Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

Please help: openvpn tun udp [solved]
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
fpemud
Guru
Guru


Joined: 15 Feb 2012
Posts: 349
PostPosted: Fri Dec 25, 2015 2:14 pm    Post subject: Please help: openvpn tun udp [solved] Reply with quote
I can only successfully ping the server about 2 minutes after my openvpn connection is established.
I have no clue why this happens.

Server configuration:
Code:
fpemud-cloudserver # cat openvpn.conf
proto udp
port 1194

dev-type tun
dev vpns0
comp-lzo
keepalive 10 120

server 10.8.0.0 255.255.255.0
topology subnet
client-to-client

push comp-lzo
push "route 10.8.1.0 255.255.255.0"
push "route 10.8.2.0 255.255.255.0"

push "dhcp-option DNS 10.8.0.1"
push "dhcp-option WINS 10.8.0.1"

ca /etc/fpemud-vpn-server/ca-cert.pem
cert /etc/fpemud-vpn-server/server-cert.pem
key /etc/fpemud-vpn-server/server-privkey.pem
dh /etc/fpemud-vpn-server/dh.pem

user nobody
group nobody

persist-key
persist-tun


I use networkmanager-openvpn as the client, configuration:
Code:
fpemud@fpemud-workstation ~ # cat /etc/NetworkManager/system-connections/vpn\(FpemudVpn\)
[connection]
id=vpn(FpemudVpn)
uuid=38565f56-6d05-690f-7b1c-2b5b5b632012
type=vpn

[vpn]
service-type=org.freedesktop.NetworkManager.openvpn
remote=XXX.XXX.XXX.XXX
port=1194
connection-type=tls
dev-type=tun
dev=vpnc
ca=/etc/NetworkManager/system-connections/fpemud-vpn/ca-cert.pem
cert=/etc/NetworkManager/system-connections/fpemud-vpn/cert.pem
key=/etc/NetworkManager/system-connections/fpemud-vpn/key.pem
cert-pass-flags=0
#remote-cert-tls=server

[ipv4]
method=auto
never-default=true

[ipv6]
method=ignore


The route is created immediately after openvpn connection is established:
Code:
fpemud@fpemud-workstation ~ $ route -n4
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 enp0s25
10.8.0.0        0.0.0.0         255.255.255.0   U     50     0        0 vpnc
10.8.1.0        10.8.0.1        255.255.255.0   UG    50     0        0 vpnc
10.8.2.0        10.8.0.1        255.255.255.0   UG    50     0        0 vpnc
XXX.XXX.XXX.XXX   192.168.1.1     255.255.255.255 UGH   100    0        0 enp0s25
192.168.1.0     0.0.0.0         255.255.255.0   U     100    0        0 enp0s25


I find with tcpdump that all the icmp-echo packets are sent, but there's no reply.
Doing ping from server to client shows the same phenomena.

Last edited by fpemud on Fri Feb 19, 2016 9:34 am; edited 1 time in total
Back to top
View user's profile Send private message
fpemud
Guru
Guru


Joined: 15 Feb 2012
Posts: 349
PostPosted: Fri Feb 19, 2016 9:33 am    Post subject: Reply with quote
This problem disappears after I disable "comp-lzo".
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy