Re: [Openvpn-devel] Errors adding routes on Windows 7 with OpenVPN 2.1.3

[David Sommerseth]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 18/10/10 17:50, Christian Rank wrote:
> Hello,
> 
> we noticed a strange problem with OpenVPN 2.1.3 on a Windows 7 client
> here: The VPN tunnel to an OpenVPN server does no longer work since the
> OpenVPN 2.1.3 software tries to insert many strange routes into the
> Windows 7 routing tables. With OpenVPN 2.1.1, all goes well. Our OpenVPN
> server is running on OpenVPN 2.1_rc15 i686-pc-linux-gnu.
> 
> I have attached the Windows OpenVPN log file (with verbosity 4).
> 
> Maybe this is a bug in the Windows implementation of OpenVPN 2.1.3?
> 

Thank you very much for your report.  Gert identified a potential issue,
which seems to fix it.  We've added a patch to the
openvpn-testing.git tree.  For more information, see this community Trac
ticket:

  


kind regards,

David Sommerseth
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkzBnTQACgkQDC186MBRfrpzugCfabfKjY4MIMHNGng35ltxhSPV
BCEAnRKnpCM7GNHlpKAGKT7jkLmTK85Q
=DzNs
-END PGP SIGNATURE-

Re: [Openvpn-devel] Errors adding routes on Windows 7 with OpenVPN 2.1.3

[Alberto Gonzalez Iniesta]

On Thu, Oct 21, 2010 at 10:38:52AM +0200, Gert Doering wrote:
> Hi,
> 
> On Wed, Oct 20, 2010 at 09:31:35PM +0200, Gert Doering wrote:
> > I think the patch below should fix this, but have not tested this at all
> > (neither with nor without the patch).  Applies to tag v2.1.3
> 
> David suggested to use CLEAR() to make easier-understandable code and
> more thorough clearing.  Patch (goes on top of the last patch) below.
> 
> Agi, either patch should work, but if you haven't tested the other one
> yet, please test this one.
> 

Hi,

I tested the patch successfully. It works for me(tm). OpenVPN stopped
adding those random routes, while it added the right one for the
"remote_host".

Thanks,

Alberto

-- 
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com

Key fingerprint = 9782 04E7 2B75 405C F5E9  0C81 C514 AF8E 4BA4 01C3

Re: [Openvpn-devel] Errors adding routes on Windows 7 with OpenVPN 2.1.3

[Gert Doering]

Hi,

On Wed, Oct 20, 2010 at 09:31:35PM +0200, Gert Doering wrote:
> I think the patch below should fix this, but have not tested this at all
> (neither with nor without the patch).  Applies to tag v2.1.3

David suggested to use CLEAR() to make easier-understandable code and
more thorough clearing.  Patch (goes on top of the last patch) below.

Agi, either patch should work, but if you haven't tested the other one
yet, please test this one.

gert


From f9ec243ea8f4783d921e56d12a0afb3fad02f0c6 Mon Sep 17 00:00:00 2001
From: Gert Doering 
List-Post: openvpn-devel@lists.sourceforge.net
Date: Thu, 21 Oct 2010 10:35:29 +0200
Subject: [PATCH] use CLEAR() to clear all of "netlist" - more in line with the 
coding style
 and easier to read [dazo]

Signed-off-by: Gert Doering 
---
 route.c |2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/route.c b/route.c
index d50821e..20f62d5 100644
--- a/route.c
+++ b/route.c
@@ -450,7 +450,7 @@ init_route_list (struct route_list *rl,
struct route r;
int k;
 
-netlist.len = 0;   /* won't be set for special routes */
+CLEAR(netlist);/* init_route() will not always init 
this */
 
if (!init_route (,
 ,
-- 
1.7.2.2


-- 
USENET is *not* the non-clickable part of WWW!
   //www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025g...@net.informatik.tu-muenchen.de


pgp4cYY9vezPY.pgp
Description: PGP signature

Re: [Openvpn-devel] Errors adding routes on Windows 7 with OpenVPN 2.1.3

[Alberto Gonzalez Iniesta]

On Mon, Oct 18, 2010 at 05:50:44PM +0200, Christian Rank wrote:
> Hello,
> 
> we noticed a strange problem with OpenVPN 2.1.3 on a Windows 7 client
> here: The VPN tunnel to an OpenVPN server does no longer work since the
> OpenVPN 2.1.3 software tries to insert many strange routes into the
> Windows 7 routing tables. With OpenVPN 2.1.1, all goes well. Our OpenVPN
> server is running on OpenVPN 2.1_rc15 i686-pc-linux-gnu.
> 
> I have attached the Windows OpenVPN log file (with verbosity 4).
> 
> Maybe this is a bug in the Windows implementation of OpenVPN 2.1.3?
> 

Hi Christian,

It's not a bug in the Windows implementation but in OpenVPN 2.1.3
itself. The bug is reported and it is being worked in.
I think you're using 'remote_host' on your client configuration (or
pushing it from the server). If that's the case, try changing that with
the IP of the VPN server and see if that fixes it in the meantime.

Cheers,

Alberto


-- 
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com

Key fingerprint = 9782 04E7 2B75 405C F5E9  0C81 C514 AF8E 4BA4 01C3

Re: [Openvpn-devel] Errors adding routes on Windows 7 with OpenVPN 2.1.3

[Arne Schwabe]

Am 18.10.10 17:50, schrieb Christian Rank:
> Hello,
>
> we noticed a strange problem with OpenVPN 2.1.3 on a Windows 7 client
> here: The VPN tunnel to an OpenVPN server does no longer work since the
> OpenVPN 2.1.3 software tries to insert many strange routes into the
> Windows 7 routing tables. With OpenVPN 2.1.1, all goes well. Our OpenVPN
> server is running on OpenVPN 2.1_rc15 i686-pc-linux-gnu.
>
> I have attached the Windows OpenVPN log file (with verbosity 4).
>
> Maybe this is a bug in the Windows implementation of OpenVPN 2.1.3?
>
Without looking through your log, we had similar problems and adding the
def1 option fixed it for us.

Arne

[Openvpn-devel] Errors adding routes on Windows 7 with OpenVPN 2.1.3

[Christian Rank]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hello,

we noticed a strange problem with OpenVPN 2.1.3 on a Windows 7 client
here: The VPN tunnel to an OpenVPN server does no longer work since the
OpenVPN 2.1.3 software tries to insert many strange routes into the
Windows 7 routing tables. With OpenVPN 2.1.1, all goes well. Our OpenVPN
server is running on OpenVPN 2.1_rc15 i686-pc-linux-gnu.

I have attached the Windows OpenVPN log file (with verbosity 4).

Maybe this is a bug in the Windows implementation of OpenVPN 2.1.3?

Thanks in advance for any help,
Christian

- -- 
Dr. Christian Rank
Rechenzentrum Universität Passau
Bereich Netzwerk und Telekommunikation
Innstr. 33
D-94032 Passau
GERMANY
Tel.: 0851/509-1838
Fax:  0851/509-1802
PGP public key see http://www.rz.uni-passau.de/mitarbeiter/rank
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iJwEAQECAAYFAky8bM8ACgkQICQoVWVVBdXzYQQAlDytBOe1ssO6hgghgd80Kfa5
PY+7NkSLg+0ejCtEv2zLJ28YXf0Up5164celXVY2Hd+xjNXuUNOPezQ5cV2/agAh
ZIR97cfGZx0gDl92E7dwo0enCL23n/fwEnzJD9VkrjJ13eIiKIRhGZO297vSTsL2
jvtBTIMCvxPtKBonmX0=
=WRBl
-END PGP SIGNATURE-
Mon Oct 18 17:37:52 2010 NOTE: --user option is not implemented on Windows
Mon Oct 18 17:37:52 2010 NOTE: --group option is not implemented on Windows
Mon Oct 18 17:37:52 2010 us=32 Current Parameter Settings:
Mon Oct 18 17:37:52 2010 us=32   config = 'pers-ext.ovpn'
Mon Oct 18 17:37:52 2010 us=32   mode = 0
Mon Oct 18 17:37:52 2010 us=32   show_ciphers = DISABLED
Mon Oct 18 17:37:52 2010 us=32   show_digests = DISABLED
Mon Oct 18 17:37:52 2010 us=32   show_engines = DISABLED
Mon Oct 18 17:37:52 2010 us=32   genkey = DISABLED
Mon Oct 18 17:37:52 2010 us=32   key_pass_file = '[UNDEF]'
Mon Oct 18 17:37:52 2010 us=32   show_tls_ciphers = DISABLED
Mon Oct 18 17:37:52 2010 us=32 Connection profiles [default]:
Mon Oct 18 17:37:52 2010 us=32   proto = tcp-client
Mon Oct 18 17:37:52 2010 us=32   local = '[UNDEF]'
Mon Oct 18 17:37:52 2010 us=32   local_port = 0
Mon Oct 18 17:37:52 2010 us=32   remote = '132.231.254.253'
Mon Oct 18 17:37:52 2010 us=32   remote_port = 1198
Mon Oct 18 17:37:52 2010 us=32   remote_float = DISABLED
Mon Oct 18 17:37:52 2010 us=32   bind_defined = DISABLED
Mon Oct 18 17:37:52 2010 us=32   bind_local = DISABLED
Mon Oct 18 17:37:52 2010 us=32   connect_retry_seconds = 15
Mon Oct 18 17:37:52 2010 us=32   connect_timeout = 10
Mon Oct 18 17:37:52 2010 us=32   connect_retry_max = 2
Mon Oct 18 17:37:52 2010 us=32   socks_proxy_server = '[UNDEF]'
Mon Oct 18 17:37:52 2010 us=32   socks_proxy_port = 0
Mon Oct 18 17:37:52 2010 us=32   socks_proxy_retry = DISABLED
Mon Oct 18 17:37:52 2010 us=32 Connection profiles END
Mon Oct 18 17:37:52 2010 us=32   remote_random = DISABLED
Mon Oct 18 17:37:52 2010 us=32   ipchange = '[UNDEF]'
Mon Oct 18 17:37:52 2010 us=32   dev = 'tun'
Mon Oct 18 17:37:52 2010 us=32   dev_type = '[UNDEF]'
Mon Oct 18 17:37:52 2010 us=32   dev_node = '[UNDEF]'
Mon Oct 18 17:37:52 2010 us=32   lladdr = '[UNDEF]'
Mon Oct 18 17:37:52 2010 us=32   topology = 1
Mon Oct 18 17:37:52 2010 us=32   tun_ipv6 = DISABLED
Mon Oct 18 17:37:52 2010 us=32   ifconfig_local = '[UNDEF]'
Mon Oct 18 17:37:52 2010 us=32   ifconfig_remote_netmask = '[UNDEF]'
Mon Oct 18 17:37:52 2010 us=32   ifconfig_noexec = DISABLED
Mon Oct 18 17:37:52 2010 us=32   ifconfig_nowarn = DISABLED
Mon Oct 18 17:37:52 2010 us=32   shaper = 0
Mon Oct 18 17:37:52 2010 us=32   tun_mtu = 1500
Mon Oct 18 17:37:52 2010 us=32   tun_mtu_defined = ENABLED
Mon Oct 18 17:37:52 2010 us=32   link_mtu = 1500
Mon Oct 18 17:37:52 2010 us=32   link_mtu_defined = DISABLED
Mon Oct 18 17:37:52 2010 us=32   tun_mtu_extra = 0
Mon Oct 18 17:37:52 2010 us=32   tun_mtu_extra_defined = DISABLED
Mon Oct 18 17:37:52 2010 us=32   fragment = 0
Mon Oct 18 17:37:52 2010 us=32   mtu_discover_type = -1
Mon Oct 18 17:37:52 2010 us=32   mtu_test = 0
Mon Oct 18 17:37:52 2010 us=32   mlock = DISABLED
Mon Oct 18 17:37:52 2010 us=32   keepalive_ping = 0
Mon Oct 18 17:37:52 2010 us=32   keepalive_timeout = 0
Mon Oct 18 17:37:52 2010 us=32   inactivity_timeout = 0
Mon Oct 18 17:37:52 2010 us=32   ping_send_timeout = 0
Mon Oct 18 17:37:52 2010 us=32   ping_rec_timeout = 0
Mon Oct 18 17:37:52 2010 us=32   ping_rec_timeout_action = 0
Mon Oct 18 17:37:52 2010 us=32   ping_timer_remote = DISABLED
Mon Oct 18 17:37:52 2010 us=32   remap_sigusr1 = 0
Mon Oct 18 17:37:52 2010 us=32   explicit_exit_notification = 0
Mon Oct 18 17:37:52 2010 us=32   persist_tun = ENABLED
Mon Oct 18 17:37:52 2010 us=32   persist_local_ip = DISABLED
Mon Oct 18 17:37:52 2010 us=32   persist_remote_ip = DISABLED
Mon Oct 18 17:37:52 2010 us=32   persist_key = ENABLED
Mon Oct 18 17:37:52