Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Cannot push route to OpenVPN client on Win8

    Scheduled Pinned Locked Moved OpenVPN
    6 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      Gob
      last edited by

      Hi
      I am trying to set up a roadwarrior OpenVPN client to connect back to our office and also access resources over an IPSEC tunnel from the office.
      The basic OpenVPN client works perfectly and I can access the LAN subnet at the office.
      The IPSEC Phase 2 connections are configured to route traffic from both the LAN and OpenVPN subnets. I then assume I need to add a route to the openVPN client for the remote site so that it knows to use the tunnel.
      I have used push route in the config but it seems to fail configuring the route on my windows8 machine.
      I am running the client as administrator and I have applied the tweaks as detailed here:

      http://www.vpntutorials.com/tutorials/openvpn-client-setup-tutorial-for-windows-8/

      My config file is:

      
dev tun
persist-tun
persist-key
cipher AES-128-CBC
auth SHA1
tls-client
client
resolv-retry infinite
remote x.x.x.x 1194 udp
lport 0
verify-x509-name "005 Roadwarrior Cert" name
auth-user-pass
pkcs12 xxxxxxxx-udp-1194-gordon.p12
tls-auth xxxxxxxx-udp-1194-gordon-tls.key 1
ns-cert-type server

# dont terminate service process on wrong password, ask again
auth-retry interact
# open management channel
management 127.0.0.1 166
# wait for management to explicitly start connection
management-hold
# query management channel for user/pass
management-query-passwords
# disconnect VPN when managment program connection is closed
management-signal
# forget password when management disconnects
management-forget-disconnect

route-method exe
route-delay 2

push "route 192.168.250.0 255.255.255.0"

      The connection log shows:

      
Fri Feb 28 16:50:55 2014 OpenVPN 2.3.2 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 22 2013
Fri Feb 28 16:51:02 2014 Control Channel Authentication: using 'xxxxxx-udp-1194-gordon-tls.key' as a OpenVPN static key file
Fri Feb 28 16:51:02 2014 UDPv4 link local (bound): [undef]
Fri Feb 28 16:51:02 2014 UDPv4 link remote: [AF_INET]194.168.202.190:1194
Fri Feb 28 16:51:02 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Fri Feb 28 16:51:04 2014 [005 Roadwarrior Cert] Peer Connection Initiated with [AF_INET]194.168.202.190:1194
Fri Feb 28 16:51:08 2014 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Feb 28 16:51:08 2014 open_tun, tt->ipv6=0
Fri Feb 28 16:51:08 2014 TAP-WIN32 device [Local Area Connection] opened: \\.\Global\{9EF70C79-7D52-466E-AD26-8476081B6FFB}.tap
Fri Feb 28 16:51:08 2014 Notified TAP-Windows driver to set a DHCP IP/netmask of 192.168.6.6/255.255.255.252 on interface {9EF70C79-7D52-466E-AD26-8476081B6FFB} [DHCP-serv: 192.168.6.5, lease-time: 31536000]
Fri Feb 28 16:51:08 2014 Successful ARP Flush on interface [37] {9EF70C79-7D52-466E-AD26-8476081B6FFB}
Fri Feb 28 16:51:10 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Fri Feb 28 16:51:10 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Fri Feb 28 16:51:10 2014 env_block: add PATH=C:\Windows\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Fri Feb 28 16:51:10 2014 Initialization Sequence Completed

      I am using the 32-bit installer on 64-bit machine.
      I get the same results using the OpenVPN GUI  or the Connection Manager.

      Any thoughts?

      thanks

      If I fix one more thing than I break in a day, it's a good day!

      1 Reply Last reply Reply Quote 0
      • G
        Gob
        last edited by

        as a following up…
        I have also tried this on Vista with exactly the same results.
        If I manually add the route through a command route it works perfectly.
        That isn't really a workable solution when it comes to rolling out to our staff though.

        If I fix one more thing than I break in a day, it's a good day!

        1 Reply Last reply Reply Quote 0
        • D
          doktornotor Banned
          last edited by

          Works just fine here with W8.1 even. You definitely should stop using using the 32-bit installer on 64-bit machine, uninstall everything and wipe the config remnants before installing a proper 64bit package.

          1 Reply Last reply Reply Quote 0
          • G
            Gob
            last edited by

            I read a post that the OpenVPN Config Manager doesn't work on 64-bit machines, and that you need to use that for non admin users?
            If that's no-longer the case I will try your suggestion.

            If I fix one more thing than I break in a day, it's a good day!

            1 Reply Last reply Reply Quote 0
            • D
              doktornotor Banned
              last edited by

              Yes, it does not work. Frankly, it never really worked on x86 either for me. Use the x64 OpenVPN-GUI package.

              If you still have problems, make sure you have checked "Allocate only one IP per client (topology subnet), rather than an isolated subnet per client (topology net30)." in the OpenVPN server configuration.

              1 Reply Last reply Reply Quote 0
              • G
                Gob
                last edited by

                ;D
                Will check that out - thanks

                If I fix one more thing than I break in a day, it's a good day!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.