OpenVPN question about routing?

jewing · 04-16-2013, 06:44 PM

So I am connecting to a VPN server via .conf. It appears to be working:

Code:

Enter Auth Username:blahblah
Enter Auth Password:
Tue Apr 16 16:07:46 2013 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Tue Apr 16 16:07:46 2013 LZO compression initialized
Tue Apr 16 16:07:46 2013 RESOLVE: NOTE: jenny.vpntunnel.se resolves to 5 addresses, choosing one by random
Tue Apr 16 16:07:46 2013 UDPv4 link local: [undef]
Tue Apr 16 16:07:46 2013 UDPv4 link remote: [AF_INET]178.73.212.244:7002
Tue Apr 16 16:07:47 2013 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Tue Apr 16 16:07:49 2013 [server] Peer Connection Initiated with [AF_INET]178.73.212.244:7002
Tue Apr 16 16:07:51 2013 TUN/TAP device tun0 opened
Tue Apr 16 16:07:51 2013 /sbin/ifconfig tun0 5.254.140.55 netmask 255.255.255.224 mtu 1500 broadcast 5.254.140.63
Tue Apr 16 16:07:51 2013 Initialization Sequence Completed

Once OpenVPN has done its thing it creates tun0:

Code:

eth2      Link encap:Ethernet  HWaddr 08:00:27:9b:48:a4  
          inet addr:10.0.2.15  Bcast:10.0.2.255  Mask:255.255.255.0
          inet6 addr: fe80::a00:27ff:fe9b:48a4/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1499 errors:0 dropped:0 overruns:0 frame:0
          TX packets:387 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:422058 (422.0 KB)  TX bytes:72491 (72.4 KB)
          Interrupt:19 Base address:0xd020 

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:257 errors:0 dropped:0 overruns:0 frame:0
          TX packets:257 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:51429 (51.4 KB)  TX bytes:51429 (51.4 KB)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:5.254.139.74  P-t-P:5.254.139.74  Mask:255.255.255.224
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:354 errors:0 dropped:0 overruns:0 frame:0
          TX packets:32 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:29786 (29.7 KB)  TX bytes:3914 (3.9 KB)

At this point I lose internet connection. So my question is: What are the next steps I need to take to begin utilizing my VPN connection? I haven't used openvpn before, and kind of assumed it would just magically work. To my dismay this was not the case. I started digging through forum posts to only walk away even more confused. Any help would be appreciated. Thanks in advance.

maxhq · 04-17-2013, 03:48 PM

Usually the server configuration holds the routing definition.
When the connection is established, the vpn client receives this definition and then adds the routes accordingly.
If the server decides that all traffic should be routed into the tunnel, the client computer will not be able to do any other communication as long as the tunnel is up.

But I'm wondering why your output doesn't contain any routing commands.
What is printed if you run "ip route" after the tunnel is up?

jewing · 04-17-2013, 04:23 PM

Doh, I posted this thread twice. : /

Anyways, after setting my verbosity levels up with the vpn I saw this:

Code:

Wed Apr 17 14:02:08 2013 /sbin/ifconfig tun0 5.254.138.10 netmask 255.255.255.224 mtu 1500 broadcast 5.254.138.31
Wed Apr 17 14:02:08 2013 /sbin/route add -net 178.73.212.242 netmask 255.255.255.255 gw 10.50.51.1
Wed Apr 17 14:02:08 2013 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 5.254.138.1
Wed Apr 17 14:02:08 2013 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 5.254.138.1

My routes look like this:

Code:

ip route
0.0.0.0/1 via 5.254.138.1 dev tun0 
default via 10.50.51.1 dev eth2  metric 100 
5.254.138.0/27 dev tun0  proto kernel  scope link  src 5.254.138.10 
10.50.51.0/24 dev eth2  proto kernel  scope link  src 10.50.51.78 
128.0.0.0/1 via 5.254.138.1 dev tun0 
178.73.212.242 via 10.50.51.1 dev eth2

Now I am trying to figure out which one of these routes I need to remove?

maxhq · 04-18-2013, 03:52 AM

Well, your routes look a bit strange to me.

The problem are those two route:

"0.0.0.0 netmask 128.0.0.0" which means IPs from 0.0.0.0 till 127.255.255.255.
"128.0.0.0 netmask 128.0.0.0" which mean IPs from 128.0.0.0 till 255.255.255.255

With those two routes you route all your traffic to gateway 5.254.138.1.