OpenVPN client can only reach router

Started by jmcgee, December 08, 2020, 12:44:49 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
January 24, 2021, 04:28:00 PM #15 Last Edit: January 24, 2021, 05:11:09 PM by Fright
@jmcgee
can you try to uncheck "redirect gateway" and (input will appear after this) add LAN net address to "IPv4 Local Network"?

January 24, 2021, 04:38:41 PM #16 Last Edit: January 24, 2021, 04:43:43 PM by Fright
@Gauss23
QuoteLooks like your crypto settings don't match between client and server. How did you create the client config?
QuoteTLS Error: cannot locate HMAC in incoming packet from [AF_INET]185.200.118.84:46424
imho that's not real client IP. port scan from 185.200.118 / 24 net. im also view activity from this subnet twice a day

@jmcgee
imho its better to remove private info from logs
January 24, 2021, 04:54:48 PM #17
...never use the standard port for openVPN...
kind regards
chemlud
____
"The price of reliability is the pursuit of the utmost simplicity."
C.A.R. Hoare

felix eichhorns premium katzenfutter mit der extraportion energie

A router is not a switch - A router is not a switch - A router is not a switch - A rou....
January 24, 2021, 05:02:03 PM #18
Quote from: chemlud on January 24, 2021, 04:54:48 PM
...never use the standard port for openVPN...

Or at least use tls-auth/tls-crypt
,,The S in IoT stands for Security!" :)
January 24, 2021, 06:07:42 PM #19
Quote from: Fright on January 24, 2021, 04:28:00 PM
@jmcgee
can you try to uncheck "redirect gateway" and (input will appear after this) add LAN net address to "IPv4 Local Network"?

I did. No change.
January 24, 2021, 06:17:51 PM #20
Do you see packets flowing? Enable logging on the firewall rules in OpenVPN group.
,,The S in IoT stands for Security!" :)
January 24, 2021, 06:31:54 PM #21
Quote from: Gauss23 on January 24, 2021, 06:17:51 PM
Do you see packets flowing? Enable logging on the firewall rules in OpenVPN group.

I have enabled firewall logging on OpenVPN firewall rule.  How do I filter those in log?
January 24, 2021, 07:30:28 PM #22
Firewall: Log Files: Live View
,,The S in IoT stands for Security!" :)
January 24, 2021, 08:23:09 PM #23
Quoteand theoretically connected it to all the devices on the router inside the LAN
sorry, can you describe your lan? any other router besides the OPN?

still think that the issue is on the LAN side (routes, port blocking or some) if you not touched default\wizard pf-rules.
can you make Packet Capture on LAN interface while trying SSH from vpn-client to  (working) LAN host ?
January 26, 2021, 12:21:35 AM #24
Quote from: Fright on January 24, 2021, 08:23:09 PM
Quoteand theoretically connected it to all the devices on the router inside the LAN
sorry, can you describe your lan? any other router besides the OPN?

still think that the issue is on the LAN side (routes, port blocking or some) if you not touched default\wizard pf-rules.
can you make Packet Capture on LAN interface while trying SSH from vpn-client to  (working) LAN host ?

I don't think I can do packet capture. 
There is no other router, just a network switch.

Would the TUN/TAP issue be the cause? 
https://openvpn.net/faq/why-does-the-app-not-support-tap-style-tunnels/

I had this working on Freshtomato router after putting in appropriate firewall rules.  Don't recall what those were.
January 26, 2021, 12:44:02 AM #25
You can packet capture under Interfaces > Diagnostics
January 26, 2021, 06:02:26 AM #26
QuoteWould the TUN/TAP issue be the cause
dont thinks so. and you are in tun mode as far as I can see
as @Greenlan said you can try to capture in  Interfaces > Diagnostics
Print
Go Up Pages 1 2
User actions