Hi, On 28/11/16 01:54, John Baker wrote: > Hi, > > I've been using openvpn with at tunnelblick client for about a decade > and I've had the server running in an OpenVZ container with Ubuntu > 14.04.5 LTS for the last couple of years. I use it constantly every > day and it's been working. > > This morning bright and early I replaced my old linux router with a > Sonicwall 4600 and then OpenVPN stopped working right. > > Symptom wise it looks like the new firewall is just coincidental > because I can see tunnel traffic coming into the server on UDP 1194 > and a little on 500 but not much comes and goes in and out of the tun > interface. I did make sure that the firewall was allowing fragmented > packets on the access rules and checked that the MTU was ok. Server > side the tun ip at 10.8.0.1 is pingable but nothing else in the > tunnel. Client side nothing is pingable and the Mac gets hung trying > to read it's routing table. But tunnleblick thinks it's connected > successfully. When I try to disconnect the client Tunnleblick says > it's successful but then whatever has happened causes the tun > interface on the server to stop answering all together and the > container has to be rebooted for it to try again. > > I updated the client and server to see if the problems went away but > no luck. The same symptoms persist no matter what. The Nat rule is in > right and the right switch is in my vz config file. Nothing changed > between last night and this morning but the firewall in between and > that seem so be passing the traffic like it's supposed to. > > I'll try windows and Linux clients tomorrow but does anybody have any > debugging suggestions that I haven't thought of? > for debugging purposes: - try switching to "mode tcp" instead of UDP - don't use "redirect-gateway" and the likes, just make sure that the tunnel is working at the IP level (i.e. client can ping the server TUN address etc).
HTH, JJK ------------------------------------------------------------------------------ _______________________________________________ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
