Open VPN I must be doing something wrong.

windozeuser · 03-30-2009, 05:52 AM

Client OpenVPN's cannot communicate with any server in my network. Setting up a "site to site" VPN brings down my untangle server as well.

Here is my setup

Cable Modem --> Linksys Router 10.250.4.1 --> Untangle (outside IP 10.250.4.12) (inside bridged) --> LAN.

Internal Lan: 10.250.4.0/24
Remote Lan: 10.17.74.0/26
OpenVPN Schema: 172.16.0.0/24

The remote client connects to OpenVPN, gets the ip 172.16.0.5 with no gateway. I manually set the route
route add 10.250.4.0 mask 255.255.255.0 172.16.0.5

I cannot communicate with any computer in my network.

The export is 10.250.4.12 255.255.255.0

Also, when I try to setup a VPN site client, the second I save, the Untangle server stops responding completely to all network requests.

andrew50 · 03-30-2009, 07:48 AM

Quote:

The export is 10.250.4.12 255.255.255.0

try changing that to 10.250.4.0 , the way you have it you could only connect to that single client over VPN

why do you have the linksys ?

windozeuser · 03-30-2009, 07:49 AM

I have static IP and my ISp requires DHCP by MAC ID. The linksys is legacy and the untangle provides advanced security behind it.

Scheduled for removal May 09.

windozeuser · 03-30-2009, 08:02 AM

Ok, that didn't work, but I noticed an error in the openvpn on the client.

Mon Mar 30 10:57:29 2009 OpenVPN 2.0.5 Win32-MinGW [SSL] [LZO] built on Nov 2 2005
Mon Mar 30 10:57:29 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Mon Mar 30 10:57:29 2009 LZO compression initialized
Mon Mar 30 10:57:30 2009 UDPv4 link local: [undef]
Mon Mar 30 10:57:30 2009 UDPv4 link remote: 24.<REMOVED>:1194
Mon Mar 30 10:57:34 2009 [server.does.not.exists] Peer Connection Initiated with 24.<REMOVED>:1194
Mon Mar 30 10:57:35 2009 TAP-WIN32 device [NULL] opened: \\.\Global\{14CBCD10-AF3D-47AB-BDA6-5A5F913B9000}.tap
Mon Mar 30 10:57:35 2009 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.16.0.5/255.255.255.252 on interface {14CBCD10-AF3D-47AB-BDA6-5A5F913B9000} [DHCP-serv: 172.16.0.6, lease-time: 31536000]
Mon Mar 30 10:57:35 2009 NOTE: FlushIpNetTable failed on interface [1769480] {14CBCD10-AF3D-47AB-BDA6-5A5F913B9000} (status=259) : No more data is available.
Mon Mar 30 10:57:35 2009 Initialization Sequence Completed

andrew50 · 03-30-2009, 08:08 AM

There are issues if you are running the client on Vista...try run as administrator

windozeuser · 03-30-2009, 08:11 AM

This is running on server 2003 as administrator. You think I have a permissions issue?

andrew50 · 03-30-2009, 08:13 AM

no, it usually only occurs on vista due to UAC

windozeuser · 03-30-2009, 08:52 AM

Ok one more thing.

When I export the client - it is trying to connect to 10.250.4.12 not my external IP.

andrew50 · 03-30-2009, 09:00 AM

Quote:

Mon Mar 30 10:57:34 2009 [server.does.not.exists] Peer Connection Initiated with 24.<REMOVED>:1194

looks like it is trying to connect to a 24. external IP

You can not connect to the VPN from behind the untangle by default.

windozeuser · 03-30-2009, 09:05 AM

Ok. My clients are not behind the untangle, but when I export the OpenVPN client exe it tries to connect to 10.250.4.12 - which is on my local lan, but not on the remote site obviously.

I must be doing something wrong.

03-30-2009, 05:52 AM	#1 (permalink)
windozeuser Untanglit Join Date: Mar 2009 Posts: 21	Open VPN I must be doing something wrong. Client OpenVPN's cannot communicate with any server in my network. Setting up a "site to site" VPN brings down my untangle server as well. Here is my setup Cable Modem --> Linksys Router 10.250.4.1 --> Untangle (outside IP 10.250.4.12) (inside bridged) --> LAN. Internal Lan: 10.250.4.0/24 Remote Lan: 10.17.74.0/26 OpenVPN Schema: 172.16.0.0/24 The remote client connects to OpenVPN, gets the ip 172.16.0.5 with no gateway. I manually set the route route add 10.250.4.0 mask 255.255.255.0 172.16.0.5 I cannot communicate with any computer in my network. The export is 10.250.4.12 255.255.255.0 Also, when I try to setup a VPN site client, the second I save, the Untangle server stops responding completely to all network requests. __________________ An unspecified error has occurred in module <UNKNOWN>. Please contact your system administrator and tell him you are being used a beta tester.

03-30-2009, 07:49 AM	#3 (permalink)
windozeuser Untanglit Join Date: Mar 2009 Posts: 21	I have static IP and my ISp requires DHCP by MAC ID. The linksys is legacy and the untangle provides advanced security behind it. Scheduled for removal May 09. __________________ An unspecified error has occurred in module <UNKNOWN>. Please contact your system administrator and tell him you are being used a beta tester.

03-30-2009, 08:02 AM	#4 (permalink)
windozeuser Untanglit Join Date: Mar 2009 Posts: 21	Ok, that didn't work, but I noticed an error in the openvpn on the client. Mon Mar 30 10:57:29 2009 OpenVPN 2.0.5 Win32-MinGW [SSL] [LZO] built on Nov 2 2005 Mon Mar 30 10:57:29 2009 IMPORTANT: OpenVPN's default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port. Mon Mar 30 10:57:29 2009 LZO compression initialized Mon Mar 30 10:57:30 2009 UDPv4 link local: [undef] Mon Mar 30 10:57:30 2009 UDPv4 link remote: 24.<REMOVED>:1194 Mon Mar 30 10:57:34 2009 [server.does.not.exists] Peer Connection Initiated with 24.<REMOVED>:1194 Mon Mar 30 10:57:35 2009 TAP-WIN32 device [NULL] opened: \\.\Global\{14CBCD10-AF3D-47AB-BDA6-5A5F913B9000}.tap Mon Mar 30 10:57:35 2009 Notified TAP-Win32 driver to set a DHCP IP/netmask of 172.16.0.5/255.255.255.252 on interface {14CBCD10-AF3D-47AB-BDA6-5A5F913B9000} [DHCP-serv: 172.16.0.6, lease-time: 31536000] Mon Mar 30 10:57:35 2009 NOTE: FlushIpNetTable failed on interface [1769480] {14CBCD10-AF3D-47AB-BDA6-5A5F913B9000} (status=259) : No more data is available. Mon Mar 30 10:57:35 2009 Initialization Sequence Completed __________________ An unspecified error has occurred in module <UNKNOWN>. Please contact your system administrator and tell him you are being used a beta tester.

03-30-2009, 08:11 AM	#6 (permalink)
windozeuser Untanglit Join Date: Mar 2009 Posts: 21	This is running on server 2003 as administrator. You think I have a permissions issue? __________________ An unspecified error has occurred in module <UNKNOWN>. Please contact your system administrator and tell him you are being used a beta tester.

03-30-2009, 08:52 AM	#8 (permalink)
windozeuser Untanglit Join Date: Mar 2009 Posts: 21	Ok one more thing. When I export the client - it is trying to connect to 10.250.4.12 not my external IP. __________________ An unspecified error has occurred in module <UNKNOWN>. Please contact your system administrator and tell him you are being used a beta tester.

03-30-2009, 08:08 AM	#5 (permalink)
andrew50 Master Untangler Join Date: Mar 2008 URLs submitted: 6 Posts: 128	There are issues if you are running the client on Vista...try run as administrator

03-30-2009, 08:13 AM	#7 (permalink)
andrew50 Master Untangler Join Date: Mar 2008 URLs submitted: 6 Posts: 128	no, it usually only occurs on vista due to UAC

03-30-2009, 09:05 AM	#10 (permalink)
windozeuser Untanglit Join Date: Mar 2009 Posts: 21	Ok. My clients are not behind the untangle, but when I export the OpenVPN client exe it tries to connect to 10.250.4.12 - which is on my local lan, but not on the remote site obviously. I must be doing something wrong. __________________ An unspecified error has occurred in module <UNKNOWN>. Please contact your system administrator and tell him you are being used a beta tester.