[Openvpn-users] openvpn client connects on PC but not iOS

2013-04-22 Thread forums 
I have a PC that uses the config files to connect to the server, this  
connects and I cna browse the internet.
On the iOS, it connects but I do NOT have internet.

What issue could cause this?
I have some fragment directives in the server and client.

I get this error on the server:
Tue Apr 2 22:56:40 2013 mycert/70.xx.xxx.7:56175 FRAG_IN error  
flags=0xfa287f34: spurrious FRAG_WHOLE flags


--
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

[Openvpn-users] (no subject)

2013-05-08 Thread forums 
I get the following error from a client connecting to the VPN.
Any ideas on what causes this and how I can resolve it?
This is the only client that has the error and the server is not  
issuing 192.168.x.x as a route

Mon May 06 12:13:18 2013 OpenVPN 2.2.2 Win32-MSVC++ [SSL] [LZO2]  
[PKCS11] built on Dec 15 2011
Mon May 06 12:13:18 2013 NOTE: OpenVPN 2.1 requires '--script-security  
2' or higher to call user-defined scripts or executables
Mon May 06 12:13:18 2013 LZO compression initialized
Mon May 06 12:13:18 2013 UDPv4 link local: [undef]
Mon May 06 12:13:18 2013 UDPv4 link remote: 84.xxx.xxx.xx:1194
Mon May 06 12:13:19 2013 [ProxyPlayer.eu] Peer Connection Initiated  
with 84.246.227.39:1194
Mon May 06 12:13:22 2013 TAP-WIN32 device [Conexión de área local 5]  
opened: \\.\Global\{9D716C9B-7644-47D9-8B9C-0BE8DEB99E2D}.tap
Mon May 06 12:13:22 2013 Notified TAP-Win32 driver to set a DHCP  
IP/netmask of 10.8.0.30/255.255.255.252 on interface  
{9D716C9B-7644-47D9-8B9C-0BE8DEB99E2D} [DHCP-serv: 10.8.0.29,  
lease-time: 31536000]
Mon May 06 12:13:22 2013 Successful ARP Flush on interface [20]  
{9D716C9B-7644-47D9-8B9C-0BE8DEB99E2D}
Mon May 06 12:13:27 2013 Warning: route gateway is ambiguous:  
192.168.1.1 (2 matches)
  Correcto
Mon May 06 12:13:27 2013 Initialization Sequence Completed
Mon May 06 12:14:00 2013 Warning: route gateway is ambiguous:  
192.168.1.1 (2 matches)
  Correcto
Mon May 06 12:14:00 2013 SIGTERM[hard,] received, process exiting



--
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] (no subject)

2013-05-08 Thread forums 
Hi
No, IPs are assigned in the 10.8.x.x range as in the log
10.8.0.30
Mon May 06 12:13:22 2013 TAP-WIN32 device [Conexión de área local 5]
opened: \\.\Global\{9D716C9B-7644-47D9-8B9C-0BE8DEB99E2D}.tap
Mon May 06 12:13:22 2013 Notified TAP-Win32 driver to set a DHCP
IP/netmask of 10.8.0.30/255.255.255.252 on interface


Quoting Eric Crist :

> It appears you're assigning VPN IPs in the same IP range as the local LAN.
>
> -
> Eric F Crist



--
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] (no subject)

2013-05-08 Thread forums 
But I do not specify that route!
Here is the server config:
local 84.xxx.xxx.xx
port 1194 #- port
proto tcp
dev tun
ca /etc/openvpn/easy-rsa/2.0/keys/ca.crt
cert /etc/openvpn/easy-rsa/2.0/keys/server.crt
key /etc/openvpn/easy-rsa/2.0/keys/server.key
dh /etc/openvpn/easy-rsa/2.0/keys/dh1024.pem
client-config-dir /etc/openvpn/ccd
server 10.8.0.0 255.255.255.0
;push "redirect-gateway def1"
push "route 10.8.0.0 255.255.255.0"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 5 30
comp-lzo
persist-key
;persist-tun
status openvpn-status_tcp.log
verb 3
log /var/log/openvpn_tcp.log
;tun-mtu 1500
;link-mtu 1500
;fragment 1400
;mssfix


Quoting Miguel Clara :

> "Warning: route gateway is ambiguous:
> 192.168.1.1 (2 matches)"
>
> It seems that you already have that route on the client, maybe you're
> client default GW route is "192.168.1.1"?
>



--
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] (no subject)

2013-05-09 Thread forums 
> What configs do you have in the ccd dir? > /etc/openvpn/ccd
The ccd directory only has files to prevent access to certain certificates.
The is simply a file with the disable directive.
No oter configs.


>> server 10.8.0.0 255.255.255.0
>> push "route 10.8.0.0 255.255.255.0"
>
> Get rid of that route push, you'll already get one by default.
Ok, I'll do that but this shouldn't affect 192.168.x.x IPs?

> 2013/5/8  :
>> But I do not specify that route!
>> Here is the server config:
>> [...]
>> client-config-dir /etc/openvpn/ccd
>> [...]
>
> Even in client-specific config file ?
The client config file does not have IP address routings. I think  
think the server push should do this.






--
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Re: [Openvpn-users] Fwd: (no subject)

2013-05-10 Thread forums 
This is the client.ovpn
client
ns-cert-type server
dev tun
proto udp
remote 84.xxx.xxx.xx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert x.crt
key x.key
comp-lzo
verb 1
fragment 1300
mssfix

Any chance a firewall might cause this type of routing duplicate IP error?


> [sorry forgot the "reply all"
>
> Hum.. If its not the server config pushing the route and its not in
> the ccd, you're left with the client config
>




--
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and 
their applications. This 200-page book is written by three acclaimed 
leaders in the field. The early access version is available now. 
Download your free book today! http://p.sf.net/sfu/neotech_d2d_may
___
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users