cancel
Showing results for 
Search instead for 
Did you mean: 

OpenVPN

FIXED
Anonymous
Not applicable

Re: OpenVPN

This value is entered into the Destination IP Address / Prefix Length field, in your case :

10.8.0.0/24

The metric field is the size of your TCP I/O Buffer and should be set (if required) to the same value used in your router. I think 1478 but yours may be different.

 Edit:- This is wrong Roll_eyes see post 66 for the correct description.

mssystems
Aspiring Pro
Posts: 290
Thanks: 45
Fixes: 1
Registered: ‎10-08-2007

Re: OpenVPN

1194 UDP is already forwarded, i wouldn't get connected to the VPN otherwise.
windows 10 firewall... where am i adding this route? i don't see anywhere that specifically lets you add a route. you can add an app though?

You know, people pay me good money to do absolutely everything for them Wink

 

You don't add routes to a firewall, you add rules. 

Control panel, Windows Firewall, Advanced settings, Inbound Rules (right click), New Rule, Custom, Scope, local = any remote = 10.8.0.0/24, Allow (always), All profiles, Name 'Open VPN' Description 'Allow all from encrypted tunnel'

Enabling RRAS enables IP Forwarding, implicitly.  It won't hurt to do the registry hack but you don't _need_ it, as well.  One of the other would do.

[edit] And no, you don't need to forward UDP and TCP.  Just UDP, will do.

 

 

chenks76
All Star
Posts: 3,274
Thanks: 336
Fixes: 12
Registered: ‎24-10-2013

Re: OpenVPN

the other static route already set is for the public IP

ip 212.xxx.xxx.xxx/32
gateway 0.0.0.0
interface pppoa
metric blank

i'm looking thru the various screens on the router to see if i can find any reference to TCP I/O buffer

Anonymous
Not applicable

Re: OpenVPN


@chenks76 wrote:
i'm looking thru the various screens on the router to see if i can find any reference to TCP I/O buffer

You'll find this value is called Metric, I was simply letting you what it was.

Also not really convinced that is a valid 'route'. But as @mssystems says try the firewall rule.

chenks76
All Star
Posts: 3,274
Thanks: 336
Fixes: 12
Registered: ‎24-10-2013

Re: OpenVPN

well i can now ping 192.168.1.x address when connected to VPN after adding that static route with a metric of 1478.
I haven't touched the windows firewall.

mssystems
Aspiring Pro
Posts: 290
Thanks: 45
Fixes: 1
Registered: ‎10-08-2007

Re: OpenVPN

The metric field is the size of your TCP I/O Buffer and should be set (if required) to the same value used in your router. I think 1478 but yours may be different.

WTF. 

The Metric field is the 'priority' the route has in the routing table - Lowest value first.  You can probably leave it for the router to sort out.  If you really must give it a value, 5, or any arbitrary value is likely to do.

1478 is the MTU.  Maximum Transmit Unit - Or, the number of bits before the router fragments the packet.  You should not need to adjust the MTU, as Open VPN is clever enough to do it for you.

 

Anonymous
Not applicable

Re: OpenVPN

Embarrassed Oops!

chenks76
All Star
Posts: 3,274
Thanks: 336
Fixes: 12
Registered: ‎24-10-2013

Re: OpenVPN

right so....
OpenVPN connects.
i can ping any 192.168.1.x address
i can connect to my local network devices.
so far so good.

so the question is. whilst i am connected to the VPN, when i load a webpage is that routing thru my own VPN/Plusnet connection, or does that still use the mobile data connection.
for example, if i set my router to block a particular website but my mobile provider doesn't. when connected to the VPN would that website be blocked? (this is just an example to test the VPN).
mssystems
Aspiring Pro
Posts: 290
Thanks: 45
Fixes: 1
Registered: ‎10-08-2007

Re: OpenVPN

Also not really convinced that is a valid 'route'. But as @mssystems says try the firewall rule.

The route, source = 212.?.?.?/32 dest = 0.0.0.0/0 Interface = PPP, is the router's default route.

If you open a cmd prompt and type

route print

You will see the default route entry in your PC's routing table, with the router's address in the gateway field.

 

mssystems
Aspiring Pro
Posts: 290
Thanks: 45
Fixes: 1
Registered: ‎10-08-2007

Re: OpenVPN

so the question is. whilst i am connected to the VPN, when i load a webpage is that routing thru my own VPN/Plusnet connection, or does that still use the mobile data connection.

What you are talking about is known as a 'split tunnel'  Can't remember what the default it but there are Open VPN directives to configure the client's default gateway dynamically.  Easiest way to check is to install a trace-route app on your phone.

 

chenks76
All Star
Posts: 3,274
Thanks: 336
Fixes: 12
Registered: ‎24-10-2013

Re: OpenVPN

i already have such a tool installed (have bene using it for the pings).
when doing a tracert on bbc.co.uk the resulting route appears to be the same regardless of whether on VPN or data.
Anonymous
Not applicable

Re: OpenVPN

mssystems
Aspiring Pro
Posts: 290
Thanks: 45
Fixes: 1
Registered: ‎10-08-2007

Re: OpenVPN

i already have such a tool installed (have bene using it for the pings).
when doing a tracert on bbc.co.uk the resulting route appears to be the same regardless of whether on VPN or data.

Then it would appear you have a split tunnel. 

If you trace to 192.168.1.254 (your routers LAN interface) you should see your Open VPN server in the hop path.

 

chenks76
All Star
Posts: 3,274
Thanks: 336
Fixes: 12
Registered: ‎24-10-2013

Re: OpenVPN

that one was just a musing really.
as long as i can "talk" to the local network devices then that is all i really need for now.
mssystems
Aspiring Pro
Posts: 290
Thanks: 45
Fixes: 1
Registered: ‎10-08-2007

Re: OpenVPN

Not a word of thanks.  Wow!