[Clug-tech] Still Looking for OpenVPN Help
jamie at furtner.ca
Thu Nov 30 19:50:05 PST 2006
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> I've come to the conclusion that I've left one very important fact out
> of the description of my problems with OpenVPN. It's entirely logical to
> assume that I'm trying to set up the server on my home network (behind
> my router) in order to access it from other locations. Not true.
> Because I have no desire to leave any of my home computers on all day
> long, I use VPSes on the Internet to play with. That's where I want my
> OpenVPN server.
> While setting this thing up, I am using my laptop as the client from
> behind my home router and attempting to connect to the OpenVPN server.
> It looks something like this:
> Me (192.168.0.103) -> Router (126.96.36.199) -> OpenVPN Server
> To recap, my problem is that after I connect, I get a slew of these errors:
> Thu Nov 30 21:05:16 2006 jonzlaptop/188.8.131.52:34309 MULTI: bad source
> address from client [192.168.0.103], packet dropped
> My goal is to connect to my OpenVPN server and then have ALL my traffic
> sent through it and out to the Internet when I am connected. My troubles
> are most frustrating because I know there are 40 bigajillion people on
> the planet who have this simple VPN thing working, but I can't get it to
> Anyone have any ideas before I throw OpenVPN in the trash and try
> something else?
> - --
> Key fingerprint: BDE0 DE52 B8C0 0CDF 7653 E5A2 D861 7877 0D3B 813E
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.3 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> -----END PGP SIGNATURE-----
> clug-tech mailing list
> clug-tech at clug.ca
Can you ping the VPN endpoints once you connect using their internal
private IP addresses? Start with your local IP, then try the server's
VPN IP address.
Is it possible that *all* your traffic (including the VPN connection
itself) is attempting to be tunneled through the VPN? The
redirect-gateway directive shouldn't cause that to happen, but step one
is to verify that you can ping across the tunnel or if it's traffic
getting out that's the problem.
I use OpenVPN myself and can tunnel all my traffic over it when I need
to (using the redirect-gateway directive). Here's my client config (note
it's using TCP as some of the firewalls I'm behind don't allow UDP traffic):
remote my.openvpn.server 1194
redirect-gateway bypass-dhcp bypass-dns
More information about the clug-tech