Guys,
I'm testing OpenVPN on pfSense 1.2RC1 and Windows XP SP2 with OpenVPN
GUI 2.0.9.
I follow instruction from:
http://doc.pfsense.org/index.php/VPN_Capability_OpenVPN
http://www.uplinksecurity.de/data/pfsense-ovpn.pdf
WAN: x.x.232.50/29, LAN: 172.16.4.252/16
OpenVPN: dynamic ip: on, protocol: UDP, port: 1194, address pool:
172.16.100.0/24, local network: 172.16.4.0/24, client-to-client: on,
authentication: PKI, dns: 172.16.4.52;172.16.4.16, wins:
172.16.4.5;172.16.4.6, ntp: 172.16.4.52, netbios type: h-node, lzo: on,
custom options: push "redirect-gateway".
I only open UDP 1194 in my WAN rules, uncheck block private networks on
WAN interfaces and unchanged default LAN rules.
Activated advanced outbond nat (AON) in NAT with only auto created rules.
My openvpn client config like this:
float
port 1194
dev tun
dev-node OpenVPN
proto udp
remote x.x.232.50 1194
ping 30
persist-tun
persist-key
tls-client
ca ca.crt
cert client-test.crt
key client-test.key
ns-cert-type server
comp-lzo
pull
route-method exe
route-delay 5
verb 4
I'm trying to connect and succesful with the log like this:
Wed Aug 15 01:26:48 2007 us=267463 Current Parameter Settings:
Wed Aug 15 01:26:48 2007 us=267541 config = 'test.ovpn'
Wed Aug 15 01:26:48 2007 us=267553 mode = 0
Wed Aug 15 01:26:48 2007 us=267565 show_ciphers = DISABLED
Wed Aug 15 01:26:48 2007 us=267575 show_digests = DISABLED
Wed Aug 15 01:26:48 2007 us=267586 show_engines = DISABLED
Wed Aug 15 01:26:48 2007 us=267597 genkey = DISABLED
Wed Aug 15 01:26:48 2007 us=267609 key_pass_file = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=267621 show_tls_ciphers = DISABLED
Wed Aug 15 01:26:48 2007 us=267632 proto = 0
Wed Aug 15 01:26:48 2007 us=267643 local = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=267656 remote_list[0] = {'x.x.232.50', 1194}
Wed Aug 15 01:26:48 2007 us=267668 remote_random = DISABLED
Wed Aug 15 01:26:48 2007 us=267681 local_port = 1194
Wed Aug 15 01:26:48 2007 us=267692 remote_port = 1194
Wed Aug 15 01:26:48 2007 us=267704 remote_float = ENABLED
Wed Aug 15 01:26:48 2007 us=267715 ipchange = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=267725 bind_local = ENABLED
Wed Aug 15 01:26:48 2007 us=267736 dev = 'tun'
Wed Aug 15 01:26:48 2007 us=267747 dev_type = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=267758 dev_node = 'OpenVPN'
Wed Aug 15 01:26:48 2007 us=267768 tun_ipv6 = DISABLED
Wed Aug 15 01:26:48 2007 us=267780 ifconfig_local = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=267791 ifconfig_remote_netmask = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=267803 ifconfig_noexec = DISABLED
Wed Aug 15 01:26:48 2007 us=267814 ifconfig_nowarn = DISABLED
Wed Aug 15 01:26:48 2007 us=267824 shaper = 0
Wed Aug 15 01:26:48 2007 us=267835 tun_mtu = 1500
Wed Aug 15 01:26:48 2007 us=267846 tun_mtu_defined = ENABLED
Wed Aug 15 01:26:48 2007 us=267857 link_mtu = 1500
Wed Aug 15 01:26:48 2007 us=267868 link_mtu_defined = DISABLED
Wed Aug 15 01:26:48 2007 us=267879 tun_mtu_extra = 0
Wed Aug 15 01:26:48 2007 us=267890 tun_mtu_extra_defined = DISABLED
Wed Aug 15 01:26:48 2007 us=267901 fragment = 0
Wed Aug 15 01:26:48 2007 us=267911 mtu_discover_type = -1
Wed Aug 15 01:26:48 2007 us=267922 mtu_test = 0
Wed Aug 15 01:26:48 2007 us=267933 mlock = DISABLED
Wed Aug 15 01:26:48 2007 us=267943 keepalive_ping = 0
Wed Aug 15 01:26:48 2007 us=267954 keepalive_timeout = 0
Wed Aug 15 01:26:48 2007 us=267965 inactivity_timeout = 0
Wed Aug 15 01:26:48 2007 us=267985 ping_send_timeout = 30
Wed Aug 15 01:26:48 2007 us=268003 ping_rec_timeout = 120
Wed Aug 15 01:26:48 2007 us=268015 ping_rec_timeout_action = 2
Wed Aug 15 01:26:48 2007 us=268027 ping_timer_remote = DISABLED
Wed Aug 15 01:26:48 2007 us=268037 remap_sigusr1 = 0
Wed Aug 15 01:26:48 2007 us=268048 explicit_exit_notification = 0
Wed Aug 15 01:26:48 2007 us=268059 persist_tun = ENABLED
Wed Aug 15 01:26:48 2007 us=268070 persist_local_ip = DISABLED
Wed Aug 15 01:26:48 2007 us=268081 persist_remote_ip = DISABLED
Wed Aug 15 01:26:48 2007 us=268092 persist_key = ENABLED
Wed Aug 15 01:26:48 2007 us=268103 mssfix = 1450
Wed Aug 15 01:26:48 2007 us=268114 resolve_retry_seconds = 1000000000
Wed Aug 15 01:26:48 2007 us=268125 connect_retry_seconds = 5
Wed Aug 15 01:26:48 2007 us=268135 username = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=268146 groupname = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=268157 chroot_dir = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=268168 cd_dir = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=268179 writepid = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=268190 up_script = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=268201 down_script = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=268211 down_pre = DISABLED
Wed Aug 15 01:26:48 2007 us=268222 up_restart = DISABLED
Wed Aug 15 01:26:48 2007 us=268232 up_delay = DISABLED
Wed Aug 15 01:26:48 2007 us=268243 daemon = DISABLED
Wed Aug 15 01:26:48 2007 us=268253 inetd = 0
Wed Aug 15 01:26:48 2007 us=268263 log = DISABLED
Wed Aug 15 01:26:48 2007 us=268274 suppress_timestamps = DISABLED
Wed Aug 15 01:26:48 2007 us=268285 nice = 0
Wed Aug 15 01:26:48 2007 us=268295 verbosity = 4
Wed Aug 15 01:26:48 2007 us=451234 mute = 0
Wed Aug 15 01:26:48 2007 us=451260 gremlin = 0
Wed Aug 15 01:26:48 2007 us=451271 status_file = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=451282 status_file_version = 1
Wed Aug 15 01:26:48 2007 us=451292 status_file_update_freq = 60
Wed Aug 15 01:26:48 2007 us=451302 occ = ENABLED
Wed Aug 15 01:26:48 2007 us=451312 rcvbuf = 0
Wed Aug 15 01:26:48 2007 us=451322 sndbuf = 0
Wed Aug 15 01:26:48 2007 us=451333 socks_proxy_server = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=451359 socks_proxy_port = 0
Wed Aug 15 01:26:48 2007 us=451369 socks_proxy_retry = DISABLED
Wed Aug 15 01:26:48 2007 us=451379 fast_io = DISABLED
Wed Aug 15 01:26:48 2007 us=451389 comp_lzo = ENABLED
Wed Aug 15 01:26:48 2007 us=451399 comp_lzo_adaptive = ENABLED
Wed Aug 15 01:26:48 2007 us=451409 route_script = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=451420 route_default_gateway = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=451431 route_noexec = DISABLED
Wed Aug 15 01:26:48 2007 us=460469 route_delay = 5
Wed Aug 15 01:26:48 2007 us=460494 route_delay_window = 30
Wed Aug 15 01:26:48 2007 us=460506 route_delay_defined = ENABLED
Wed Aug 15 01:26:48 2007 us=460517 management_addr = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=460528 management_port = 0
Wed Aug 15 01:26:48 2007 us=460538 management_user_pass = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=460550 management_log_history_cache = 250
Wed Aug 15 01:26:48 2007 us=460561 management_echo_buffer_size = 100
Wed Aug 15 01:26:48 2007 us=460572 management_query_passwords = DISABLED
Wed Aug 15 01:26:48 2007 us=460583 management_hold = DISABLED
Wed Aug 15 01:26:48 2007 us=460594 shared_secret_file = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=460604 key_direction = 0
Wed Aug 15 01:26:48 2007 us=460615 ciphername_defined = ENABLED
Wed Aug 15 01:26:48 2007 us=460625 ciphername = 'BF-CBC'
Wed Aug 15 01:26:48 2007 us=460635 authname_defined = ENABLED
Wed Aug 15 01:26:48 2007 us=460646 authname = 'SHA1'
Wed Aug 15 01:26:48 2007 us=482795 keysize = 0
Wed Aug 15 01:26:48 2007 us=482822 engine = DISABLED
Wed Aug 15 01:26:48 2007 us=482842 replay = ENABLED
Wed Aug 15 01:26:48 2007 us=482854 mute_replay_warnings = DISABLED
Wed Aug 15 01:26:48 2007 us=482865 replay_window = 64
Wed Aug 15 01:26:48 2007 us=482875 replay_time = 15
Wed Aug 15 01:26:48 2007 us=482885 packet_id_file = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=482896 use_iv = ENABLED
Wed Aug 15 01:26:48 2007 us=482906 test_crypto = DISABLED
Wed Aug 15 01:26:48 2007 us=482915 tls_server = DISABLED
Wed Aug 15 01:26:48 2007 us=482926 tls_client = ENABLED
Wed Aug 15 01:26:48 2007 us=482936 key_method = 2
Wed Aug 15 01:26:48 2007 us=482947 ca_file = 'ca.crt'
Wed Aug 15 01:26:48 2007 us=482957 dh_file = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=482968 cert_file = 'client-test.crt'
Wed Aug 15 01:26:48 2007 us=482978 priv_key_file = 'client-test.key'
Wed Aug 15 01:26:48 2007 us=482990 pkcs12_file = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=503821 cryptoapi_cert = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=503850 cipher_list = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=503864 tls_verify = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=503874 tls_remote = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=503884 crl_file = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=503895 ns_cert_type = 64
Wed Aug 15 01:26:48 2007 us=503905 tls_timeout = 2
Wed Aug 15 01:26:48 2007 us=503915 renegotiate_bytes = 0
Wed Aug 15 01:26:48 2007 us=503925 renegotiate_packets = 0
Wed Aug 15 01:26:48 2007 us=503936 renegotiate_seconds = 3600
Wed Aug 15 01:26:48 2007 us=503947 handshake_window = 60
Wed Aug 15 01:26:48 2007 us=503957 transition_window = 3600
Wed Aug 15 01:26:48 2007 us=503967 single_session = DISABLED
Wed Aug 15 01:26:48 2007 us=503977 tls_exit = DISABLED
Wed Aug 15 01:26:48 2007 us=503988 tls_auth_file = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=504022 server_network = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=526191 server_netmask = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=526221 server_bridge_ip = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=526234 server_bridge_netmask = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=526247 server_bridge_pool_start = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=526259 server_bridge_pool_end = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=526271 ifconfig_pool_defined = DISABLED
Wed Aug 15 01:26:48 2007 us=526285 ifconfig_pool_start = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=526297 ifconfig_pool_end = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=526308 ifconfig_pool_netmask = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=526321 ifconfig_pool_persist_filename =
'[UNDEF]'
Wed Aug 15 01:26:48 2007 us=526333 ifconfig_pool_persist_refresh_freq
= 600
Wed Aug 15 01:26:48 2007 us=526344 ifconfig_pool_linear = DISABLED
Wed Aug 15 01:26:48 2007 us=526355 n_bcast_buf = 256
Wed Aug 15 01:26:48 2007 us=526365 tcp_queue_limit = 64
Wed Aug 15 01:26:48 2007 us=526376 real_hash_size = 256
Wed Aug 15 01:26:48 2007 us=553669 virtual_hash_size = 256
Wed Aug 15 01:26:48 2007 us=553698 client_connect_script = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=553711 learn_address_script = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=553723 client_disconnect_script = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=553734 client_config_dir = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=553744 ccd_exclusive = DISABLED
Wed Aug 15 01:26:48 2007 us=553755 tmp_dir = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=553766 push_ifconfig_defined = DISABLED
Wed Aug 15 01:26:48 2007 us=553782 push_ifconfig_local = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=553794 push_ifconfig_remote_netmask = 0.0.0.0
Wed Aug 15 01:26:48 2007 us=553806 enable_c2c = DISABLED
Wed Aug 15 01:26:48 2007 us=553816 duplicate_cn = DISABLED
Wed Aug 15 01:26:48 2007 us=553826 cf_max = 0
Wed Aug 15 01:26:48 2007 us=553836 cf_per = 0
Wed Aug 15 01:26:48 2007 us=553847 max_clients = 1024
Wed Aug 15 01:26:48 2007 us=576603 max_routes_per_client = 256
Wed Aug 15 01:26:48 2007 us=576632 client_cert_not_required = DISABLED
Wed Aug 15 01:26:48 2007 us=576645 username_as_common_name = DISABLED
Wed Aug 15 01:26:48 2007 us=576659 auth_user_pass_verify_script =
'[UNDEF]'
Wed Aug 15 01:26:48 2007 us=576673
auth_user_pass_verify_script_via_file = DISABLED
Wed Aug 15 01:26:48 2007 us=576684 client = DISABLED
Wed Aug 15 01:26:48 2007 us=576694 pull = ENABLED
Wed Aug 15 01:26:48 2007 us=576704 auth_user_pass_file = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=576721 show_net_up = DISABLED
Wed Aug 15 01:26:48 2007 us=576732 route_method = 1
Wed Aug 15 01:26:48 2007 us=576742 ip_win32_defined = DISABLED
Wed Aug 15 01:26:48 2007 us=576753 ip_win32_type = 3
Wed Aug 15 01:26:48 2007 us=576764 dhcp_masq_offset = 0
Wed Aug 15 01:26:48 2007 us=576775 dhcp_lease_time = 31536000
Wed Aug 15 01:26:48 2007 us=576786 tap_sleep = 0
Wed Aug 15 01:26:48 2007 us=603107 dhcp_options = DISABLED
Wed Aug 15 01:26:48 2007 us=603136 dhcp_renew = DISABLED
Wed Aug 15 01:26:48 2007 us=603147 dhcp_pre_release = DISABLED
Wed Aug 15 01:26:48 2007 us=603158 dhcp_release = DISABLED
Wed Aug 15 01:26:48 2007 us=603168 domain = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=603178 netbios_scope = '[UNDEF]'
Wed Aug 15 01:26:48 2007 us=603188 netbios_node_type = 0
Wed Aug 15 01:26:48 2007 us=603198 disable_nbt = DISABLED
Wed Aug 15 01:26:48 2007 us=603229 OpenVPN 2.0.9 Win32-MinGW [SSL] [LZO]
built on Oct 1 2006
Wed Aug 15 01:26:48 2007 us=658102 LZO compression initialized
Wed Aug 15 01:26:48 2007 us=658260 Control Channel MTU parms [ L:1542
D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Aug 15 01:26:48 2007 us=754823 Data Channel MTU parms [ L:1542
D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Wed Aug 15 01:26:48 2007 us=754902 Local Options String: 'V4,dev-type
tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher BF-CBC,auth
SHA1,keysize 128,key-method 2,tls-client'
Wed Aug 15 01:26:48 2007 us=754918 Expected Remote Options String:
'V4,dev-type tun,link-mtu 1542,tun-mtu 1500,proto UDPv4,comp-lzo,cipher
BF-CBC,auth SHA1,keysize 128,key-method 2,tls-server'
Wed Aug 15 01:26:48 2007 us=754960 Local Options hash (VER=V4): '41690919'
Wed Aug 15 01:26:48 2007 us=754982 Expected Remote Options hash
(VER=V4): '530fdded'
Wed Aug 15 01:26:48 2007 us=755032 Socket Buffers: R=[8192->8192]
S=[64512->64512]
Wed Aug 15 01:26:48 2007 us=755361 UDPv4 link local (bound): [undef]:1194
Wed Aug 15 01:26:48 2007 us=755381 UDPv4 link remote: x.x.232.50:1194
Wed Aug 15 01:26:48 2007 us=905857 TLS: Initial packet from
x.x.232.50:1194, sid=732a7e88 56181212
Wed Aug 15 01:26:49 2007 us=505191 VERIFY OK: depth=1,
Wed Aug 15 01:26:49 2007 us=505864 VERIFY OK: nsCertType=SERVER
Wed Aug 15 01:26:49 2007 us=505879 VERIFY OK: depth=0,
Wed Aug 15 01:26:52 2007 us=328647 Data Channel Encrypt: Cipher 'BF-CBC'
initialized with 128 bit key
Wed Aug 15 01:26:52 2007 us=328699 Data Channel Encrypt: Using 160 bit
message hash 'SHA1' for HMAC authentication
Wed Aug 15 01:26:52 2007 us=328787 Data Channel Decrypt: Cipher 'BF-CBC'
initialized with 128 bit key
Wed Aug 15 01:26:52 2007 us=328803 Data Channel Decrypt: Using 160 bit
message hash 'SHA1' for HMAC authentication
Wed Aug 15 01:26:52 2007 us=336574 Control Channel: TLSv1, cipher
TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Aug 15 01:26:52 2007 us=336648 [abc.x.co.id] Peer Connection
Initiated with 202.153.232.50:1194
Wed Aug 15 01:26:53 2007 us=629715 SENT CONTROL [abc.x.co.id]:
'PUSH_REQUEST' (status=1)
Wed Aug 15 01:26:53 2007 us=960159 PUSH: Received control message:
'PUSH_REPLY,route 172.16.4.0 255.255.255.0,dhcp-option DOMAIN
x.co.id,dhcp-option DNS 172.16.4.16,dhcp-option DNS
172.16.4.52,dhcp-option WINS 172.16.4.5,dhcp-option WINS
172.16.4.6,dhcp-option NTP 172.16.4.52,dhcp-option NBT
8,redirect-gateway,route 172.16.100.0 255.255.255.0,ping 10,ping-restart
60,ifconfig 172.16.100.6 172.16.100.5'
Wed Aug 15 01:26:53 2007 us=960316 OPTIONS IMPORT: timers and/or
timeouts modified
Wed Aug 15 01:26:53 2007 us=960330 OPTIONS IMPORT: --ifconfig/up options
modified
Wed Aug 15 01:26:53 2007 us=960340 OPTIONS IMPORT: route options modified
Wed Aug 15 01:26:53 2007 us=960352 OPTIONS IMPORT: --ip-win32 and/or
--dhcp-option options modified
Wed Aug 15 01:26:53 2007 us=976582 TAP-WIN32 device [OpenVPN] opened:
\\.\Global\{50F57FE6-93F6-4101-A3CE-5E9C5BD376C5}.tap
Wed Aug 15 01:26:53 2007 us=978568 TAP-Win32 Driver Version 8.4
Wed Aug 15 01:26:53 2007 us=980294 TAP-Win32 MTU=1500
Wed Aug 15 01:26:53 2007 us=982027 Notified TAP-Win32 driver to set a
DHCP IP/netmask of 172.16.100.6/255.255.255.252 on interface
{50F57FE6-93F6-4101-A3CE-5E9C5BD376C5} [DHCP-serv: 172.16.100.5,
lease-time: 31536000]
Wed Aug 15 01:26:53 2007 us=982094 DHCP option string: 0f096d62 732e636f
2e69642e 01080608 ac100410 ac100434 2c08ac10 0405ac10 04062a04 ac100434
Wed Aug 15 01:26:53 2007 us=987828 Successful ARP Flush on interface [3]
{50F57FE6-93F6-4101-A3CE-5E9C5BD376C5}
Wed Aug 15 01:26:59 2007 us=78374 TEST ROUTES: 3/3 succeeded len=2 ret=1
a=0 u/d=up
Wed Aug 15 01:26:59 2007 us=78427 route ADD x.x.232.50 MASK
255.255.255.255 61.5.62.36
Wed Aug 15 01:26:59 2007 us=181838 route DELETE 0.0.0.0 MASK 0.0.0.0
61.5.62.36
Wed Aug 15 01:26:59 2007 us=294368 route ADD 0.0.0.0 MASK 0.0.0.0
172.16.100.5
Wed Aug 15 01:26:59 2007 us=374980 route ADD 172.16.4.0 MASK
255.255.255.0 172.16.100.5
Wed Aug 15 01:26:59 2007 us=456418 route ADD 172.16.100.0 MASK
255.255.255.0 172.16.100.5
Wed Aug 15 01:26:59 2007 us=534645 Initialization Sequence Completed
Wed Aug 15 01:30:28 2007 us=226571 TCP/UDP: Closing socket
Wed Aug 15 01:30:28 2007 us=227145 route DELETE 172.16.100.0 MASK
255.255.255.0 172.16.100.5
Wed Aug 15 01:30:28 2007 us=326978 route DELETE 172.16.4.0 MASK
255.255.255.0 172.16.100.5
Wed Aug 15 01:30:28 2007 us=420070 route DELETE x.x.232.50 MASK
255.255.255.255 61.5.62.36
Wed Aug 15 01:30:28 2007 us=500413 route DELETE 0.0.0.0 MASK 0.0.0.0
172.16.100.5
Wed Aug 15 01:30:28 2007 us=575681 route ADD 0.0.0.0 MASK 0.0.0.0 61.5.62.36
Wed Aug 15 01:30:28 2007 us=653071 Closing TUN/TAP interface
Wed Aug 15 01:30:28 2007 us=663908 SIGTERM[hard,] received, process exiting
try to check routing and ip on openvpn client:
C:\>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 80 48 1c 33 c8 ...... Realtek RTL8139 Family PCI Fast Ethernet
NIC - P
acket Scheduler Miniport
0x3 ...00 ff 50 f5 7f e6 ...... TAP-Win32 Adapter V8 - Packet Scheduler
Miniport
0x160005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.16.100.5 172.16.100.6 1
61.5.62.36 255.255.255.255 127.0.0.1 127.0.0.1 50
61.255.255.255 255.255.255.255 61.5.62.36 61.5.62.36 50
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
172.16.4.0 255.255.255.0 172.16.100.5 172.16.100.6 1
172.16.100.0 255.255.255.0 172.16.100.5 172.16.100.6 1
172.16.100.4 255.255.255.252 172.16.100.6 172.16.100.6 30
172.16.100.6 255.255.255.255 127.0.0.1 127.0.0.1 30
172.16.255.255 255.255.255.255 172.16.100.6 172.16.100.6 30
202.153.232.50 255.255.255.255 61.5.62.36 61.5.62.36 1
224.0.0.0 240.0.0.0 172.16.100.6 172.16.100.6 30
224.0.0.0 240.0.0.0 61.5.62.36 61.5.62.36 1
255.255.255.255 255.255.255.255 61.5.62.36 2 1
255.255.255.255 255.255.255.255 61.5.62.36 61.5.62.36 1
255.255.255.255 255.255.255.255 172.16.100.6 172.16.100.6 1
Default Gateway: 172.16.100.5
===========================================================================
Persistent Routes:
None
C:\>ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : mbs-it
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : mbs.co.id
Ethernet adapter Local Area Connection:
Media State . . . . . . . . . . . : Media disconnected
Description . . . . . . . . . . . : Realtek RTL8139 Family PCI
Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-80-48-1C-33-C8
Ethernet adapter OpenVPN:
Connection-specific DNS Suffix . : mbs.co.id
Description . . . . . . . . . . . : TAP-Win32 Adapter V8
Physical Address. . . . . . . . . : 00-FF-50-F5-7F-E6
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 172.16.100.6
Subnet Mask . . . . . . . . . . . : 255.255.255.252
Default Gateway . . . . . . . . . : 172.16.100.5
DHCP Server . . . . . . . . . . . : 172.16.100.5
DNS Servers . . . . . . . . . . . : 172.16.4.16
172.16.4.52
Primary WINS Server . . . . . . . : 172.16.4.5
Secondary WINS Server . . . . . . : 172.16.4.6
Lease Obtained. . . . . . . . . . : Wednesday, August 15, 2007
1:26:56 AM
Lease Expires . . . . . . . . . . : Thursday, August 14, 2008
1:26:56 AM
PPP adapter TelkomNet:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
Physical Address. . . . . . . . . : 00-53-45-00-00-00
Dhcp Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 61.5.62.36
Subnet Mask . . . . . . . . . . . : 255.255.255.255
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 203.130.196.5
203.130.208.18
NetBIOS over Tcpip. . . . . . . . : Disabled
But when i try to ping DHCP server and the other server on LAN, the
result is RTO:
C:\>ping 172.16.100.5
Pinging 172.16.100.5 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 172.16.100.5:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\>ping 172.16.4.60
Pinging 172.16.4.60 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 172.16.4.60:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
C:\>ping 172.16.4.16
Pinging 172.16.4.16 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 172.16.4.16:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Server with ip 172.16.4.60 using gateway 172.16.4.252 which is pfSense
1.2RC1 for testing OpenVPN, and server 172.16.4.16 using another gateway
172.16.4.253 which is pfSense 1.0.1 running for production.
Why I still can't connect to my internal LAN from OpenVPN client?
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
