Outbound traffic not working via Windows Client

Got a problem with Viscosity or need help? Ask here!

endi

Posts: 1
Joined: Fri Apr 29, 2016 6:22 pm

Post by endi » Fri Apr 29, 2016 7:37 pm
TL;DR

When connecting to my OpenVPN servers, the Connection Log shows "Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.0.2/255.255.255.0 on interface {STRING-REPRESENTING-INTERFACE} [DHCP-serv: 10.0.0.254, lease-time: 31536000]," oddity being "DHCP-serv: 10.0.0.254." I am assigned an IP within the normal range but am not able to access the internet while connected. This client config file works on the Mac OS X Viscosity client as well as iOS/Android OpenVPN Clients. This issue seems to be isolated to the Windows Viscosity Client, perhaps the referenced 'TAP-Windows' driver.

-------------------------------------------

Hey all,

I've been a long time user of Viscosity on Mac OS X. I have deployed three OpenVPN servers in various locations and connect to them from my Mac OS X Viscosity Client as well as iOS/Android OpenVPN Clients. I connect to them all on a weekly basis and have no issues. Recently I've been considering moving to a Surfacebook and realized one of my only reservations is my familiarity with BSD/*nix networking and my lack of familiarity with Windows networking. I have a Win10 Pro machine on which I have no need for VPN but I thought I would test my daily workflows to avoid potential frustrations later on.

I downloaded and installed the Windows Viscosity Client as an admin user and imported my config file I have used to config my Mac OS X and mobile clients. The only settings I've ever changed on the Mac OS X Client is checking "Send all traffic over VPN connection," the OpenVPN Config(s) have always done the rest. When connecting to my OpenVPN Server using the Windows Viscosity Client, line 17 of the Connection Log includes "...[DHCP-serv:10.0.0.254, lease-time: 31536000]." The connection continues and ends with "State changed to Connected." I am unable to access the internet via the tunnel and the client is showing "[servername] Inactivity timeout (--ping-restart), restarting," in accordance with my "keepalive 10 30" line in the config, which is necessarily short for certain networks behind which I am connecting.

I do not know *why* it is assigning 10.0.0.254 as 'dhcp-serv', nor am I certain that's what's causing my issue (pretty sure thought). I am being assigned an IP as normal (generally 10.0.0.2-10). I attempted to set the default gateway, as well as dns info in the 'Networking' tab. I am including the seemingly windows-specific connection log entries, which reference the 'TAP-Windows' driver

Relevant Client Log:
Code: Select all
TAP-WIN32 device [server.tld] opened: \\.\Global\{STRING-REPRESENTING-INTERFACE}.tap
Set TAP-Window TUN subnet mode network/local/netmask = 10.0.0.0/10.0.0.2/255.255.255.255.0 [SUCCEEDED]
Notified TAP-Windows driver to set a DHCP IP/netmask of 10.0.0.2/255.255.255.0 on interface {STRING-REPRESENTING-INTERFACE} [DHCP-serv: 10.0.0.254, lease-time: 31536000]
Successful ARP Flush on interface [16] {STRING-REPRESENTING-INTERFACE}
Relevant Server config:
Code: Select all
local server.public.ip.address
dev tun
proto udp
port #####
topology subnet
server 10.0.0.0 255.255.255.0
push "route 10.0.0.0 255.255.255.0"
push "router server.public.ip.address 255.255.255.255"
push "dhcp-option DNS 8.8.8.8"
push "redirect-gateway def1"
This has served well as a OpenVPN server to tunnel my internet traffic when behind untrusted networks. It seems that the difference between the Mac OS X Viscosity Connection Log and the Windows Viscosity Connection Log reference the Windows TAP driver, so I'm posting here because as I've said, I have zero familiarity with Windows' networking stack.

any known issues or ideas? I can provide full Mac OS X and Windows Client Connection Logs for comparison by request.


thanks!

andrej

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Mon May 02, 2016 8:54 am
Hi Andrej,

The DHCP server is completely normal on Windows. OpenVPN uses the last IP address in the address range you assign on the server to act as a local DHCP server to the TAP adapter in TUN mode. Even though this DHCP server is assigned, it's only there to appease Windows DHCP, so this won't be causing you any issues.

Could you please post the following and we can take a look:
A full copy (Connected to ping timeout) of your connection log
A full copy of an output of ipconfig -all
A full copy of an output of route print

How have you confirmed that there is no traffic? By pings or another means?

Regards,
Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
2 posts Page 1 of 1