OpenVPN route missing

ubuntu openvpn
18,357

Solution 1

Your client config mentions server-bridge, so you are running a DHCP server which is bridged on the server-side. The DHCP server should provide the client with an IP address and a subnet. The client should then automatically route all traffic over this subnet through the VPN interface. I therefore think that your route command is redundant and you can just as well remove it.

Also, you mention your network is 10.0.0.0/8, but your config says push "route 10.0.0.1 255.255.0.0" which is /16.

You probably don't need to set a gateway if you don't route within 10.0.0.0/8, and if you do you can set it using the DHCP server. Manually setting the IP address using ifconfig should not be necessary either.

Solution 2

I'd look at 2 things. First, check your OpenVPN logs, that'll give you more information. I'm going from memory but I think it'll be in ~.

Also, check the Ubuntu firewall settings to be sure that this traffic can get through.

iptables -L

That'll show you the current set of rules.

-- edit

Your log files show that you don't have a gateway defined. According to OpenVPN docs you need to create a config.ovpn file and specify its location.

openvpn --config client.ovpn

You'll address the gateway issue by specifying the route, which is done by including these lines (updated to your network settings, of course). [Source]

ifconfig 10.0.X.X 255.255.255.0

route-gateway 10.0.0.1

Also, its considered bad form or a faux pas to post your question in two Stack Exchange forums.

Share:
18,357

Related videos on Youtube

dajuric
Author by

dajuric

Updated on September 18, 2022

Comments

  • dajuric
    dajuric over 1 year

    I can connect to an OpenVPN server from Windows without any problems.

    But when I try to connect from Ubuntu 12.04 (start OpenVPN) I receive the following:

    OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options

    SERVER IP: 161.53.X.X internal network: 10.0.0.0 / 8

    What I need to do ?

    client configuration:

    client
dev tap
proto udp
remote 161.53.X.X 1194
resolv-retry infinite
nobind

ca ca.crt
cert client.crt
key client.key

ns-cert-type server

comp-lzo

    verb 3 server conf:

    local 161.53.X.X
 port 1194
 proto udp

 dev tap
 dev-node OpenVPN

 ca ca.crt
 cert server.crt
 key server.key  # This file should be kept secret

 dh dh1024.pem

 # DHCP leases addresses to clients
 server-bridge

 # Push routes to the client to allow it
 # to reach other private subnets behind
 # the server.  Remember that these
 # private subnets will also need
 # to know to route the OpenVPN client
 # address pool (10.8.0.0/255.255.255.0)
 # back to the OpenVPN server.
 push "route 10.0.0.1 255.255.0.0"

 client-to-client

 duplicate-cn

 keepalive 10 120

 comp-lzo
 verb 6

    log from Ubuntu client:

    [Server] Peer Connection Initiated with [AF_INET]161.53.XX.XX:1194

    SENT CONTROL [Server]: 'PUSH_REQUEST' (status=1)

    PUSH: Received control message: 'PUSH_REPLY,route 10.0.0.1 255.0.0.0,redirect-gateway def1,route-gateway dhcp,ping 10,ping-restart 120'

    OPTIONS IMPORT: timers and/or timeouts modified

    OPTIONS IMPORT: route options modified

    OPTIONS IMPORT: route-related options modified

    ROUTE default_gateway=161.53.XX.1

    OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options

    OpenVPN ROUTE: failed to parse/resolve route for host/network: 10.0.0.1

    TUN/TAP device tap0 opened

    TUN/TAP TX queue length set to 100

    NOTE: unable to redirect default gateway -- VPN gateway parameter (--route-gateway or --ifconfig) is missing

    Initialization Sequence Completed

  • dajuric
    dajuric almost 11 years
    When I run iptables-L everything is accepted (there is no DROP rule).
  • dajuric
    dajuric almost 11 years
    Why Windows client successfully extracts address from DHCP server and Linux client don't ? Is there something wrong with a gateway (do I need to tell the client what is gateway - look the log above) ?
  • Lenwood
    Lenwood almost 11 years
    This is most likely an configuration issue with your Ubuntu system. I doubt that it has anything to do with your network or the OpenVPN system itself. See my updated solution for more info.
  • dajuric
    dajuric almost 11 years
    Yes, those instructions that you wrote say that I want to set my IP address. Right ? But my address need to be leased from DHCP. When a client is connected to a server, internal DHCP leases address for it. That works for Windows, but not for any Ubuntu that I have tried.
  • Lenwood
    Lenwood almost 11 years
    The gateway address will never change. For your network that should be 10.0.0.1 (according to your file above). For the computer's IP address, you have 2 ways to go. First, you could reserve an IP address for your Ubuntu machine (this is what I do for wifi printers on my network). Or second, you could write a script that detects your IP then updates this text file. If I were you I'd go with the first option. Choose an IP toward the end of the available range to ensure that there won't be any conflicts. Ubuntu is fantastic, but it can definitely take more effort to configure.
  • dajuric
    dajuric about 10 years
    Thank you! I already solved the problem, but still thank you for the answer.
  • Gustavo Rubio
    Gustavo Rubio over 9 years
    @dajuric How did you solved it? I'm struggling myself too with OpenSuSE, same issue

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to configure ufw-firewall for OpenVPN
minidlna + OpenVPN = Can't see DLNA server on VPN
How to start 2FA-using OpenVPN with systemd?
Multiple OpenVPN connections from one client to one server - connection reset
VPN on Ubuntu server
OpenVPN - Ubuntu 10.04 - Client Can't Connect to Server - Linux Route Add Command Failed
How to autostart OpenVPN (client) on Ubuntu 12.04 CLI?
"Waiting for server response" on OpenVPN
OpenVPN - Connects but no internet on Linux, works perfectly on Windows
Sending Packets to tap0 interface