One client connects perfectly… other does not



  • I have setup openvpn at home and I can access it perfectly from my work desktop. The problem is that I am able to "connect" to it from my work laptop but I cannot access any computers. I cannot even ping the pfsense firewall. I am a little confused as to why this is happening. Does anyone have any thoughts as to why it works from my work desktop but not my work laptop? I am using two different accounts. Either work fine from the desktop, neither work from laptop. I have updated my laptop with all updates and I have disabled my local firewall.

    Both machines are running Win7. Desktop is connected with ethernet and laptop is wifi. I have tried to use the vpn from different sources of internet and it is the same result.

    Thank you in advance


  • Rebel Alliance Developer Netgate

    Are you running the client as Administrator?

    OpenVPN requires admin-level access, and if you have UAC on it will need to be set to run as admin. Though if you have UAC off it may just work without doing anything else special.

    Also make sure you aren't using the same certificate for both and trying to be on at the same time, or they'd end up getting the same IP and conflicting (unless you checked the duplicate cn option)



  • Yep, I have UAC off. I also tried by running as admin. Same results. Its really wierd… Also, I am using different certs.. I have tried two different ones and it is the same result



  • I notice that I am running TAP-Win32 Adapter V8 on the laptop and V9 on the desktop. Is there a way for me to upgrade to V9?

    I think that might be the problem


  • Rebel Alliance Developer Netgate

    Just re-run the client installer, it should update everything. Or to be sure, uninstall it first then reinstall. It should leave the config alone.



  • I tried that too…



  • Just tried the 2.1 beta and it wont install.. compatibility issues with the TAP driver



  • Does anyone have any ideas? Please let me know. Im at a point where I am about to go back to ubuntu or centos


  • Rebel Alliance Developer Netgate

    Check "route print" from a command prompt, see if you're actually getting routes. Try to do a traceroute and see where it goes.



  • Ah, thats a great idea. Thank you for getting back to me so quickly. I will test that out and post the results.

    Thank you again



  • For some reason, now, I get auth failure when I try to connect to my vpn on any device.. i recreated the user account's cert and verified the password but it fails every time.. ugh.

    Any thoughts?



  • I completely recreated the user accounts and certs and it appears to be working again. Still unable to access other network computers from laptop tho. I will try your previous suggestion and post results



  • Ok so I am getting routes:

    ===========================================================================
    Interface List
    18…00 ff 86 39 89 9c ......TAP-Win32 Adapter V8 #2
    12...00 18 de 21 75 76 ......Intel(R) PRO/Wireless 3945ABG Network Connection
    11...00 15 c5 a6 47 12 ......Broadcom NetXtreme 57xx Gigabit Controller
      1...........................Software Loopback Interface 1
    15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
    13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
    16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
    14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter

    IPv4 Route Table

    Active Routes:
    Network Destination        Netmask          Gateway      Interface  Metric
              0.0.0.0          0.0.0.0    10.168.66.254    10.168.66.26    25
          10.168.66.0    255.255.255.0        On-link      10.168.66.26    281
        10.168.66.26  255.255.255.255        On-link      10.168.66.26    281
        10.168.66.255  255.255.255.255        On-link      10.168.66.26    281
            127.0.0.0        255.0.0.0        On-link        127.0.0.1    306
            127.0.0.1  255.255.255.255        On-link        127.0.0.1    306
      127.255.255.255  255.255.255.255        On-link        127.0.0.1    306
          172.10.10.4  255.255.255.252        On-link      172.10.10.6    286
          172.10.10.6  255.255.255.255        On-link      172.10.10.6    286
          172.10.10.7  255.255.255.255        On-link      172.10.10.6    286
            224.0.0.0        240.0.0.0        On-link        127.0.0.1    306
            224.0.0.0        240.0.0.0        On-link      172.10.10.6    286
            224.0.0.0        240.0.0.0        On-link      10.168.66.26    281
      255.255.255.255  255.255.255.255        On-link        127.0.0.1    306
      255.255.255.255  255.255.255.255        On-link      172.10.10.6    286
      255.255.255.255  255.255.255.255        On-link      10.168.66.26    281

    Persistent Routes:
      None

    IPv6 Route Table

    Active Routes:
    If Metric Network Destination      Gateway
    14  1140 ::/0                    2002:c058:6301::c058:6301
      1    306 ::1/128                  On-link
    13    58 2001::/32                On-link
    13    306 2001:0:5ef5:79fb:1403:3bd1:bec2:8b98/128
                                        On-link
    14  1040 2002::/16                On-link
    14    296 2002:ac0a:a06::ac0a:a06/128
                                        On-link
    18    286 fe80::/64                On-link
    12    281 fe80::/64                On-link
    13    306 fe80::/64                On-link
    13    306 fe80::1403:3bd1:bec2:8b98/128
                                        On-link
    18    286 fe80::292d:671e:abec:8227/128
                                        On-link
    12    281 fe80::ece8:ce7c:d89a:4593/128
                                        On-link
      1    306 ff00::/8                On-link
    13    306 ff00::/8                On-link
    18    286 ff00::/8                On-link
    12    281 ff00::/8                On-link

    Persistent Routes:
      None


    I flushed dns and cleared the routing table, restarted and same results. Tracert showed the connection trying to go to 192.168.64.64... I have no idea what that ip is. It isnt on any of my networks on this one



  • SOLVED!!

    Awesome. I really excited about this. In order to resolve this issue, I first, completely uninstalled OpenVPN from my laptop. (again) I then created a new user on the firewall. I made a cert for this user as well. Then, and this is the big difference… I exported the windows installer instead of the files themselves. I emailed that to myself and downloaded it to my laptop. I installed it, and noticed that it installed TAP 0901...

    I tried to log in and it worked. I then tried to access my other computers, and it worked flawlessly. I hope this helps someone else out in the future!


Log in to reply