[Openvpn-users] Win10 default gateway not being redirected

David Mehler Mon, 24 Apr 2017 07:10:16 -0700

Hello,

I'm running 2.4 versions of Openvpn on both the server and a windows client.


I'm wanting to route all traffic through the vpn. I've got this on the server:

push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"

The Dns server push is working on the client. Here's the client's ipconfig /all

Is there something special I have to do to get this going on win10?

Thanks.
Dave.

ipconfig:

Windows IP Configuration

   Host Name . . . . . . . . . . . . : kraken
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . :

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-5D-7E-85-66
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 192.168.0.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Monday, April 24, 2017 9:51:29 AM
   Lease Expires . . . . . . . . . . : Tuesday, April 24, 2018 9:51:29 AM
   Default Gateway . . . . . . . . . :
   DHCP Server . . . . . . . . . . . : 192.168.0.254
   DNS Servers . . . . . . . . . . . : 208.67.222.222
                                       208.67.220.220
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wi-Fi 2:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NETGEAR WNA1000M N150 Wireless
USB Micro Adapter #2
   Physical Address. . . . . . . . . : 84-1B-5E-97-85-4E
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::7425:96fc:f2eb:1dcb%24(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.97(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, April 21, 2017 9:31:55 PM
   Lease Expires . . . . . . . . . . : Tuesday, April 25, 2017 5:40:48 AM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 478419806
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1C-A9-12-FF-90-2B-34-98-ED-D7
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   Primary WINS Server . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled


on the client here's the log:
Mon Apr 24 09:51:27 2017 OpenVPN 2.4.1 x86_64-w64-mingw32 [SSL
(OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Mar 22 2017
Mon Apr 24 09:51:27 2017 Windows version 6.2 (Windows 8 or greater) 64bit
Mon Apr 24 09:51:27 2017 library versions: OpenSSL 1.0.2k  26 Jan 2017, LZO 2.09
Enter Management Password:
Mon Apr 24 09:51:27 2017 MANAGEMENT: TCP Socket listening on
[AF_INET]127.0.0.1:25340
Mon Apr 24 09:51:27 2017 Need hold release from management interface, waiting...
Mon Apr 24 09:51:27 2017 MANAGEMENT: Client connected from
[AF_INET]127.0.0.1:25340
Mon Apr 24 09:51:27 2017 MANAGEMENT: CMD 'state on'
Mon Apr 24 09:51:27 2017 MANAGEMENT: CMD 'log all on'
Mon Apr 24 09:51:27 2017 MANAGEMENT: CMD 'echo all on'
Mon Apr 24 09:51:27 2017 MANAGEMENT: CMD 'hold off'
Mon Apr 24 09:51:27 2017 MANAGEMENT: CMD 'hold release'
Mon Apr 24 09:51:27 2017 MANAGEMENT: CMD 'password [...]'
Mon Apr 24 09:51:27 2017 WARNING: this configuration may cache
passwords in memory -- use the auth-nocache option to prevent this
Mon Apr 24 09:51:27 2017 Outgoing Control Channel Encryption: Cipher
'AES-256-CTR' initialized with 256 bit key
Mon Apr 24 09:51:27 2017 Outgoing Control Channel Encryption: Using
256 bit message hash 'SHA256' for HMAC authentication
Mon Apr 24 09:51:27 2017 Incoming Control Channel Encryption: Cipher
'AES-256-CTR' initialized with 256 bit key
Mon Apr 24 09:51:27 2017 Incoming Control Channel Encryption: Using
256 bit message hash 'SHA256' for HMAC authentication
Mon Apr 24 09:51:27 2017 TCP/UDP: Preserving recently used remote
address: [AF_INET]xxx.xxx.xxx.xxx:1194
Mon Apr 24 09:51:27 2017 Socket Buffers: R=[65536->262144] S=[65536->262144]
Mon Apr 24 09:51:27 2017 UDPv4 link local: (not bound)
Mon Apr 24 09:51:27 2017 UDPv4 link remote: [AF_INET]xxx.xxx.xxx.xxx:1194
Mon Apr 24 09:51:27 2017 MANAGEMENT: >STATE:1493041887,WAIT,,,,,,
Mon Apr 24 09:51:27 2017 MANAGEMENT: >STATE:1493041887,AUTH,,,,,,
Mon Apr 24 09:51:27 2017 TLS: Initial packet from
[AF_INET]xxx.xxx.xxx.xxx:1194, sid=0fc86e45 2516db19
Mon Apr 24 09:51:28 2017 VERIFY OK: depth=1, CN=Easy-RSA CA
Mon Apr 24 09:51:28 2017 VERIFY KU OK
Mon Apr 24 09:51:28 2017 Validating certificate extended key usage
Mon Apr 24 09:51:28 2017 ++ Certificate has EKU (str) TLS Web Server
Authentication, expects TLS Web Server Authentication
Mon Apr 24 09:51:28 2017 VERIFY EKU OK
Mon Apr 24 09:51:28 2017 VERIFY OK: depth=0, CN=openvpn-server
Mon Apr 24 09:51:28 2017 Control Channel: TLSv1.2, cipher TLSv1/SSLv3
ECDHE-RSA-AES128-GCM-SHA256, 4096 bit RSA
Mon Apr 24 09:51:28 2017 [openvpn-server] Peer Connection Initiated
with [AF_INET]xxx.xxx.xxx.xxx:1194
Mon Apr 24 09:51:29 2017 MANAGEMENT: >STATE:1493041889,GET_CONFIG,,,,,,
Mon Apr 24 09:51:29 2017 SENT CONTROL [openvpn-server]: 'PUSH_REQUEST'
(status=1)
Mon Apr 24 09:51:29 2017 PUSH: Received control message:
'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS
208.67.222.222,dhcp-option DNS 208.67.220.220,comp-lzo
no,route-gateway 192.168.0.1,topology subnet,ping 10,ping-restart
120,ifconfig 192.168.0.2 255.255.255.0,peer-id 0,cipher AES-256-GCM'
Mon Apr 24 09:51:29 2017 OPTIONS IMPORT: timers and/or timeouts modified
Mon Apr 24 09:51:29 2017 OPTIONS IMPORT: compression parms modified
Mon Apr 24 09:51:29 2017 OPTIONS IMPORT: --ifconfig/up options modified
Mon Apr 24 09:51:29 2017 OPTIONS IMPORT: route options modified
Mon Apr 24 09:51:29 2017 OPTIONS IMPORT: route-related options modified
Mon Apr 24 09:51:29 2017 OPTIONS IMPORT: --ip-win32 and/or
--dhcp-option options modified
Mon Apr 24 09:51:29 2017 OPTIONS IMPORT: peer-id set
Mon Apr 24 09:51:29 2017 OPTIONS IMPORT: adjusting link_mtu to 1625
Mon Apr 24 09:51:29 2017 OPTIONS IMPORT: data channel crypto options modified
Mon Apr 24 09:51:29 2017 Data Channel Encrypt: Cipher 'AES-256-GCM'
initialized with 256 bit key
Mon Apr 24 09:51:29 2017 Data Channel Decrypt: Cipher 'AES-256-GCM'
initialized with 256 bit key
Mon Apr 24 09:51:29 2017 interactive service msg_channel=0
Mon Apr 24 09:51:29 2017 ROUTE_GATEWAY 192.168.2.1/255.255.255.0 I=24
HWADDR=84:1b:5e:97:85:4e
Mon Apr 24 09:51:29 2017 open_tun
Mon Apr 24 09:51:29 2017 TAP-WIN32 device [Ethernet] opened:
\\.\Global\{5D7E8566-0F0D-4622-839F-E28A4D26E86E}.tap
Mon Apr 24 09:51:29 2017 TAP-Windows Driver Version 9.21
Mon Apr 24 09:51:29 2017 Set TAP-Windows TUN subnet mode
network/local/netmask = 192.168.0.0/192.168.0.2/255.255.255.0
[SUCCEEDED]
Mon Apr 24 09:51:29 2017 Notified TAP-Windows driver to set a DHCP
IP/netmask of 192.168.0.2/255.255.255.0 on interface
{5D7E8566-0F0D-4622-839F-E28A4D26E86E} [DHCP-serv: 192.168.0.254,
lease-time: 31536000]
Mon Apr 24 09:51:29 2017 Successful ARP Flush on interface [11]
{5D7E8566-0F0D-4622-839F-E28A4D26E86E}
Mon Apr 24 09:51:29 2017 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Mon Apr 24 09:51:29 2017 MANAGEMENT:
>STATE:1493041889,ASSIGN_IP,,192.168.0.2,,,,
Mon Apr 24 09:51:34 2017 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Mon Apr 24 09:51:34 2017 C:\WINDOWS\system32\route.exe ADD
xxx.xxx.xxx.xxx MASK 255.255.255.255 192.168.2.1
Mon Apr 24 09:51:34 2017 env_block: add
PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Mon Apr 24 09:51:34 2017 C:\WINDOWS\system32\route.exe ADD 0.0.0.0
MASK 128.0.0.0 192.168.0.1
Mon Apr 24 09:51:34 2017 env_block: add
PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Mon Apr 24 09:51:34 2017 C:\WINDOWS\system32\route.exe ADD 128.0.0.0
MASK 128.0.0.0 192.168.0.1
Mon Apr 24 09:51:34 2017 env_block: add
PATH=C:\WINDOWS\System32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
Mon Apr 24 09:51:34 2017 Initialization Sequence Completed
Mon Apr 24 09:51:34 2017 MANAGEMENT:
>STATE:1493041894,CONNECTED,SUCCESS,192.168.0.2,xxx.xxx.xxx.xxx,1194,,


Thanks.
Dave.

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] Win10 default gateway not being redirected

Reply via email to