Changing network type from Unidentified network to Private network on an OpenVPN connection

Solution 1

Look at "TAP driver / identified vs unidentified networks" or "Vista and Windows Server 2008 - Unidentified network"

Solution 2

You have to add default gateway for OpenVPN network interface.

The way I found is adding route to target address 0.0.0.0 via network interface used OpenVPN.

In this example I have a computer with the physical interface with IP addres 10.20.20.20 in network 10.20.20.0/24 and the OpenVPN TAP interface with IP address 10.1.1.10/24 in network 10.1.1.0/24 (IP address of server on VPN network is 10.1.1.1).

1) Find out your network interfaces and information about current route to 0.0.0.0:

C:\>route print -4
===========================================================================
Interface List
 15...00 ff 6c 3f 5b 0c ......TAP-Win32 Adapter V9
 11...00 0e 0c d9 b5 c8 ......Intel(R) PRO/1000 GT Desktop Adapter
===========================================================================

IPv4 Route table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway        Interface Metric
          0.0.0.0          0.0.0.0       10.20.20.1      10.20.20.20     10
       10.20.20.0    255.255.255.0         On-link       10.20.20.20    266
...

At now we know that your OpenVPN network interface number is 15. Another important information is the metric of current route to 0.0.0.0. New route to 0.0.0.0 for OpenVPN network should have higher metric value than current to avoid redirecting whole network traffic to your OpenVPN connection instead of physical network (in case of two routes with the same routes, the route with lower metric will be chosen).

2) Add route to 0.0.0.0 via OpenVPN interface:

route -p add 0.0.0.0 mask 0.0.0.0 10.1.1.1 metric 50 if 15

This command adds route to 0.0.0.0 via interface 15 with metric at least 50 and gateway 10.1.1.1. Replace the gateway with your own (IP address of server on VPN network). And of course, replace the interface number with your own.

The -p argument adds route as permanent so it will be preserved after system reboot.

3) (Re)connect to VPN server and look into route table again:

C:\>route print -4
...
Active Routes:
Network Destination        Netmask          Gateway        Interface Metric
          0.0.0.0          0.0.0.0       10.20.20.1      10.20.20.20     10
          0.0.0.0          0.0.0.0         10.1.1.1        10.1.1.10     80
...

And network is now identified in Network and Sharing Center so the 'Set a location...' window should appear ;-)

Solution 3

I dont' know why the above solutions are so complicated, e.g. using

route add -p commands

or even adding to the OpenVPN server.conf file

route 0.0.0.0 vpn_subnet_mask default_gateway

The error could simply be solved by going to:

Control Panel\Network and Internet\Network Connections

(1)Right-click OpenVPN tun/tap interface and select Status > select Details > take note of the IPv4 DHCP Server entry. you would need to fill this in as the default gateway in (2).

(2)Right-click OpenVPN tun/tap interface and select Properties > open TCP/IPv4 properties > click Advanced. under default gateways, click add and type in exact same entry as used as DHCP server, metric 'automatic'. Now wait for the adapter to magically appear as private.

What you just did the exact same thing as the above two solutions - adding persistent routes - but this is even better - it survives restarts since it's configured in Windows. You can actually check in cmd by typing 'route print' and you'll see 1 entry added in the routing table, as well as 1 entry under persistent routes. If the metric of the new route is smaller than that of your physical adapter, redo (2) and change the metric from 'automatic' to a value higher than the physical adapter.

If your gateway (openvpn server IP) is static, adding it (2) does the job.

Related videos on Youtube