You are not logged in.

Pages: 1

#1 2010-02-14 00:20:40

Daan
Member
Registered: 2009-01-05
Posts: 14
Website

[SOLVED] OpenVPN default gateway.

hi.. i'm trying to set up an openvnpn connection - everything is ok, tap0 is created and i can ping all of the machines in private network
but how do i have to setup routing? i want all of the traffic through tap0, not eth0.

route -n

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.10.66.0      0.0.0.0         255.255.255.0   U     0      0        0 tap0
192.168.0.0     0.0.0.0         255.255.255.0   U     202    0        0 eth0
0.0.0.0         192.168.0.1     0.0.0.0         UG    202    0        0 eth0

when i'll do

route add default gw 10.10.66.1 dev tap0

and try to ping another machine (default gateway for example), i get:

PING 10.10.66.1 (10.10.66.1) 56(84) bytes of data.
From 10.10.66.25 icmp_seq=1 Destination Host Unreachable
From 10.10.66.25 icmp_seq=2 Destination Host Unreachable

/var/logs/daemon.log

Feb 14 01:08:32 st3g4n0 openvpn[5941]: NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Feb 14 01:08:32 st3g4n0 openvpn[5942]: UDPv4 link local (bound): [undef]:5200
Feb 14 01:08:32 st3g4n0 openvpn[5942]: UDPv4 link remote: 92.240.234.37:5200
Feb 14 01:08:33 st3g4n0 openvpn[5942]: [vpn] Peer Connection Initiated with 92.240.234.37:5200
Feb 14 01:08:35 st3g4n0 openvpn[5942]: TUN/TAP device tap0 opened
Feb 14 01:08:35 st3g4n0 openvpn[5942]: /sbin/ifconfig tap0 10.10.66.25 netmask 255.255.255.0 mtu 1500 broadcast 10.10.66.255
Feb 14 01:08:35 st3g4n0 openvpn[5942]: Initialization Sequence Completed
Feb 14 01:09:17 st3g4n0 openvpn[5942]: read UDPv4 [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH]: No route to host (code=113)
Feb 14 01:09:21 st3g4n0 openvpn[5942]: read UDPv4 [EHOSTUNREACH]: No route to host (code=113)
Feb 14 01:09:24 st3g4n0 openvpn[5942]: read UDPv4 [EHOSTUNREACH|EHOSTUNREACH]: No route to host (code=113)
Feb 14 01:09:31 st3g4n0 openvpn[5942]: read UDPv4 [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH]: No route to host (code=113)
Feb 14 01:09:38 st3g4n0 openvpn[5942]: read UDPv4 [EHOSTUNREACH|EHOSTUNREACH]: No route to host (code=113)
Feb 14 01:09:54 st3g4n0 openvpn[5942]: read UDPv4 [EHOSTUNREACH|EHOSTUNREACH|EHOSTUNREACH]: No route to host (code=113)
Feb 14 01:10:28 st3g4n0 openvpn[5942]: read UDPv4 [EHOSTUNREACH|EHOSTUNREACH]: No route to host (code=113)

thanks in advance.

Last edited by Daan (2010-02-14 14:21:12)

Any sufficiently advanced technology is indistinguishable from magic.

Offline

#2 2010-02-14 03:36:17

Sin.citadel
Member
Registered: 2008-01-22
Posts: 267

Re: [SOLVED] OpenVPN default gateway.

Did you try using TCP for VPN.

Offline

#3 2010-02-14 06:17:57

Daan
Member
Registered: 2009-01-05
Posts: 14
Website

Re: [SOLVED] OpenVPN default gateway.

Yes, in that case the VPN isn't established at all.

Any sufficiently advanced technology is indistinguishable from magic.

Offline

#4 2010-02-14 13:28:58

Sin.citadel
Member
Registered: 2008-01-22
Posts: 267

Re: [SOLVED] OpenVPN default gateway.

when the vpn connection is established, and you add the default route entry, all traffic goes through the tap0 device, that includes the connection traffic for the vpn itself. so be changing the default route, the vpn connection breaks resulting in destination host unreachable.

try connecting to the vpn, but dont add a default route to it, and ping 10.10.66.1 and see if u can get a reply

Offline

#5 2010-02-14 14:20:46

Daan
Member
Registered: 2009-01-05
Posts: 14
Website

Re: [SOLVED] OpenVPN default gateway.

problem solved.

routing table have to look like this:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
<public-openvpn-ip>   192.168.0.1     255.255.255.255 UGH   0      0        0 eth0
10.10.66.0      0.0.0.0         255.255.255.0   U     0      0        0 tap0
192.168.0.0     0.0.0.0         255.255.255.0   U     202    0        0 eth0
0.0.0.0         10.10.66.1      0.0.0.0         UG    0      0        0 tap0
0.0.0.0         192.168.0.1     0.0.0.0         UG    202    0        0 eth0

so, one can just do

route add -net <public-openvpn-ip> netmask 255.255.255.255 gw 192.168.0.1 dev eth0
route add default gw 10.10.66.1 dev tap0

and all of the traffic is now going through the virtual private tap0 interface. \o/

p.s.

192.168.0.0/24 - local network
10.10.66.0/24 - private network (openvpn)

Any sufficiently advanced technology is indistinguishable from magic.

Offline

#6 2011-10-31 14:05:50

Aas
Member
Registered: 2009-10-27
Posts: 9

Re: [SOLVED] OpenVPN default gateway.

Sorry to kick old things, but I have the same problem.

This has to be done on server or client side?

Offline

Pages: 1

Board footer

Powered by FluxBB