SGTA14
asked on
VPN connection established but no access
Hello everyone,
I've been trying to set up a VPN between windows server 2016 and mac os x client.
The connection gets established but I can not access the resources.
The internet connection is also gone. What I really wanted to do is split vpn.
This is the configuration on the Server:
This is the configuration on the client side:
Here is the Log from the server:
Log from the client (netstat -nr)
Thank you for the help.
Regards
I've been trying to set up a VPN between windows server 2016 and mac os x client.
The connection gets established but I can not access the resources.
The internet connection is also gone. What I really wanted to do is split vpn.
This is the configuration on the Server:
#################################################
#################################################
#listen on IPv4
local 10.0.60.51
#the default port is 1194
port 1194
#UDP protocol chosen for better protection against DoS attacks and port scanning
proto udp
#using routed IP tunnel
dev tun
# ----------------------------------------------
# Zertifikate
# ----------------------------------------------
dh ..//server-keys//dh4096.pem
ca ..//server-keys//ca.crt
cert ..//server-keys//lexp-svr-101.crt
key ..//server-keys//lexp-svr-101.key
# ----------------------------------------------
# Server-Setup
# ----------------------------------------------
#set OpenVPN subnet
server 10.64.60.0 255.255.255.0
#maintain a record of client-to-virtual-IP-address
ifconfig-pool-persist ipp.txt
#cryptographic cipher, must be the same (copied) on the client config file as well
#cipher AES-256-CBC
client-to-client
# ----------------------------------------------
# Client-Settings (inkl Special Dir)Files
# ----------------------------------------------
#client-config-dir "C:\Program Files\OpenVPN\ccd"
push "route 10.0.60.0 255.255.255.0"
# ----------------------------------------------
# Defaults
# ----------------------------------------------
#ping every 10 seconds, assume that remote peer is down if no ping received during 60
keepalive 10 120
#enable compression on VPN link
#try to preserve some state across restarts
persist-key
persist-tun
# ----------------------------------------------
# Logging
# ----------------------------------------------
status ..//log//openvpn-status.log
log ..//log//openvpn.log
log-append ..//log//openvpn.log
verb 3This is the configuration on the client side:
client
dev tun
proto udp
remote xx.xx.xx.xx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert Client101.crt
key Client101.key
verb 3Here is the Log from the server:
Fri Sep 14 13:30:06 2018 OpenVPN 2.4.6 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on Apr 26 2018
Fri Sep 14 13:30:06 2018 Windows version 6.2 (Windows 8 or greater) 64bit
Fri Sep 14 13:30:06 2018 library versions: OpenSSL 1.1.0h 27 Mar 2018, LZO 2.10
Fri Sep 14 13:30:06 2018 Diffie-Hellman initialized with 4096 bit key
Fri Sep 14 13:30:06 2018 interactive service msg_channel=0
Fri Sep 14 13:30:06 2018 ROUTE_GATEWAY 10.0.60.1/255.255.255.0 I=7 HWADDR=00:15:5d:00:21:44
Fri Sep 14 13:30:06 2018 open_tun
Fri Sep 14 13:30:06 2018 TAP-WIN32 device [Ethernet 2] opened: \\.\Global\{3E90E92C-804C-41E9-A426-D4B5AF661931}.tap
Fri Sep 14 13:30:06 2018 TAP-Windows Driver Version 9.21
Fri Sep 14 13:30:06 2018 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.64.60.1/255.255.255.252 on interface {3E90E92C-804C-41E9-A426-D4B5AF661931} [DHCP-serv: 10.64.60.2, lease-time: 31536000]
Fri Sep 14 13:30:06 2018 Sleeping for 10 seconds...
Fri Sep 14 13:30:16 2018 Successful ARP Flush on interface [8] {3E90E92C-804C-41E9-A426-D4B5AF661931}
Fri Sep 14 13:30:16 2018 do_ifconfig, tt->did_ifconfig_ipv6_setup=0
Fri Sep 14 13:30:16 2018 C:\Windows\system32\route.exe ADD 10.64.60.0 MASK 255.255.255.0 10.64.60.2
Fri Sep 14 13:30:16 2018 Warning: route gateway is not reachable on any active network adapters: 10.64.60.2
Fri Sep 14 13:30:16 2018 Route addition via IPAPI failed [adaptive]
Fri Sep 14 13:30:16 2018 Route addition fallback to route.exe
Fri Sep 14 13:30:16 2018 env_block: add PATH=C:\Windows\System32;C:\Windows;C:\Windows\System32\Wbem
Fri Sep 14 13:30:16 2018 Could not determine IPv4/IPv6 protocol. Using AF_INET
Fri Sep 14 13:30:16 2018 Socket Buffers: R=[65536->65536] S=[65536->65536]
Fri Sep 14 13:30:16 2018 UDPv4 link local (bound): [AF_INET]10.0.60.51:1194
Fri Sep 14 13:30:16 2018 UDPv4 link remote: [AF_UNSPEC]
Fri Sep 14 13:30:16 2018 MULTI: multi_init called, r=256 v=256
Fri Sep 14 13:30:16 2018 IFCONFIG POOL: base=10.64.60.4 size=62, ipv6=0
Fri Sep 14 13:30:16 2018 ifconfig_pool_read(), in='Client101,10.64.60.4', TODO: IPv6
Fri Sep 14 13:30:16 2018 succeeded -> ifconfig_pool_set()
Fri Sep 14 13:30:16 2018 IFCONFIG POOL LIST
Fri Sep 14 13:30:16 2018 Client101,10.64.60.4
Fri Sep 14 13:30:16 2018 Initialization Sequence CompletedLog from the client (netstat -nr)
Internet:
Destination Gateway Flags Refs Use Netif Expire
default 192.168.17.1 UGSc 165 113 en0
10.0.60/24 10.64.60.5 UGSc 0 5 utun2
10.64.60/24 10.64.60.5 UGSc 0 0 utun2
10.64.60.5 10.64.60.6 UH 2 0 utun2
127 127.0.0.1 UCS 0 0 lo0
127.0.0.1 127.0.0.1 UH 7 4714 lo0
169.254 link#5 UCS 0 0 en0
192.168.17 link#5 UCS 3 0 en0
192.168.17.1/32 link#5 UCS 1 0 en0
192.168.17.1 90:6c:ac:13:7d:4b UHLWIir 36 594 en0 1198
192.168.17.9 80:2a:a8:8d:2b:74 UHLWI 0 6 en0 530
192.168.17.157 link#5 UHLWIi 1 2 en0
192.168.17.158/32 link#5 UCS 1 0 en0
192.168.17.158 f4:5c:89:ad:c5:1f UHLWI 0 48 lo0
192.168.17.168 34:2:86:b4:a:6e UHLWIi 1 271 en0 514
224.0.0/4 link#5 UmCS 3 0 en0
224.0.0.251 1:0:5e:0:0:fb UHmLWI 0 0 en0
224.6.7.8 1:0:5e:6:7:8 UHmLWI 0 3 en0
239.255.255.250 1:0:5e:7f:ff:fa UHmLWI 0 26 en0
255.255.255.255/32 link#5 UCS 0 0 en0
Internet6:
Destination Gateway Flags Netif Expire
default fe80::%utun0 UGcI utun0
default fe80::%utun1 UGcI utun1
::1 ::1 UHL lo0
fe80::%lo0/64 fe80::1%lo0 UcI lo0
fe80::1%lo0 link#1 UHLI lo0
fe80::%en0/64 link#5 UCI en0
fe80::8f1:755:d380:d52f%en0 f4:5c:89:ad:c5:1f UHLI lo0
fe80::%awdl0/64 link#7 UCI awdl0
fe80::70f7:77ff:fef6:878e%awdl0 72:f7:77:f6:87:8e UHLI lo0
fe80::%utun0/64 fe80::9ad6:4cb5:b4ea:b001%utun0 UcI utun0
fe80::9ad6:4cb5:b4ea:b001%utun0 link#11 UHLI lo0
fe80::%utun1/64 fe80::978:5a3a:5b1a:5d85%utun1 UcI utun1
fe80::978:5a3a:5b1a:5d85%utun1 link#12 UHLI lo0
ff01::%lo0/32 ::1 UmCI lo0
ff01::%en0/32 link#5 UmCI en0
ff01::%awdl0/32 link#7 UmCI awdl0
ff01::%utun0/32 fe80::9ad6:4cb5:b4ea:b001%utun0 UmCI utun0
ff01::%utun1/32 fe80::978:5a3a:5b1a:5d85%utun1 UmCI utun1
ff02::%lo0/32 ::1 UmCI lo0
ff02::%en0/32 link#5 UmCI en0
ff02::%awdl0/32 link#7 UmCI awdl0
ff02::%utun0/32 fe80::9ad6:4cb5:b4ea:b001%utun0 UmCI utun0
ff02::%utun1/32 fe80::978:5a3a:5b1a:5d85%utun1 UmCI utun1Thank you for the help.
Regards
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Owen Rubin
Walk me through what happens. You do a connection, you say it established (seen in the log), and then nothing? You loose all network activity local and remote?
ASKER
Hi Owen,
Many thanks for the help.
In the meantime, we opted for another VPN solution because we did not get OpenVPN up and running.
Regards
Many thanks for the help.
In the meantime, we opted for another VPN solution because we did not get OpenVPN up and running.
Regards