how does openvpn decide which interface to get IP addrs from
- by bkrupa
Using ubuntu 10.04 on both ends.
We have a client and server machine on the SAME network attempting to make a vpn connection. We use the config files from here and made minimal changes.
The server and client start and seem to connect without any trouble. The server looks like:
Wed Feb 23 22:13:22 2011 MULTI: multi_create_instance called
Wed Feb 23 22:13:22 2011 192.168.1.55:47166 Re-using SSL/TLS context
Wed Feb 23 22:13:22 2011 192.168.1.55:47166 LZO compression initialized
Wed Feb 23 22:13:22 2011 192.168.1.55:47166 Control Channel MTU parms [ L:1574 D:138 EF:38 EB:0 ET:0 EL:0 ]
Wed Feb 23 22:13:22 2011 192.168.1.55:47166 Data Channel MTU parms [ L:1574 D:1450 EF:42 EB:135 ET:32 EL:0 AF:3/1 ]
Wed Feb 23 22:13:22 2011 192.168.1.55:47166 Local Options hash (VER=V4): 'f7df56b8'
Wed Feb 23 22:13:22 2011 192.168.1.55:47166 Expected Remote Options hash (VER=V4): 'd79ca330'
Wed Feb 23 22:13:22 2011 192.168.1.55:47166 TLS: Initial packet from 192.168.1.55:47166, sid=69112e42 5458135b
*...*
Wed Feb 23 22:13:22 2011 192.168.1.55:47166 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Wed Feb 23 22:13:22 2011 192.168.1.55:47166 [client1] Peer Connection Initiated with 192.168.1.55:47166
On the client side the connection looks like:
Wed Feb 23 22:20:07 2011 [server] Peer Connection Initiated with [AF_INET]192.168.1.41:1194
Wed Feb 23 22:20:10 2011 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Wed Feb 23 22:20:10 2011 PUSH: Received control message: 'PUSH_REPLY,route-gateway 10.8.0.4,ping 10,ping-restart 120,ifconfig 10.8.0.50 255.255.255.0'
...
Wed Feb 23 22:20:10 2011 /sbin/ifconfig tap0 10.8.0.50 netmask 255.255.255.0 mtu 1500 broadcast 10.8.0.255
Wed Feb 23 22:20:10 2011 Initialization Sequence Completed
The openvpn server has been configured to assign ip addresses in the range 10.8.0.* and the client has been given 10.8.0.50. When I run the following nmap from the client:
Starting Nmap 5.00 ( http://nmap.org ) at 2011-02-23 22:04 EST
Host 10.8.0.50 is up (0.00047s latency).
Nmap done: 256 IP addresses (1 host up) scanned in 30.34 seconds
Host 192.168.1.1 is up (0.0025s latency).
Host 192.168.1.18 is up (0.074s latency).
Host 192.168.1.41 is up (0.0024s latency).
Host 192.168.1.55 is up (0.00018s latency).
Nmap done: 256 IP addresses (4 hosts up) scanned in 6.33 seconds
If I run an nmap from the server on 10.8.0.* I get nothing.
If the client has two interfaces (wireless and tap device) when you look for a certain ip address, how does it decide which interface to connect on?
edit I am trying to set up a vpn so that I can connect to my home network from a remote network. It seems like openvpn is connecting but none of the computers on my home network appear as network machines even after the connection is "Established". Stripped versions of the client and server config files are posted below. Thanks for any help you can offer.
server.conf
port 1194
proto udp
dev tap
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
client.conf
client
dev tap
dev-node tap0901
proto udp
remote ********** 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
comp-lzo
verb 3
one other thing that might be helpful, I tried to connect using the openvpn gui for windows and the connection stalls out on "obtaining configuration" and the bar just scrolls forever.
