Client Windows 2.3.4 is not working …
-
Hy,
I have a pfsense 2.1.3 with openvpn server (bridge mode).
Everything is working with latest 2.3.2 client Windows from openvpn.net
Today on a new PC we install the latest 2.3.4 and there is no traffic, the PC can't get IP from DHCP…
We uninstall 2.3.4, reboot, then install 2.3.2 and it's working again !?Is there any troubleshooting with 2.3.4 client for pfsense 2.1.X ?
Thanks
Guldil
-
I am running
Thu Sep 25 10:45:39 2014 OpenVPN 2.3.4 i686-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on May 2 2014
Thu Sep 25 10:45:39 2014 library versions: OpenSSL 1.0.1g 7 Apr 2014, LZO 2.05Which is the latest version on openvpn site that I see for windows.
Not having issues
Thu Sep 25 10:45:55 2014 MANAGEMENT: >STATE:1411659955,CONNECTED,SUCCESS,10.0.200.6,10.56.124.232My pfsense is
2.1.5-RELEASE (i386)
built on Mon Aug 25 07:44:26 EDT 2014So what is the error in the connection logs?
-
I reinstalled 2.3.4.
The VPN connect but i cant' ping and it drop after some seconds, trying to reconnect forever…
I can't kill my openvpn process, i can't disconnect, i have to reboot to close it.Thu Sep 25 21:52:48 2014 OpenVPN 2.3.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Aug 7 2014 Thu Sep 25 21:52:48 2014 library versions: OpenSSL 1.0.1i 6 Aug 2014, LZO 2.05 Enter Management Password: Thu Sep 25 21:52:49 2014 Control Channel Authentication: using 'VPN-CRN-xxxxxxxxx.key' as a OpenVPN static key file Thu Sep 25 21:52:49 2014 Attempting to establish TCP connection with [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:52:49 2014 TCP connection established with [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:52:49 2014 TCPv4_CLIENT link local (bound): [undef] Thu Sep 25 21:52:49 2014 TCPv4_CLIENT link remote: [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:52:49 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Thu Sep 25 21:52:52 2014 [openvpn.xxxxxxx.xx] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:52:55 2014 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options Thu Sep 25 21:52:55 2014 OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.1.0 Thu Sep 25 21:52:55 2014 open_tun, tt->ipv6=0 Thu Sep 25 21:52:55 2014 TAP-WIN32 device [Connexion au réseau local 3] opened: \\.\Global\{94DE5565-0978-4C52-8152-6C3659185833}.tap Thu Sep 25 21:52:55 2014 Successful ARP Flush on interface [24] {94DE5565-0978-4C52-8152-6C3659185833} Thu Sep 25 21:53:00 2014 Initialization Sequence Completed Thu Sep 25 21:53:55 2014 [openvpn.xxxxxxx.xx] Inactivity timeout (--ping-restart), restarting Thu Sep 25 21:53:55 2014 SIGUSR1[soft,ping-restart] received, process restarting Thu Sep 25 21:54:00 2014 Attempting to establish TCP connection with [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:54:00 2014 TCP connection established with [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:54:00 2014 TCPv4_CLIENT link local (bound): [undef] Thu Sep 25 21:54:00 2014 TCPv4_CLIENT link remote: [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:54:04 2014 [openvpn.xxxxxxxxx.xxxx] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:443
With 2.3.2 i don't have Inactivity timeout (–ping-restart), restarting :
Thu Sep 25 21:59:23 2014 OpenVPN 2.3.2 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [eurephia] [IPv6] built on Aug 7 2014 Enter Management Password: Thu Sep 25 21:59:24 2014 Control Channel Authentication: using 'VPN-CRN-xxxxxxxx.key' as a OpenVPN static key file Thu Sep 25 21:59:24 2014 Attempting to establish TCP connection with [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:59:24 2014 TCP connection established with [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:59:24 2014 TCPv4_CLIENT link local (bound): [undef] Thu Sep 25 21:59:24 2014 TCPv4_CLIENT link remote: [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:59:24 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this Thu Sep 25 21:59:27 2014 [openvpn.xxxxxxxx.xx] Peer Connection Initiated with [AF_INET]XXX.XXX.XXX.XXX:443 Thu Sep 25 21:59:29 2014 OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options Thu Sep 25 21:59:29 2014 OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.1.0 Thu Sep 25 21:59:29 2014 open_tun, tt->ipv6=0 Thu Sep 25 21:59:29 2014 TAP-WIN32 device [Connexion au réseau local 3] opened: \\.\Global\{94DE5565-0978-4C52-8152-6C3659185833}.tap Thu Sep 25 21:59:29 2014 Successful ARP Flush on interface [22] {94DE5565-0978-4C52-8152-6C3659185833} Thu Sep 25 21:59:34 2014 Initialization Sequence Completed
It could be a probleme with pfsense 2.1.3 because we tested with 2 differents PC behind different 4G mobile provider.
-
why are you getting this error
OpenVPN ROUTE: failed to parse/resolve route for host/network: 192.168.1.0
Where are you getting this download from?? Both of your 2.3.4 and 2.3.2 are showing
built on Aug 7 2014
Which download are you grabbing?
https://openvpn.net/index.php/open-source/downloads.html -
I use these downloads :
http://swupdate.openvpn.org/community/releases/openvpn-install-2.3.4-I603-x86_64.exe
http://swupdate.openvpn.org/community/releases/openvpn-install-2.3.2-I006-x86_64.exeFor the error, i don't know why i have it, but it's working …
-
"The I603 installers are bundled with a modern, NDIS 6-compatible tap-windows driver which only works on Windows Vista and above."
I had problems with this driver – use the other 2.3.4, listed for xp or above.
http://swupdate.openvpn.org/community/releases/openvpn-install-2.3.4-I003-x86_64.exeDoes that work?
-
It's working !
So the version Vista and above is trash ? Why it's not working on Windows 7 ?
-
that driver has some problems.. Because I have manually updated the driver to that and had issues with using the other install.
-
I've had my eye on those new installers for a while but haven't had a chance to try them out. Looks like they aren't quite ready for prime time yet.
In theory those should work better but I'm guessing they haven't got them completely stabilized yet.
-
Got a report from a customer that these installers do work so long as you take "persist-tun" out of the client config.