Can't access network from client
Gary
OpenVPN Appliance but not other machines on its network.
Here's my set up:
Desktop on separate network from vmware esxi 5.
ESXi machines:
1 ubuntu
1 openvpn-appliance
1 windows server 2008 r2
From my windows machine, I can connect to my open-vpn appliance
(192.168.1.10) and ping it. My windows box gets an IP of 192.168.1.11.
I cannot, however, ping my ubuntu box (192.168.1.105) from my windows
box.
I do have a route set up (this was done automatically):
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface
Metric
192.168.1.0 255.255.255.0 On-link
192.168.1.11 286
192.168.1.11 255.255.255.255 On-link
192.168.1.11 286
192.168.1.255 255.255.255.255 On-link
192.168.1.11 286
Persistent Routes:
None
===========================================================================
looks pretty good, right?
From my openvpn-appliance box (from the console, that is) I can ping
my ubuntu box.
Any ideas of what I'm missing?
Much thanks,
Gary
Radu Constantinescu
In order to avoid problem related to "signed drivers" download the
latest version from
http://www.openvpn.net/index.php/open-source/downloads.html, as of
this writing the version is OpenVPN 2.2.2 -- released on 2011.12.22
Windows security will ask if you want to trust the TAP-Win32 driver,
choose Always trust software from "OpenVPN Tchnologies, Inc.".
The installer will create the OpenVPN GUI shortcut on the desktop -
right click, Compatibility tab, Change settings for all users, Check
Run this program as administrator - this will ask for an admin user
password each time you run the program.
The solution is to change the target of the shortcut from "C:\Program
Files (x86)\OpenVPN\bin\openvpn-gui-1.0.3.exe" to
C:\Windows\System32\runas.exe /savecred /user:administrator
"C:\Program Files (x86)\OpenVPN\bin\openvpn-gui-1.0.3.exe" and remove
the "run as admin" setting. First time you try to run the program will
ask for the admin password then will remember the password. This is a
security breach and anyone that can replace the OpenVPN executable can
gain admin privileges – but only an admin can change that and this
solution is far better than running as a local admin all the time.
Same procedure related to the shortcut does apply to Windows 7 32 bit,
just change the path accordingly (no (x86) in the path). OpenVPN needs
admin privileges in order to add and remove routes when the vpn
connection goes up or down - with no admin privileges the connection
will establish but will not be able to pass any traffic (one can see
the errors related to routes and dhcp under "show status" when
connected without admin privileges).
Regards,
Radu
Gary
I enabled IP forwarding on my openVPN appliance, but upon restarting
the network, I got a message that said it was disabling forwarding.
Why is this?
Also, where is the conf file for the openVPN appliance if I want to
edit it?
I want to be able to see/ping/interact with the machines on the other
side of my VPN.
Gary
On Feb 23, 1:37 pm, Radu Constantinescu <rad...@gmail.com> wrote:
> Openvpn client for Windows 7 notes
>
> In order to avoid problem related to "signed drivers" download the
Gary
Radu Constantinescu
then probably you have Vswitch related problems.
The VSwitch where the appliance is connected (in the vmware server)
must accept promiscuous interface mode (Security:Promicous
Mode:Accept) otherwise it will drop the traffic from the bridge.
Regards,
Radu
Gary
Much thanks. The switch was the problem I had and changing it to
promiscuous mode has solved my problem.
Thanks again,
Gary
Radu Constantinescu
Regards,
Radu