2019-07-13 08:37:08.030715 /sbin/route add -net 192.168.250.0 10.111.111.5 255.255.255.0
add net 192.168.250.0: gateway 10.111.111.5
2019-07-13 08:37:08.035355 /sbin/route add -net 10.111.111.1 10.111.111.5 255.255.255.255
add net 10.111.111.1: gateway 10.111.111.5
2019-07-13 08:37:08.038342 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
2019-07-13 08:37:08.038363 Initialization Sequence Completed
2019-07-13 08:37:08.038398 MANAGEMENT: >STATE:1562999828,CONNECTED,SUCCESS,10.111.111.6,target_public,1194,
2019-07-13 08:37:08.182944 *Tunnelblick: No ‘connected.sh’ script to execute
2019-07-13 08:37:08.264730 *Tunnelblick: DNS address 10.111.111.1 is being routed through the VPN
2019-07-13 08:37:13.717945 *Tunnelblick: This computer’s apparent public IP address (my_public) was unchanged after the connection was made
After connecting to VPN evetything stops working. Internet, I can’t access nothing in VPN network, even Turris (not on public, not on 192.168.250.1, not on 10.111.111.1)
the task is get access from anywehere to RDP and other services in 192.168.250.x behind Turris via OpenVpn
I have a similar issue… does anyone have any ideas?
It doesn’t work for me for any combination of those settings in Foris, despite the fact that the OpenVPN client on Windows 10 manages to connect successfully.
My firewall setup is identical to the one of @zdenek.sofr.
Can you do things like ping the Turris from the client?
If you can, then the VPN is connected fine.
Can you ping the end point from the client?
If you can ping the Turris, but can’t ping the endpoint, then there’s probably a routing issue.
ping to 10.111.111.1, also 192.168.250.1 = request timeout, the same for whatever address in 192.168.250.x segment
i’ve no idea, what’s wrong. I just
get turris working for LAN (wifi off) - worked fine
installed all updates - worked fine (about a month)
installed OpenVPN plugin - still worked fine about a week
Applied settings for OpenVPN (default) and created .conf
changed firewall settings, cause by default there was rule Lan=>WAN, VPN (but I would like to have VPN as a “part” of LAN, so I changed the rule to Lan, VPN => WAN - I hope, I get it right)
some more details fron Win client
OpenVPN - connected
Ipconfig says: 10.111.111.6/255.255.255.2, no default GW, no DNS, address of DHCP server 10.111.111.5
Access to my LAN (192.168.1.x) and also public internet - OK, Access to whatever IP in 10.111.111.x or 192.168.250.x doesn´t work
if I get it right, routes are added by OpenVPN Client:
Mon Jul 15 07:28:14 2019 TAP-Windows Driver Version 9.23
Mon Jul 15 07:28:14 2019 Notified TAP-Windows driver to set a DHCP IP/netmask of 10.111.111.6/255.255.255.252 on interface {C983BA08-B86C-4FF2-A466-3AA168A30A72} [DHCP-serv: 10.111.111.5, lease-time: 31536000]
Mon Jul 15 07:28:14 2019 Successful ARP Flush on interface [20] {C983BA08-B86C-4FF2-A466-3AA168A30A72}
Mon Jul 15 07:28:14 2019 MANAGEMENT: >STATE:1563168494,ASSIGN_IP,10.111.111.6,
Mon Jul 15 07:28:19 2019 TEST ROUTES: 2/2 succeeded len=2 ret=1 a=0 u/d=up
Mon Jul 15 07:28:19 2019 MANAGEMENT: >STATE:1563168499,ADD_ROUTES,
Mon Jul 15 07:28:19 2019 C:\Windows\system32\route.exe ADD 192.168.250.0 MASK 255.255.255.0 10.111.111.5
Mon Jul 15 07:28:19 2019 Route addition via service succeeded
Mon Jul 15 07:28:19 2019 C:\Windows\system32\route.exe ADD 10.111.111.1 MASK 255.255.255.255 10.111.111.5
Mon Jul 15 07:28:19 2019 Route addition via service succeeded
Mon Jul 15 07:28:19 2019 WARNING: this configuration may cache passwords in memory – use the auth-nocache option to prevent this
Mon Jul 15 07:28:19 2019 Initialization Sequence Completed
Mon Jul 15 07:28:19 2019 MANAGEMENT: >STATE:1563168499,CONNECTED,SUCCESS,10.111.111.6,public_ip_of_turris,1194,
@jklaas - could be… but this is something out of my level… I´ve tried to turn off local (windows) firewall - didn´t help. Tried on another ISP (to be sure, it´s not problem on my LAN). I can access SSH remotely, but no idea, what to check
in Luci I can see “vpn_turris_rule”
Did you try rebooting your Turris after enabling OpenVPN?
I had the same issue, and the problem was that the routing table lacked the routing information to the VPN. This was solved by a reboot.
@ricmik after restart i´m not able to connect at all
Wed Jul 17 18:18:30 2019 TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
Wed Jul 17 18:18:30 2019 TLS Error: TLS handshake failed
but I´m able to login to turris and forris, so network is OK
Are you connecting to your router by IP or hostname?
Maybe the external IP has changed after the reboot and the DNS record is out of date, or the OpenVPN configuration is incorrect if you’re connecting by IP?