SparkLabs Forum.

Community Help.


Incorrect GW with TUN, correct with TAP??

Hi there, VPN newbie here.

I'm having an odd problem with windows or Mac (Mavericks VM) connections to a SoftEther VPN server.

When I connect as TUN, the gateway my routing table defaults to:

Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.110 55 <---- Default LAN route
0.0.0.0 128.0.0.0 10.10.10.126 10.10.10.125 1 <---- Viscosity VPN Route
10.10.10.124 255.255.255.252 On-link 10.10.10.125 257 <--- VPN Local IP/Mask

NOTE the netmask of 128.0.0.1

When I connect to the same server as TAP connection, the table looks as it should, and the netmask for my VPN connection is now 0.0.0.0.

I could have all users switch to TAP, but this isn't being used as a bridged connection it is a remote access VPN, so I'd rather kep it as TUN if possible.

All settings are default - no added route, automatic DNS selection.

Can someone shed some light onthis behaviour and a fix?

Any help appreciated!!

Steve
Hi Steve,

This route is correct. Routes are obeyed on most operating systems by the smallest subnet first. OpenVPN will add a 0/1 and 1/1 (i.e. 0.0.0.0/128.0.0.0 and 128.0.0.0/128.0.0.0, you should see this second route further down your routing table) with the 'redirect-gateway def1' command, essentially splitting a 0/0 default route in two and overwriting your default route without needing to worry about metrics.

If you're having connection issues, the following may help - http://sparklabs.com/support/kb/article ... -problems/

Otherwise, I'm afraid we can't offer any server support for SoftEther.

Regards,
Eric
Thank you for the quick reply!

The issue was simply that when I use TUN I cannot have split DNS using the automatic settings. However, as soon as I switch to TAP I have split DNS without changing anything else. This behaviour happens on both PC and MAC versions.

I assumed this was a routing issue, hence sharing the route table info, as that was the only change noted when I switched from TUN to TAP.

My use of split DNS is - only VPN net traffic through the VPN DNS and route, all other traffic through the default LAN route. Ultimately I simply want split DNS to work with minimal setup required. I've read the knowledge-base docs and used the routing/DNS changes proposed there.

Apologies if I clouded the issue.
3 posts Page 1 of 1

Copyright © 2016 SparkLabs Pty Ltd. All Rights Reserved. Privacy Policy