Hi all
I've configured an openvpn 2.2.1 server on a ubuntu 12.4 vps server and I can connect to it in my linux box and windows and there is nothing wrong in the handshake and establishment part. the problem is when the openvpn client is trying to change the routes for making openvpn to work, it pushes the wrong routes and make it unusable. O_o
After changing the routes manually to the right one, it starts to working!
here is the Server.conf configurations in the server side
Code:
mode server
dev tun
proto tcp
# Notice: here we set the listening port to be 8090
port 8090
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key # This file should be kept secret
dh /etc/openvpn/dh1024.pem
user nobody
group nogroup
server 10.8.0.0 255.255.255.0
persist-key
persist-tun
cipher BF-CBC # Blowfish (default)
comp-lzo
status /etc/openvpn/openvpn-status.log
log-append /etc/openvpn/openvpn.log
verb 3
client-to-client
#push "route add default gw 10.8.0.1"
push "redirect-gateway"
#push "redirect-gateway def1"
#push "redirect-gateway def1 bypass-dhcp"
#Note that the following two IPs are public DNS IPs
#If you have problem in data transfer after VPN is connected, maybe your ISP has blocked them
#In that case you need to change them to other public DNS IPs
#ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 10.8.0.1"
push "dhcp-option DOMAIN kashef-groups.com"
# push "dhcp-option DNS 208.67.222.220"
as you can see the red line that is marked by red is responsible to change the default route of the client and actually it does!!!
but it does it by the wrong address. here is the wrong routes that openvpn pushes to my linux client
also I've tried the other push directives that are changed to comments
Code:
default via 10.8.0.5 dev tun0
10.8.0.0/24 via 10.8.0.5 dev tun0
10.8.0.5 dev tun0 proto kernel scope link src 10.8.0.6
169.254.0.0/16 dev eth1 scope link metric 1000
openvpn_server_ip via 192.168.1.1 dev eth1
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.106 metric 2
and here is the right rules that I put them manually and make things right
Code:
default via 10.8.0.1 dev tun0
10.8.0.0/24 via 10.8.0.1 dev tun0
10.8.0.1 dev tun0 proto kernel scope link src 10.8.0.6
169.254.0.0/16 dev eth1 scope link metric 1000
openvpn_server_ip via 192.168.1.1 dev eth1
192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.106 metric 2
as you can see it pushes 10.8.0.5 instead of 10.8.0.1 and I don't know why. all I know, it ruins the things
here is the client.ovpn for the openvpn client part
Code:
client
dev tun
proto tcp
#if you have chosen another port number in openvpn.conf, you need to use that below
remote openvpn_server_ip 8090
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
cipher BF-CBC
comp-lzo
verb 3
now I don't know what to do
