4. Client Windows 2.3.4 is not working …

Client Windows 2.3.4 is not working …

  • G

    Hy,

    I have a pfsense 2.1.3 with openvpn server (bridge mode).
    Everything is working with latest 2.3.2 client Windows from openvpn.net
    Today on a new PC we install the latest 2.3.4 and there is no traffic, the PC can't get IP from DHCP…
    We uninstall 2.3.4, reboot, then install 2.3.2 and it's working again !?

    Is there any troubleshooting with 2.3.4 client for pfsense 2.1.X ?

    Thanks

    Guldil

    0
  • Rebel Alliance Global Moderator

    I am running
    Thu Sep 25 10:45:39 2014 OpenVPN 2.3.4 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May  2 2014
    Thu Sep 25 10:45:39 2014 library versions: OpenSSL 1.0.1g 7 Apr 2014, LZO 2.05

    Which is the latest version on openvpn site that I see for windows.

    Not having issues
    Thu Sep 25 10:45:55 2014 MANAGEMENT: >STATE:1411659955,CONNECTED,SUCCESS,10.0.200.6,10.56.124.232

    My pfsense is
    2.1.5-RELEASE (i386)
    built on Mon Aug 25 07:44:26 EDT 2014

    So what is the error in the connection logs?

    0
  • G

    I reinstalled 2.3.4.

    The VPN connect but i cant' ping and it drop after some seconds, trying to reconnect forever…
    I can't kill my openvpn process, i can't disconnect, i have to reboot to close it.

    Thu Sep 25 21:52:48 2014 OpenVPN 2.3.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug  7 2014
Thu Sep 25 21:52:48 2014 library versions: OpenSSL 1.0.1i 6 Aug 2014, LZO 2.05
Enter Management Password:
Thu Sep 25 21:52:49 2014 Control Channel Authentication: using 'VPN-CRN-xxxxxxxxx.key' as a OpenVPN static key file
Thu Sep 25 21:52:49 2014 Attempting to establish TCP connection with [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:52:49 2014 TCP connection established with [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:52:49 2014 TCPv4_CLIENT link local (bound): [undef]
Thu Sep 25 21:52:49 2014 TCPv4_CLIENT link remote: [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:52:49 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Sep 25 21:52:52 2014 [openvpn.xxxxxxx.xx] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:52:55 2014 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Thu Sep 25 21:52:55 2014 OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.1.0
Thu Sep 25 21:52:55 2014 open_tun, tt->ipv6=0
Thu Sep 25 21:52:55 2014 TAP-WIN32 device [Connexion au réseau local 3] opened: \\.\Global\{94DE5565-0978-4C52-8152-6C3659185833}.tap
Thu Sep 25 21:52:55 2014 Successful ARP Flush on interface [24] {94DE5565-0978-4C52-8152-6C3659185833}
Thu Sep 25 21:53:00 2014 Initialization Sequence Completed
Thu Sep 25 21:53:55 2014 [openvpn.xxxxxxx.xx] Inactivity timeout (--ping-restart), restarting
Thu Sep 25 21:53:55 2014 SIGUSR1[soft,ping-restart] received, process restarting
Thu Sep 25 21:54:00 2014 Attempting to establish TCP connection with [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:54:00 2014 TCP connection established with [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:54:00 2014 TCPv4_CLIENT link local (bound): [undef]
Thu Sep 25 21:54:00 2014 TCPv4_CLIENT link remote: [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:54:04 2014 [openvpn.xxxxxxxxx.xxxx] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:443

    With 2.3.2 i don't have Inactivity timeout (–ping-restart), restarting :

    Thu Sep 25 21:59:23 2014 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug  7 2014
Enter Management Password:
Thu Sep 25 21:59:24 2014 Control Channel Authentication: using 'VPN-CRN-xxxxxxxx.key' as a OpenVPN static key file
Thu Sep 25 21:59:24 2014 Attempting to establish TCP connection with [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:59:24 2014 TCP connection established with [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:59:24 2014 TCPv4_CLIENT link local (bound): [undef]
Thu Sep 25 21:59:24 2014 TCPv4_CLIENT link remote: [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:59:24 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Sep 25 21:59:27 2014 [openvpn.xxxxxxxx.xx] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:443
Thu Sep 25 21:59:29 2014 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options
Thu Sep 25 21:59:29 2014 OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.1.0
Thu Sep 25 21:59:29 2014 open_tun, tt->ipv6=0
Thu Sep 25 21:59:29 2014 TAP-WIN32 device [Connexion au réseau local 3] opened: \\.\Global\{94DE5565-0978-4C52-8152-6C3659185833}.tap
Thu Sep 25 21:59:29 2014 Successful ARP Flush on interface [22] {94DE5565-0978-4C52-8152-6C3659185833}
Thu Sep 25 21:59:34 2014 Initialization Sequence Completed

    It could be a probleme with pfsense 2.1.3 because we tested with 2 differents PC behind different 4G mobile provider.

    0
  • Rebel Alliance Global Moderator

    why are you getting this error

    OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.1.0

    Where are you getting this download from??  Both of your 2.3.4 and 2.3.2 are showing

    built on Aug  7 2014

    Which download are you grabbing?
    https://openvpn.net/index.php/open-source/downloads.html

    0
  • G

    I use these downloads :

    http://swupdate.openvpn.org/community/releases/openvpn-install-2.3.4-I603-x86_64.exe
    http://swupdate.openvpn.org/community/releases/openvpn-install-2.3.2-I006-x86_64.exe

    For the error, i don't know why i have it, but it's working …

    0
  • Rebel Alliance Global Moderator

    "The I603 installers are bundled with a modern, NDIS 6-compatible tap-windows driver which only works on Windows Vista and above."

    I had problems with this driver – use the other 2.3.4, listed for xp or above.
    http://swupdate.openvpn.org/community/releases/openvpn-install-2.3.4-I003-x86_64.exe

    Does that work?

    0
  • G

    It's working !

    So the version Vista and above is trash ? Why it's not working on Windows 7 ?

    0
  • Rebel Alliance Global Moderator

    that driver has some problems..  Because I have manually updated the driver to that and had issues with using the other install.

    0
  • Rebel Alliance Developer Netgate

    I've had my eye on those new installers for a while but haven't had a chance to try them out. Looks like they aren't quite ready for prime time yet.

    In theory those should work better but I'm guessing they haven't got them completely stabilized yet.

    0
  • Rebel Alliance Developer Netgate

    Got a report from a customer that these installers do work so long as you take "persist-tun" out of the client config.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy