LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 10-02-2012, 01:03 PM   #1
pendrive
Member
 
Registered: Mar 2011
Posts: 51

Rep: Reputation: 2
problem in the routings is pushed by openvpn after the connection established


Hi all

I've configured an openvpn 2.2.1 server on a ubuntu 12.4 vps server and I can connect to it in my linux box and windows and there is nothing wrong in the handshake and establishment part. the problem is when the openvpn client is trying to change the routes for making openvpn to work, it pushes the wrong routes and make it unusable. O_o
After changing the routes manually to the right one, it starts to working!
here is the Server.conf configurations in the server side

Code:
mode server

dev tun
    proto tcp

	# Notice: here we set the listening port to be 8090
	port 8090
	
	ca /etc/openvpn/ca.crt
	cert /etc/openvpn/server.crt
	key /etc/openvpn/server.key  # This file should be kept secret
	
	dh /etc/openvpn/dh1024.pem

    user nobody
    group nogroup
    server 10.8.0.0 255.255.255.0

    persist-key
    persist-tun
	
	cipher BF-CBC        # Blowfish (default)
	comp-lzo

    status /etc/openvpn/openvpn-status.log
    log-append  /etc/openvpn/openvpn.log
    verb 3
    client-to-client
    #push "route add default gw 10.8.0.1"
    push "redirect-gateway"    
    #push "redirect-gateway def1"
    #push "redirect-gateway def1 bypass-dhcp"
	#Note that the following two IPs are public DNS IPs
    #If you have problem in data transfer after VPN is connected, maybe your ISP has blocked them 
	#In that case you need to change them to other public DNS IPs
    #ifconfig-pool-persist ipp.txt
    push "dhcp-option DNS 10.8.0.1"
    push "dhcp-option DOMAIN kashef-groups.com"
   # push "dhcp-option DNS 208.67.222.220"
as you can see the red line that is marked by red is responsible to change the default route of the client and actually it does!!!
but it does it by the wrong address. here is the wrong routes that openvpn pushes to my linux client
also I've tried the other push directives that are changed to comments

Code:
default via 10.8.0.5 dev tun0 
10.8.0.0/24 via 10.8.0.5 dev tun0 
10.8.0.5 dev tun0  proto kernel  scope link  src 10.8.0.6 
169.254.0.0/16 dev eth1  scope link  metric 1000 
openvpn_server_ip via 192.168.1.1 dev eth1 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.106  metric 2
and here is the right rules that I put them manually and make things right
Code:
default via 10.8.0.1 dev tun0 
10.8.0.0/24 via 10.8.0.1 dev tun0 
10.8.0.1 dev tun0  proto kernel  scope link  src 10.8.0.6 
169.254.0.0/16 dev eth1  scope link  metric 1000 
openvpn_server_ip via 192.168.1.1 dev eth1 
192.168.1.0/24 dev eth1  proto kernel  scope link  src 192.168.1.106  metric 2
as you can see it pushes 10.8.0.5 instead of 10.8.0.1 and I don't know why. all I know, it ruins the things

here is the client.ovpn for the openvpn client part

Code:
client
dev tun
proto tcp

#if you have chosen another port number in openvpn.conf, you need to use that below
remote openvpn_server_ip 8090

resolv-retry infinite
nobind

persist-key
persist-tun

ca ca.crt
cert client1.crt
key client1.key

cipher BF-CBC
comp-lzo
verb 3
now I don't know what to do
 
Old 10-04-2012, 05:33 PM   #2
pendrive
Member
 
Registered: Mar 2011
Posts: 51

Original Poster
Rep: Reputation: 2
Now it's working. with adding nothing to the end of configuration files!!!!!!!!
the more weird part is it's working with the default route of 10.8.0.5 while the ip address of tunnels server side part is 10.8.0.1 !!!!

How? How I ask you . . .

---------- Post added 10-04-12 at 04:33 PM ----------

Now it's working. with adding nothing to the end of configuration files!!!!!!!!
the more weird part is it's working with the default route of 10.8.0.5 while the ip address of tunnels server side part is 10.8.0.1 !!!!

How? How I ask you . . .
 
  


Reply

Tags
openvpn, route


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
openvpn connection problem golden_boy615 Linux - Networking 4 05-12-2010 10:42 AM
OpenVPN connection problem dpeterson3 Linux - Software 5 08-25-2009 10:53 PM
OpenVPN Connection Problem priyadarshan Linux - Newbie 1 02-27-2009 10:15 AM
openvpn, dns not pushed on linux client Shwick Linux - Server 0 12-31-2008 12:10 PM
Time out in Connection established state if no Data flows on that connection asurya Linux - Networking 2 04-10-2005 04:54 PM


All times are GMT -5. The time now is 06:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration