Results 1 to 3 of 3
  1. #1
    Newbie
    Join Date
    Sep 2019
    Posts
    6

    Angry Cannot Connect to UNTANGLE Server

    Have been trying to make openvpn connect to server for several days and I'm exhausted...
    the Server config is:
    TELCO Router DMZ > WAN NIC of Untangle 192.168.15.2
    LAN NIC is 192.168.0.1

    I have not created local directory
    DNS for internal clients is being resolved by Windows 2019

    I have tried removing OpenVPN, rebooted, installed fresh and created the vpn settings (all default)

    VPN Server settings are default (172.16.91.0/24 and site URL is 192.168.15.2:1194
    Exported Network = 192.168.0.1/24

    Output from Windows client:
    Tue Feb 11 10:10:50 2020 OpenVPN 2.4.8 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Oct 31 2019
    Tue Feb 11 10:10:50 2020 Windows version 6.2 (Windows 8 or greater) 64bit
    Tue Feb 11 10:10:50 2020 library versions: OpenSSL 1.1.0l 10 Sep 2019, LZO 2.10
    Tue Feb 11 10:10:50 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.15.2:1194
    Tue Feb 11 10:10:50 2020 UDP link local: (not bound)
    Tue Feb 11 10:10:50 2020 UDP link remote: [AF_INET]192.168.15.2:1194
    Tue Feb 11 10:11:51 2020 [UNDEF] Inactivity timeout (--ping-restart), restarting
    Tue Feb 11 10:11:51 2020 SIGUSR1[soft,ping-restart] received, process restarting

    Untangle server on latest version 14.2.2
    OpenVPN client 2.4.7

    ANY help is appreciated

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    8,363

    Default

    Sounds like you have the router in front doing NAT. You need a port forward rules on the TELCO Router to the Untangle and then change the hostname on the Untangle to use the Internet IP of the router in Config -> network -> hostname "Use Manually specific address". After saving, re-install OpenVPN. OpenVPN server settings should show the external IP.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    24,001

    Default

    The DMZ feature "might" forward all the ports, not all routers do this... and even when they do they often do it incorrectly. So be ready to drop DMZ in favor of explicit port forward rules. (OpenVPN needs UDP 1194 to make it to Untangle.)

    The output log you pasted shows one of the primary issues: Tue Feb 11 10:10:50 2020 TCP/UDP: Preserving recently used remote address: [AF_INET]192.168.15.2:1194

    It's connecting to Untangle's WAN IP address, which is the way it is by default and that's an internal address that will never work. That's corrected in config -> network -> hostname as indicated by jcoffin. You can put an IP address in that box, and you can put a DNS name in that box, I prefer the latter... but you have to configure DNS separately. The IP address is quicker and easier for now.

    You'll then need to remove OpenVPN from the windows client, and download a new client to reinstall it. Hopefully, it will connect after that, if it doesn't that either means your ISP router isn't actually DMZ'ing, meaning it's not actually forwarding at least UDP 1194 to Untangle or your ISP is blocking that port.

    One more thing, if your IP address with your ISP isn't static, you're going to have to go the DNS route, and get some sort of dynamic DNS online, once you get that working, you can stuff that name in the aforementioned manually specified address box to get VPN clients that will move with your Internet.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2