Page 1 of 1

Windows 7 Pro - default gateway

Posted: Sun Aug 12, 2012 7:25 am
by allroy
Hello,

My client (Windows 7 Pro 64bit) does not get a default gateway set when connected. I am attempting to send all traffic via the tunnel once established.

I am using a bridge server-side for connection to my LAN. My openvpn server pushes the gateway using:

push "redirect-gateway"


Thoughts/ideas?

Thanks!

Re: Windows 7 Pro - default gateway

Posted: Sun Aug 12, 2012 11:47 pm
by Eric
Hi allroy,

Unless you push a default gateway from the server yourself, OpenVPN doesn't set one. It is recommended you do the following instead

push "redirect-gateway def1"

This will set a 0/1 route for the VPN connection which will replace your default route and push all traffic over the VPN. If you do want to set a default gateway however, you will need to push one along with redirect-gateway:

push "route-gateway x.x.x.x"

Regards,

Eric

Re: Windows 7 Pro - default gateway

Posted: Fri Aug 17, 2012 5:04 am
by allroy
Hi Eric,

Thanks for responding.

I've tried the following options:

push "redirect-gateway def1"
and
push "route-gateway xxx.xxx.xxx.xxx"

with no luck...

On my Viscosity adapter on my client system...no default gateway. With the "redirect-gateway def1" option can you explain what you mean by a 0/1 route in this case? I have packet forwarding enabled on my OpenVPN server...am I missing something else server side? Do I require firewall rules or routing to make sure packets are going where they need?

Thanks!

Re: Windows 7 Pro - default gateway

Posted: Fri Aug 17, 2012 8:03 pm
by Eric
Hi allroy,

If you connect to your VPN, is traffic going through the tunnel? If not, try dropping the route-gateway command. You only need one or the other.

A 0/1 route is essentially the equivalent of a default gateway, it is where traffic goes by default. If you open a command prompt and enter the command 'route print', you should see a route that looks similar to:

Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20

This is a 0/1 route. When you connect with redirect-gateway def1, you should see a second route added similar to the above, except with the interface as the IP of your client IP from the VPN connection, and the gateway most likely blank.

Server side, yes, you need to make sure the firewall on your server accepts the initial connection and traffic from the VPN, and you need routes or a bridge setup in order to route traffic from the OpenVPN Server interface to your WAN interface. This will also depend on whether you are using a TAP or TUN connection. I recommend you have a look around for some server setup guides on the OpenVPN Community forums, we don't have any helpful doco at this stage for setting up a VPN Server I'm afraid.

Regards,

Eric