21:27:41 2011 OPTIONS IMPORT: –ifconfig/up options modified
      Mon Apr 18 21:27:41 2011 OPTIONS IMPORT: route options modified
      Mon Apr 18 21:27:41 2011 ROUTE default_gateway=10.2.1.1
      Mon Apr 18 21:27:41 2011 TAP-WIN32 device [Local Area Connection 7] opened: \.\Global{FCD5345B-06D5-4CAA-B4DD-1A375679A20C}.tap
      Mon Apr 18 21:27:41 2011 TAP-Win32 Driver Version 9.7
      Mon Apr 18 21:27:41 2011 TAP-Win32 MTU=1500
      Mon Apr 18 21:27:41 2011 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.200.6/255.255.255.252 on interface {FCD5345B-06D5-4CAA-B4DD-1A375679A20C} [DHCP-serv: 192.168.200.5, lease-time: 31536000]
      Mon Apr 18 21:27:41 2011 Successful ARP Flush on interface [41] {FCD5345B-06D5-4CAA-B4DD-1A375679A20C}
      Mon Apr 18 21:27:46 2011 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
      Mon Apr 18 21:27:46 2011 WARNING: potential route subnet conflict between local LAN [10.2.1.0/255.255.255.0] and remote VPN [10.2.1.0/255.255.255.0]
      Mon Apr 18 21:27:46 2011 C:\WINDOWS\system32\route.exe ADD 10.2.1.0 MASK 255.255.255.0 192.168.200.5
      Mon Apr 18 21:27:46 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
      Mon Apr 18 21:27:46 2011 Route addition via IPAPI succeeded [adaptive]
      Mon Apr 18 21:27:46 2011 C:\WINDOWS\system32\route.exe ADD 10.2.200.1 MASK 255.255.255.255 10.2.200.5
      Mon Apr 18 21:27:47 2011 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
      Mon Apr 18 21:27:47 2011 Route addition via IPAPI succeeded [adaptive]
      Mon Apr 18 21:27:47 2011 Initialization Sequence Completed

      Any idea what I have set up wrong?

      1 Reply Last reply Reply Quote 0
      • E
        ericab
        last edited by

        have you set the firewall to push traffic through your vpn gateway ? check my tutorial in the stickies for ideas.

        1 Reply Last reply Reply Quote 0
        • D
          Disconnect
          last edited by

          I have 2 rules:

          One in WAN: [click to toggle enabled/disabled status] UDP * * WAN address 1194 (OpenVPN) * none   OpenVPN OpenVPN access wizard

          and one in OPENVPN:
          [click to toggle enabled/disabled status] * * * * * * none   OpenVPN OpenVPN access wizard

          Looked in all the tutorials, how I came up with my OpenVPN config.

          1 Reply Last reply Reply Quote 0
          • G
            Greg0rz
            last edited by

            I would just like to say that I am having exactly the same issues as Disconnect.  No gateway shows up in my ipconfig.

            I successfully connect to the vpn, but 0 packets are sent/received.  I am assigned an IP address (10.0.8.6).

            I followed the windows idiots guide to pfsense OpenVPN posted and I just can't seem to get it right.  Can anyone help? Here are some screenshots:

            1 Reply Last reply Reply Quote 0
            • D
              dreamslacker
              last edited by

              @greg:  Under local network, add your LAN subnet if you want OpenVPN clients to be able to access the LAN subnet.

              If you want to have internet access redirected for the OpenVPN clients, then add the following in the Options box:

              push “redirect-gateway def1”

              1 Reply Last reply Reply Quote 0
              • D
                dreamslacker
                last edited by

                @Disconnect:  Here's your problem - Mon Apr 18 21:27:46 2011 WARNING: potential route subnet conflict between local LAN [10.2.1.0/255.255.255.0] and remote VPN [10.2.1.0/255.255.255.0]

                You need to set a different subnet for the VPN network than your client's LAN network.  Otherwise, the client system doesn't know where to route traffic to (it sees both the VPN subnet and the LAN subnet as valid choices when it tries to contact the VPN gateway).

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.