Connected to OpenVPN on DD-WRT router with TunnelBlick, but can't ping the tunnel IPs or remote LAN IPs
197 views
Skip to first unread message
Ravi Malghan
Jul 10, 2013, 10:23:59 PM7/10/13
to tunnelbli...@googlegroups.com
I have a DD-WRT router running v24SP2 I am using as the OpenVPN server. The LAN IP for the router is 192.168.2.0. I am using TunnelBlick client that is on a 10.0.2. network. I can to the VPN server, and tun0 is assigned 10.0.4.6. I cannot ping any IPs on the 10.0.4.0 network. Not even the 10.0.4.6. Can someone help me figure out what I might be missing.I have attached the logs from Tunnelblick client. All the logs look normal.
client conf
client
remote-cert-tls server
dev tun0
proto udp
remote xxxxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
comp-lzo
verb 3
server conf
dh /tmp/openvpn/dh.pem
ca /tmp/openvpn/ca.crt
key /tmp/openvpn/key.pem
cert /tmp/openvpn/cert.pem
push "route 192.168.2.0 255.255.255.0"
server 10.0.4.0 255.255.255.0
dev tun0
proto udp
keepalive 10 120
tls-server
comp-lzo
verb 9
ifconfig and netstat on client
bash-3.2$ ifconfig -a
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
options=3<RXCSUM,TXCSUM>
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=2b<RXCSUM,TXCSUM,VLAN_HWTAGGING,TSO4>
ether a8:20:66:2f:98:8f
inet6 fe80::aa20:66ff:fe2f:988f%en0 prefixlen 64 scopeid 0x4
inet 10.191.36.171 netmask 0xfffffe00 broadcast 10.191.37.255
media: autoselect (1000baseT <full-duplex>)
status: active
en1: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
ether 5c:96:9d:72:39:6b
media: autoselect (<unknown type>)
status: inactive
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
ether 0e:96:9d:72:39:6b
media: autoselect
status: inactive
fw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 4078
lladdr a8:20:66:ff:fe:91:11:5e
media: autoselect <full-duplex>
status: inactive
tun0: flags=8851<UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 10.0.4.6 --> 10.0.4.5 netmask 0xffffffff
open (pid 5992)
bash-3.2$ netstat -rn
Routing tables
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 10.0.2.1 UGSc 28 45 en1
10.0.2/24 link#5 UCS 1 0 en1
10.0.2.1 0:17:f2:47:d5:43 UHLWIir 29 501 en1 27
10.0.2.3 127.0.0.1 UHS 0 0 lo0
10.0.4.1/32 10.0.4.5 UGSc 0 0 tun0
10.0.4.5 10.0.4.6 UH 2 0 tun0
127 127.0.0.1 UCS 0 0 lo0
127.0.0.1 127.0.0.1 UH 19 535570 lo0
169.254 link#5 UCS 0 0 en1
192.168.2 10.0.4.5 UGSc 0 0 tun0
iptables -L on server
root@DD-WRT:/tmp/openvpn# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:1194
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:1723
ACCEPT tcp -- anywhere anywhere tcp dpt:1723
ACCEPT gre -- anywhere anywhere
DROP udp -- anywhere anywhere udp dpt:route
DROP udp -- anywhere anywhere udp dpt:route
ACCEPT udp -- anywhere anywhere udp dpt:route
ACCEPT tcp -- anywhere DD-WRT tcp dpt:www
DROP icmp -- anywhere anywhere
DROP igmp -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere state NEW
ACCEPT 0 -- anywhere anywhere state NEW
DROP 0 -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere
ACCEPT 0 -- 10.0.2.0/24 anywhere
ACCEPT gre -- 192.168.2.0/24 anywhere
ACCEPT tcp -- 192.168.2.0/24 anywhere tcp dpt:1723
ACCEPT 0 -- anywhere anywhere
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
lan2wan 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere state RELATED,ESTABLISHED
TRIGGER 0 -- anywhere anywhere TRIGGER type:in match:0 relate:0
trigger_out 0 -- anywhere anywhere
ACCEPT 0 -- anywhere anywhere state NEW
DROP 0 -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain advgrp_1 (0 references)
target prot opt source destination
.
.
.
Ravi Malghan
Jul 11, 2013, 7:26:24 AM7/11/13
to tunnelbli...@googlegroups.com
The only log I am seeing on the server is the following. The 184 address is the public IP of my client network router.
Jul 11 07:24:51 DD-WRT daemon.notice openvpn[32762]: UDPv4 read returned 53
Jul 11 07:24:51 DD-WRT daemon.notice openvpn[32762]: client1/184.199.32.63:59138 UDPv4 READ [53] from 184.199.32.63:59138: P_DATA_V1 kid=0 DATA d5495154 f525c986 f344ac3b 810c791f 1608ae18 3c1827bd f79ffed0 af6b436[more...]
Jul 11 07:24:59 DD-WRT daemon.notice openvpn[32762]: event_wait returned 0
Jul 11 07:24:59 DD-WRT daemon.notice openvpn[32762]: event_wait returned 1
Jul 11 07:24:59 DD-WRT daemon.notice openvpn[32762]: client1/184.199.32.63:59138 UDPv4 WRITE [53] to 184.199.32.63:59138: P_DATA_V1 kid=0 DATA 6da75dc3 eeaebe6e 138f361e 6aef6aeb 83eb270b db86caad de086023 3389411[more...]
Jul 11 07:24:59 DD-WRT daemon.notice openvpn[32762]: client1/184.199.32.63:59138 UDPv4 write returned 53
Jul 11 07:25:01 DD-WRT daemon.notice openvpn[32762]: event_wait returned 0
Jul 11 07:25:02 DD-WRT daemon.notice openvpn[32762]: event_wait returned 1
Jul 11 07:25:02 DD-WRT daemon.notice openvpn[32762]: UDPv4 read returned 53
Reply all
Reply to author
Forward
0 new messages