Windows 7 Pro - default gateway

Got a problem with Viscosity or need help? Ask here!

allroy

Posts: 2
Joined: Sun Aug 12, 2012 7:20 am

Post by allroy » Sun Aug 12, 2012 7:25 am
Hello,

My client (Windows 7 Pro 64bit) does not get a default gateway set when connected. I am attempting to send all traffic via the tunnel once established.

I am using a bridge server-side for connection to my LAN. My openvpn server pushes the gateway using:

push "redirect-gateway"


Thoughts/ideas?

Thanks!

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Sun Aug 12, 2012 11:47 pm
Hi allroy,

Unless you push a default gateway from the server yourself, OpenVPN doesn't set one. It is recommended you do the following instead

push "redirect-gateway def1"

This will set a 0/1 route for the VPN connection which will replace your default route and push all traffic over the VPN. If you do want to set a default gateway however, you will need to push one along with redirect-gateway:

push "route-gateway x.x.x.x"

Regards,

Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs

allroy

Posts: 2
Joined: Sun Aug 12, 2012 7:20 am

Post by allroy » Fri Aug 17, 2012 5:04 am
Hi Eric,

Thanks for responding.

I've tried the following options:

push "redirect-gateway def1"
and
push "route-gateway xxx.xxx.xxx.xxx"

with no luck...

On my Viscosity adapter on my client system...no default gateway. With the "redirect-gateway def1" option can you explain what you mean by a 0/1 route in this case? I have packet forwarding enabled on my OpenVPN server...am I missing something else server side? Do I require firewall rules or routing to make sure packets are going where they need?

Thanks!

Eric

User avatar
Posts: 1146
Joined: Sun Jan 03, 2010 3:27 am

Post by Eric » Fri Aug 17, 2012 8:03 pm
Hi allroy,

If you connect to your VPN, is traffic going through the tunnel? If not, try dropping the route-gateway command. You only need one or the other.

A 0/1 route is essentially the equivalent of a default gateway, it is where traffic goes by default. If you open a command prompt and enter the command 'route print', you should see a route that looks similar to:

Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20

This is a 0/1 route. When you connect with redirect-gateway def1, you should see a second route added similar to the above, except with the interface as the IP of your client IP from the VPN connection, and the gateway most likely blank.

Server side, yes, you need to make sure the firewall on your server accepts the initial connection and traffic from the VPN, and you need routes or a bridge setup in order to route traffic from the OpenVPN Server interface to your WAN interface. This will also depend on whether you are using a TAP or TUN connection. I recommend you have a look around for some server setup guides on the OpenVPN Community forums, we don't have any helpful doco at this stage for setting up a VPN Server I'm afraid.

Regards,

Eric
Eric Thorpe
Viscosity Developer

Web: http://www.sparklabs.com
Support: http://www.sparklabs.com/support
Twitter: http://twitter.com/sparklabs
4 posts Page 1 of 1