Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 22 December 2024, 01:25:28 am

Login with username, password and session length

Visit the official Endian Community Mailinglist  HERE
14262 Posts in 4377 Topics by 6517 Members
Latest Member: Sandro
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  Windows 7 routing issues
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Windows 7 routing issues  (Read 19255 times)
rex007can
Jr. Member
*
Offline Offline

Posts: 1


« on: Tuesday 22 February 2011, 02:34:35 am »

The client config file is

client
dev tap
proto udp
remote ***.***.***.***
resolv-retry infinite
nobind
persist-key
persist-tun
ca vpn.pem
auth-user-pass
comp-lzo
route-method exe
route-delay 2
script-security 2 system


OpenVPN config (on Endian Firewall)

AUTH_TYPE=psk
CLIENT_TO_CLIENT=on
DOMAIN=....
DROP_DHCP=on
GLOBAL_DNS=192.168.192.12,192.168.192.13
GLOBAL_NETWORKS=192.168.192.0/24
OPENVPN_ENABLED=on
PORT=1194
PROTOCOL=udp
PURPLE_DEVICE=tap0
PURPLE_IP_BEGIN=192.168.192.20
PURPLE_IP_END=192.168.192.24
PURPLE_NET=
PUSH_DOMAIN=on
PUSH_GLOBAL_DNS=on
PUSH_GLOBAL_NETWORKS=on


I've narrowed down the issue to a route added to the client. It doesn't do this if the client is XP or Linux.
But if the client is Windows7, it adds a route like this
192.168.192.0 255.255.255.0 192.168.192.20 metric1 (192.168.192.20 is the IP assigned to the client by the VPN server)
And then it also adds
192.168.192.0 255.255.255.0 192.168.192.248 metric31

This creates a conflict and Windows doesn't route packets to the VPN gateway, so nothing gets through.
If I manually delete the rout
route delete 192.168.192.0
Then everything starts working properly.
I don't know why Windows7 adds the extra route, or why it puts a metric of 31 on the VPN route.
Logged
jeliasson
Full Member
***
Offline Offline

Posts: 11


« Reply #1 on: Tuesday 10 May 2011, 05:57:34 am »

I have the exact same problem!
Have you found any more information regarding this?
Logged
jeliasson
Full Member
***
Offline Offline

Posts: 11


« Reply #2 on: Wednesday 11 May 2011, 03:10:50 am »

Hey rex007can,

I came across an article by jpluimers who also have noticed this issue on a forum thread.
Since I had the same setup, eventought I would not imagine that that would be the issue, I simply disabled promiscous mode on the VMware ESXi host - and it's not working just fine.
Furthermore, I also removed the SNAT-rule (From OpenVPN to the green-zone) and it's working fine without it aswell.

I hope this helps the rest of you that are experiencing this problem!  Smiley

Forum link: http ://wiert.wordpress.com/2010/10/12/endian-firewall-connected-client-can-access-efw-but-no-other-hosts/
Remove spaces in link above
Logged
Alishba
Full Member
***
Offline Offline

Posts: 12


« Reply #3 on: Monday 16 May 2011, 08:41:13 pm »

http://dashquid.com
http://fatlossprofessional.co.uk
http://fatlossprofessional.co.uk/how-to-lose-weight-fast/
http://mobilehelper.co.uk
http://securetrip.co.uk
http://whichpetcover.com
http://youtube.com
http://wikipedia.org
http://twitter.com
http://amazon.com
Logged

Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.078 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com