LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Closed Thread
 
Search this Thread
Old 01-24-2006, 08:40 AM   #1
sailershen
LQ Newbie
 
Registered: Mar 2005
Posts: 27

Rep: Reputation: 15
OpenVPN client has not default gateway when connect to OpenVPN server


when OpenVPN client(Windows XP) connect to the server(Linux), the client has a new connect:
Code:
Ethernet adapter 3:

        Connection-specific DNS Suffix  . :
        IP Address. . . . . . . . . . . . : 10.8.0.2
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
        Default Gateway . . . . . . . . . :
In the server there are a tap device:
Code:
tap0      Link encap:Ethernet  HWaddr 00:FF:0C:A8:CE:32
          inet addr:10.8.0.1  Bcast:10.8.0.255  Mask:255.255.255.0
          inet6 addr: fe80::2ff:cff:fea8:ce32/64 Scopeink
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:80 errors:0 dropped:0 overruns:0 frame:0
          TX packets:57 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:10082 (9.8 Kb)  TX bytes:7439 (7.2 Kb)
After the client connect to server, I cannot access the host on 10.8.0.0 subnet, I don't know why?


It's the server side configure file:
Code:
    local 192.168.123.153

    port 1194

    proto tcp

    dev tap

    ca ca.crt
    cert server.crt
    key server.key

    dh dh1024.pem

    server 10.8.0.0 255.255.255.0

    ifconfig-pool-persist ipp.txt

    keepalive 10 120

    tls-auth ta.key 0

    comp-lzo

    persist-key
    persist-tun

    status openvpn-status.log

    log openvpn.log
    log-append openvpn.log

    verb 9
It's the client side configure file:
Code:
    client

    dev tap
    ;dev tun

    ;proto udp

    remote sailer.gnway.net 1194

    resolv-retry infinite

    nobind

    persist-key
    persist-tun

    ca ca.crt
    cert client.crt
    key client.key

    tls-auth ta.key 1

    comp-lzo

    verb 6

Last edited by sailershen; 01-24-2006 at 08:43 AM.
 
Old 01-24-2006, 10:02 PM   #2
tkedwards
Senior Member
 
Registered: Aug 2004
Location: Munich, Germany
Distribution: Opensuse 11.2
Posts: 1,549

Rep: Reputation: 51
Quote:
After the client connect to server, I cannot access the host on 10.8.0.0 subnet, I don't know why?
Can the client get to the server? If so then the VPN is working. The 10.8.0.0 thing is just the IP addresses of the tunnel, ie. the virtual connection between the client on the server. If you have other machines connected to the client they should be on a different network - don't put them on the 10.8.0.0 network otherwise it'll stuff up.
 
Old 03-03-2010, 09:53 PM   #3
computerman1983
LQ Newbie
 
Registered: Aug 2009
Distribution: Ubuntu 9.10, Red Hat WS 4, CentOS, OpenBSD, and all windows flavs
Posts: 20

Rep: Reputation: 1
Try this server config.

local 192.168.123.153

port 1194

proto tcp

dev tap

ca ca.crt
cert server.crt
key server.key

dh dh1024.pem

# old ip (same ip as your Tap)
# server 10.8.0.0 255.255.255.0
server 10.8.0.1 255.255.255.0

# IF you want your all of your clients traffic though your vpn out your connection then add this.

push redirect-gateway 10.8.0.1

ifconfig-pool-persist ipp.txt

keepalive 10 120

tls-auth ta.key 0

comp-lzo

persist-key
persist-tun

status openvpn-status.log

log openvpn.log
log-append openvpn.log

verb 9

After that restart your vpn and connect your client. Let me know if it fixes your problem. Thanks
 
Old 03-04-2010, 02:20 AM   #4
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
computerman1983, we really don't like to have zombies walking around here, so if you see that a thread's been dead for a few months or more, please let it rest in peace.

Last edited by win32sux; 03-04-2010 at 02:22 AM.
 
  


Closed Thread


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Error in openVPN client GUI about openssl sailershen Linux - Security 1 01-26-2006 07:24 PM
[openvpn] routing at server side Zym0tiC Linux - Networking 2 10-06-2005 03:40 PM
OpenVPN client cannot route to LAN TheAmazingSteve Linux - Networking 1 09-29-2005 03:40 PM
inetd and OpenVPN client rmocius@auste.e Slackware 0 10-14-2004 01:50 AM
Clark Connect, OpenVPN or what? Looking_Lost Linux - Networking 0 05-17-2004 05:11 PM


All times are GMT -5. The time now is 03:39 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration