[Openvpn-users] route problem (freebsd)

Pol Hallen Tue, 16 Jul 2013 10:35:43 -0700

Hi all :-) Clear this problem happens only on freebsd openvpn server.

This freebsd server in an internal lan server, IP 192.168.1.254.
192.168.1.212 is gateway on internet.


I've an easy config:

Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.1.212      UGS         0    31807    em0
10.20.10.0/24      10.20.10.2         UGS         0        0   tun0
10.20.10.1         link#5             UHS         0        0    lo0
10.20.10.2         link#5             UH          0        0   tun0
127.0.0.1          link#4             UH          0     3478    lo0
192.168.1.0/24     link#2             U           0    46116    em0
192.168.1.254      link#2             UHS         0        0    lo0

ifconfig

em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        inet 192.168.1.254 netmask 0xffffff00 broadcast 192.168.1.255
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
[...]
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
        inet 10.20.10.1 --> 10.20.10.2 netmask 0xffffffff

Problem is: 10.20.10.2 is a gateway? why?

On clients I've this error:

OpenVPN ROUTE: OpenVPN needs a gateway parameter for a --route option and
no default was specified by either --route-gateway or --ifconfig options
Tue Jul 16 19:28:30 2013 us=860975 OpenVPN ROUTE: failed to parse/resolve
route for host/network: 10.20.10.0
Tue Jul 16 19:28:30 2013 us=861091 OpenVPN ROUTE: OpenVPN needs a gateway
parameter for a --route option and no default was specified by either
--route-gateway or --ifconfig options

openvpn server config:

port XXX
proto udp
dev tun
;dev-node tap0
ca /usr/local/etc/openvpn/XX.crt
cert /usr/local/etc/openvpn/XX.crt
key /usr/local/etc/openvpn/XX.key
dh /usr/local/etc/openvpn/dh2048.pem

server 10.20.10.0 255.255.255.0
push "route 10.20.10.0 255.255.255.0"

ifconfig-pool-persist /usr/local/etc/openvpn/ipp.txt 0

;duplicate-cn
keepalive 10 120
;cipher BF-CBC        # Blowfish (default)
;cipher AES-256-CBC   # AES
cipher DES-EDE3-CBC  # Triple-DES
comp-lzo
user nobody
group nobody
persist-key
persist-tun
;status /var/log/openvpn-status.log
;log-append /var/log/openvpn.log
verb 10
mute 20
client-to-client
client-config-dir ccd "route 10.20.10.1 255.255.255.0"

ping-restart 0
tls-auth /usr/local/etc/openvpn/ta.key 0
plugin /usr/local/lib/openvpn/plugins/openvpn-plugin-auth-pam.so login
#tmp-dir /dev/shm

Almost same config on linux openvpn server runs. It's the server that
create correct route. But on freebsd I've 10.20.10.2 like automatic gw.

Any idea?

thanks!

Pol


------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Openvpn-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] route problem (freebsd)

Reply via email to