LinuxQuestions.org - OpenVPN client has not default gateway when connect to OpenVPN server

- Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)

- - OpenVPN client has not default gateway when connect to OpenVPN server (https://www.linuxquestions.org/questions/linux-security-4/openvpn-client-has-not-default-gateway-when-connect-to-openvpn-server-407367/)

OpenVPN client has not default gateway when connect to OpenVPN server

when OpenVPN client(Windows XP) connect to the server(Linux), the client has a new connect:

Code:

Ethernet adapter 3:



        Connection-specific DNS Suffix  . :

        IP Address. . . . . . . . . . . . : 10.8.0.2

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . :

In the server there are a tap device:

Code:

tap0      Link encap:Ethernet  HWaddr 00:FF:0C:A8:CE:32

          inet addr:10.8.0.1  Bcast:10.8.0.255  Mask:255.255.255.0

          inet6 addr: fe80::2ff:cff:fea8:ce32/64 Scopeink

          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

          RX packets:80 errors:0 dropped:0 overruns:0 frame:0

          TX packets:57 errors:0 dropped:0 overruns:0 carrier:0

          collisions:0 txqueuelen:100

          RX bytes:10082 (9.8 Kb)  TX bytes:7439 (7.2 Kb)

After the client connect to server, I cannot access the host on 10.8.0.0 subnet, I don't know why?

It's the server side configure file:

Code:

    local 192.168.123.153



    port 1194



    proto tcp



    dev tap



    ca ca.crt

    cert server.crt

    key server.key



    dh dh1024.pem



    server 10.8.0.0 255.255.255.0



    ifconfig-pool-persist ipp.txt



    keepalive 10 120



    tls-auth ta.key 0



    comp-lzo



    persist-key

    persist-tun



    status openvpn-status.log



    log openvpn.log

    log-append openvpn.log



    verb 9

It's the client side configure file:

Code:

    client



    dev tap

    ;dev tun



    ;proto udp



    remote sailer.gnway.net 1194



    resolv-retry infinite



    nobind



    persist-key

    persist-tun



    ca ca.crt

    cert client.crt

    key client.key



    tls-auth ta.key 1



    comp-lzo



    verb 6

Quote:

After the client connect to server, I cannot access the host on 10.8.0.0 subnet, I don't know why?

Can the client get to the server? If so then the VPN is working. The 10.8.0.0 thing is just the IP addresses of the tunnel, ie. the virtual connection between the client on the server. If you have other machines connected to the client they should be on a different network - don't put them on the 10.8.0.0 network otherwise it'll stuff up.

Try this server config.

local 192.168.123.153

port 1194

proto tcp

dev tap

ca ca.crt
cert server.crt
key server.key

dh dh1024.pem

# old ip (same ip as your Tap)
# server 10.8.0.0 255.255.255.0
server 10.8.0.1 255.255.255.0

# IF you want your all of your clients traffic though your vpn out your connection then add this.

push redirect-gateway 10.8.0.1

ifconfig-pool-persist ipp.txt

keepalive 10 120

tls-auth ta.key 0

comp-lzo

persist-key
persist-tun

status openvpn-status.log

log openvpn.log
log-append openvpn.log

verb 9

After that restart your vpn and connect your client. Let me know if it fixes your problem. Thanks

computerman1983, we really don't like to have zombies walking around here, so if you see that a thread's been dead for a few months or more, please let it rest in peace.