Tunnelblick cannot connect to OpenVPN through a Linksys Router
Samer Abraham
technical support for linksys without any results. I have a Linksys
WRT54GS ver. 6 with a firmware 1.52.8 connects to the internet through
cable modem. The router works fine to connect to the internet but when
I try to use TunnelBlick to connect to my OpenVPN network it does not
work.
The connection is established on TunnelBlick but I can not access
anything and when I try to go to Google.com it takes forever till it
give me "page cannot be found". When I connect with my computer (Mac
10.5.8) directly through the cable modem I am able to access my
openvpn network without problems.
I reset the router to factory default and then added the ports the
Linksys technical support gave me to enable. Ports 53, 50, 500, 4500,
1723. Also I made sure that the VPN protocols were enabled in the
router and that accept anonymous connections. I did power cycle my
router and cable modem and I am still having the same problem.
I have to mention that I am able to connect successfully using a
netgear router in a different location.
I am wondering if there is a certain port TunnelBlick is using and I
am not aware of. Anyone could help me with that please?
Thanks...
Abraham
jkbull...gmail.com
not using specific ports that your router needs to handle specially.
Now, to try to solve your problem:
If I understand you correctly:
* If you connect your computer directly to the cable modem via wired
Ethernet you can connect to the VPN correctly and you can access the
Internet (e.g., Google) through the VPN.
* If you are connected through the Linksys router wirelessly you can
connect to the Internet when not using the VPN.
* If you are connected through the Linksys router you can connect to
the VPN correctly but cannot access the Internet or anything else at
the far end of the VPN tunnel.
* If you connect the same computer (with the same network
configuration) through a Netgear router in a different location, it
all works.
The first thing to try is to connect though the Linksys router via
wired Ethernet (instead of wirelessly). This is just to see what
happens, though, since I assume you want to connect wirelessly.
This looks like a DNS problem, which is probably not the router (but
it could be). That should be easy to check: after connecting to the
VPN, try using a numeric address for Google -- i.e., instead of typing
"www.google.com" in a browser's address bar, type "http://
208.67.217.230/" (which is an OpenDNS proxy for Google). If that (or
another numeric address) works, then the problem is DNS. (Try the
numeric address before you connect the VPN, too, to make sure it is
working in the first place.)
Specifically, I think after connecting to the VPN, your computer is
continuing to use your cable company's DNS server to resolve names
into IP addresses, instead of using a DNS server that works from the
far side of the VPN. Typically, the DNS servers for a cable company or
other ISP only respond to requests that originate from inside their
network, and, when you are connected to the VPN, your request is
coming from outside their network.
If you can confirm that it is a DNS problem, try with and without a
check in the "Set nameserver" checkbox. (Click on the Tunnelblick
icon, select "Details...", select the tab for the connection you want
(if there is more than one tab), and you'll see the checkbox in the
lower left part of the window.)
If you still have problems, take a look at your network setups, with
particular attention to DNS. You could try setting up your router or
your computer to use an external DNS server (for example, OpenDNS or
Google's DNS servers). Setting up manual DNS on your computer will
interfere with resolving names on the local network at the far end of
the VPN tunnel, if there are any, which may or may not be a problem
for you.
I don't think the router's "routing" is the problem for three reasons:
* For a Tunnelblick/OpenVPN client (as opposed to a server), you
should not have to set up anything on the router -- no port forwarding
or anything.
* You are able to successfully connect to the VPN, so the router is
passing traffic between your computer and the VPN server.
* You are able to successfully connect to the Internet when not using
the VPN.
Samer Abraham
address I do connect to google and anything else. So yes I have a DNS
problem. I registered in DynDNS.org as my Linksys router WRT54GS give
me that option in the DDNS tab. I put my user name and password and
the host name for DynDNS and still not working. May be I am doing
something wrong here? I am really tired of this stupid router and I am
thinking of buying a new one.
jkbull...gmail.com
DynDNS "advertises" your ISP-provided IP address to the Internet as a
name so someone can connect with your home network using the name
instead of an IP address.
The problem you are having is just the opposite: your computer is not
communicating with a DNS server.
And I don't think it has anything to do with your router.
When you are connected to the VPN, you need to have your computer use
a different DNS server. (Because, as I said earlier, your ISP-provided
DNS won't work from outside the ISP's network.)
It looks like (if you are running with "Set nameserver" checked) the
VPN server you are connecting to is not providing you with a DNS
server, so you could ask them about it. OpenVPN can be configured a
zillion different ways, but it is most common for the VPN server to
"push" a DNS server that should be used to the client (i.e., to your
computer).
If they can't help, an alternative you should try is to use another
DNS server. You could use OpenDNS, or Google DNS, or others. To try
out OpenDNS servers, the easiest thing is to (on your computer), set
up a manual DNS address in the Network System Preference. Click
"Advanced", then click the "DNS" tab, and enter 208.67.222.222 and
208.67.220.220 as new manual DNS servers. That will cause your
computer to use OpenDNS DNS servers instead of your ISP's servers, and
should get things working.
Please post how things work out.
Samer Abraham
my network did the trick and now the domain names are resolving fine
after connecting to the VPN. Actually I am typing this message through
the VPN.
Thanks a million. I have been working on this for weeks.