Re: [Openvpn-users] Relation of OpenVPN to the system's primary IP address
I understand, in this case it was a client. On Thursday, July 11, 2024 at 01:27:22 AM CDT, Bo Berglund wrote: On Thu, 11 Jul 2024 00:37:26 + (UTC), Leroy Tennison via Openvpn-users wrote: > After some testing I determined that this was my fault. i wasn't connecting > via the IP address I removed and it wasn't the default route. It was the > subnet-specific route. In order to change the IP address on a local subnet > from OpenVPN: > > > - Add the new ip first such as ip a a 192.168.1.20/24 dev eth0 (where the >current ip address is 192.168.1.10) > - Update the routing table for the local subnet such as ip r c >192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20 (src was >192.168.1.10) > - Remove the "current" ip address such as ip a d 192.168.1.10/24 dev eth0 >Hope this helps someone else avoid the same issue. Just an observation: If you are running an OpenVPN server on a server side network address starting with 192.168.1 you are in for a lot of problems depending on how you are using openvpn! If for instance you want to connect to the vpn server and use it to access the server side local network (as I am all the time) then using such an address on the local LAN will *prevent* the VPN use if you are doing this from an Internet Cafe or a hotel where they have (as very many do) NOT switched *their* local IP address from 192.169.1.x to something different. Note that most WiFi routers are defaulting to this address so if your own LAN also uses this addresss range then your hotel LAN, which you attached to, uses it and your remote home LAN uses it and there will be *no transfer* through the OpenVPN tunnel at all! There simply is no need for routing in this situation so your device will search on the hotel's internal LAN for your remote target and obviously fail! Bottom line: If your server side LAN uses 192.168.1.x as its LAN you need to change that if you want your OpenVPN server to be used while traveling. -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users ___ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Relation of OpenVPN to the system's primary IP address
On Thu, 11 Jul 2024 00:37:26 + (UTC), Leroy Tennison via Openvpn-users wrote: > After some testing I determined that this was my fault. i wasn't connecting > via the IP address I removed and it wasn't the default route. It was the > subnet-specific route. In order to change the IP address on a local subnet > from OpenVPN: > > > - Add the new ip first such as ip a a 192.168.1.20/24 dev eth0 (where the > current ip address is 192.168.1.10) > - Update the routing table for the local subnet such as ip r c > 192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20 (src was > 192.168.1.10) > - Remove the "current" ip address such as ip a d 192.168.1.10/24 dev eth0 >Hope this helps someone else avoid the same issue. Just an observation: If you are running an OpenVPN server on a server side network address starting with 192.168.1 you are in for a lot of problems depending on how you are using openvpn! If for instance you want to connect to the vpn server and use it to access the server side local network (as I am all the time) then using such an address on the local LAN will *prevent* the VPN use if you are doing this from an Internet Cafe or a hotel where they have (as very many do) NOT switched *their* local IP address from 192.169.1.x to something different. Note that most WiFi routers are defaulting to this address so if your own LAN also uses this addresss range then your hotel LAN, which you attached to, uses it and your remote home LAN uses it and there will be *no transfer* through the OpenVPN tunnel at all! There simply is no need for routing in this situation so your device will search on the hotel's internal LAN for your remote target and obviously fail! Bottom line: If your server side LAN uses 192.168.1.x as its LAN you need to change that if you want your OpenVPN server to be used while traveling. -- Bo Berglund Developer in Sweden ___ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Relation of OpenVPN to the system's primary IP address
After some testing I determined that this was my fault. i wasn't connecting
via the IP address I removed and it wasn't the default route. It was the
subnet-specific route. In order to change the IP address on a local subnet
from OpenVPN:
- Add the new ip first such as ip a a 192.168.1.20/24 dev eth0 (where the
current ip address is 192.168.1.10)
- Update the routing table for the local subnet such as ip r c
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.20 (src was
192.168.1.10)
- Remove the "current" ip address such as ip a d 192.168.1.10/24 dev eth0
Hope this helps someone else avoid the same issue.
On Monday, July 8, 2024 at 01:33:01 AM CDT, Gert Doering
wrote:
Hi,
On Sun, Jul 07, 2024 at 10:33:35PM +, Leroy Tennison via Openvpn-users
wrote:
> Was working on a remote system (a local NIC on a network not associated with
> the one I was on and the OpenVPN tun interface) with a request to change the
> local system's IP address. Fortunately I warned the remote staff that I
> might need their assistance. I added the new local IP address. When I
> removed the previous IP address I lost the OpenVPN connection. Why did that
> happen?
With this amount of Information, I would say "because the flobgobble
dingled in the wrong furbark".
As in, this is impossible to answer. Your OpenVPN connection might have
been talking ("remote 1.2.3.4") to the IP address that you removed. Or
the system had a default route via that interface's subnet, which broke
when you changed the IP.
To give a bit more meaningful advice, one would need to know more
network details, as in "from which IP/subnet to what IP/subnet did the
NIC renumber", "what IP is the OpenVPN client talking to", "if there is
NAT involved, what internal IP is the OpenVPN server IP natted to",
etc.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
___
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Relation of OpenVPN to the system's primary IP address
Thanks for replying, I'll look into the things you mentioned.
On Monday, July 8, 2024 at 01:33:01 AM CDT, Gert Doering
wrote:
Hi,
On Sun, Jul 07, 2024 at 10:33:35PM +, Leroy Tennison via Openvpn-users
wrote:
> Was working on a remote system (a local NIC on a network not associated with
> the one I was on and the OpenVPN tun interface) with a request to change the
> local system's IP address. Fortunately I warned the remote staff that I
> might need their assistance. I added the new local IP address. When I
> removed the previous IP address I lost the OpenVPN connection. Why did that
> happen?
With this amount of Information, I would say "because the flobgobble
dingled in the wrong furbark".
As in, this is impossible to answer. Your OpenVPN connection might have
been talking ("remote 1.2.3.4") to the IP address that you removed. Or
the system had a default route via that interface's subnet, which broke
when you changed the IP.
To give a bit more meaningful advice, one would need to know more
network details, as in "from which IP/subnet to what IP/subnet did the
NIC renumber", "what IP is the OpenVPN client talking to", "if there is
NAT involved, what internal IP is the OpenVPN server IP natted to",
etc.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
___
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Relation of OpenVPN to the system's primary IP address
Hi,
On Sun, Jul 07, 2024 at 10:33:35PM +, Leroy Tennison via Openvpn-users
wrote:
> Was working on a remote system (a local NIC on a network not associated with
> the one I was on and the OpenVPN tun interface) with a request to change the
> local system's IP address. Fortunately I warned the remote staff that I
> might need their assistance. I added the new local IP address. When I
> removed the previous IP address I lost the OpenVPN connection. Why did that
> happen?
With this amount of Information, I would say "because the flobgobble
dingled in the wrong furbark".
As in, this is impossible to answer. Your OpenVPN connection might have
been talking ("remote 1.2.3.4") to the IP address that you removed. Or
the system had a default route via that interface's subnet, which broke
when you changed the IP.
To give a bit more meaningful advice, one would need to know more
network details, as in "from which IP/subnet to what IP/subnet did the
NIC renumber", "what IP is the OpenVPN client talking to", "if there is
NAT involved, what internal IP is the OpenVPN server IP natted to",
etc.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
___
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users
Re: [Openvpn-users] Relation of OpenVPN to the system's primary IP address
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi On Sunday, 7 July 2024 at 23:33, Leroy Tennison via Openvpn-users wrote: > Was working on a remote system (a local NIC on a network not associated with > the one I was on and the OpenVPN tun interface) with a request to change the > local system's IP address. Fortunately I warned the remote staff that I > might need their assistance. I added the new local IP address. When I > removed the previous IP address I lost the OpenVPN connection. Why did that > happen? You manually changed your [Unidentified OS] "system primary IP address", while Openvpn was running an established tunnel, and the VPN was subsequently dropped. Now, you want to know why the tunnel went down, is that correct ? -BEGIN PGP SIGNATURE- Version: ProtonMail wsBzBAEBCAAnBYJmizx7CZBPl5z2a5C4nRYhBAm8PURno41yecVVVU+XnPZr kLidAAC6DwgAo1qW+DWaR5vbSRHA+cM7zHAILa5gklGlM+NYCx9m3RfIBv+i i03IOzK1blPhXVXQJZTFyX4thD0qo5U+JmGAFAxpBBoG/3ENsIHXhQOMSTqY jU/slfpKXebUKjHL9Yw6shHb01RZWgDyjjtlMUsZKPjpy8EgjREoK3TGInAU th+EhlsTQR6v+GKwaP2C9r7Gaii27+t79bC6VwIa8uoS7RZuvvnJHKdteo1k fQ62Ilty7U8AhNDi7kyFRAma6V98dj2vIqljlZtlFbOr83kK7uZOAkhKtPMB iJKyrrwRI9IHkAjK42SHqX877ZT2ww9p36r1yuYgIbMaK71Qxf4t2g== =/JOr -END PGP SIGNATURE- publickey - [email protected] - 0x09BC3D44.asc Description: application/pgp-keys publickey - [email protected] - 0x09BC3D44.asc.sig Description: PGP signature ___ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
[Openvpn-users] Relation of OpenVPN to the system's primary IP address
Was working on a remote system (a local NIC on a network not associated with the one I was on and the OpenVPN tun interface) with a request to change the local system's IP address. Fortunately I warned the remote staff that I might need their assistance. I added the new local IP address. When I removed the previous IP address I lost the OpenVPN connection. Why did that happen?___ Openvpn-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-users
