OpenVPN
FIXED- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Other forums
- :
- Tech Help - Software/Hardware etc
- :
- OpenVPN
Re: OpenVPN
05-11-2016 9:39 AM - edited 05-11-2016 10:07 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
This value is entered into the Destination IP Address / Prefix Length field, in your case :
10.8.0.0/24
The metric field is the size of your TCP I/O Buffer and should be set (if required) to the same value used in your router. I think 1478 but yours may be different.
Edit:- This is wrong see post 66 for the correct description.
Re: OpenVPN
05-11-2016 9:42 AM - edited 05-11-2016 9:45 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
1194 UDP is already forwarded, i wouldn't get connected to the VPN otherwise.
windows 10 firewall... where am i adding this route? i don't see anywhere that specifically lets you add a route. you can add an app though?
You know, people pay me good money to do absolutely everything for them
You don't add routes to a firewall, you add rules.
Control panel, Windows Firewall, Advanced settings, Inbound Rules (right click), New Rule, Custom, Scope, local = any remote = 10.8.0.0/24, Allow (always), All profiles, Name 'Open VPN' Description 'Allow all from encrypted tunnel'
Enabling RRAS enables IP Forwarding, implicitly. It won't hurt to do the registry hack but you don't _need_ it, as well. One of the other would do.
[edit] And no, you don't need to forward UDP and TCP. Just UDP, will do.
Re: OpenVPN
05-11-2016 9:44 AM - edited 05-11-2016 10:07 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
the other static route already set is for the public IP
ip 212.xxx.xxx.xxx/32
gateway 0.0.0.0
interface pppoa
metric blank
i'm looking thru the various screens on the router to see if i can find any reference to TCP I/O buffer
Re: OpenVPN
05-11-2016 9:58 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@chenks76 wrote:
i'm looking thru the various screens on the router to see if i can find any reference to TCP I/O buffer
You'll find this value is called Metric, I was simply letting you what it was.
Also not really convinced that is a valid 'route'. But as @mssystems says try the firewall rule.
Re: OpenVPN
05-11-2016 10:01 AM - edited 05-11-2016 10:03 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
well i can now ping 192.168.1.x address when connected to VPN after adding that static route with a metric of 1478.
I haven't touched the windows firewall.
Re: OpenVPN
05-11-2016 10:02 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
The metric field is the size of your TCP I/O Buffer and should be set (if required) to the same value used in your router. I think 1478 but yours may be different.
WTF.
The Metric field is the 'priority' the route has in the routing table - Lowest value first. You can probably leave it for the router to sort out. If you really must give it a value, 5, or any arbitrary value is likely to do.
1478 is the MTU. Maximum Transmit Unit - Or, the number of bits before the router fragments the packet. You should not need to adjust the MTU, as Open VPN is clever enough to do it for you.
Re: OpenVPN
05-11-2016 10:03 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Oops!
Re: OpenVPN
05-11-2016 10:12 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
OpenVPN connects.
i can ping any 192.168.1.x address
i can connect to my local network devices.
so far so good.
so the question is. whilst i am connected to the VPN, when i load a webpage is that routing thru my own VPN/Plusnet connection, or does that still use the mobile data connection.
for example, if i set my router to block a particular website but my mobile provider doesn't. when connected to the VPN would that website be blocked? (this is just an example to test the VPN).
Re: OpenVPN
05-11-2016 10:14 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Also not really convinced that is a valid 'route'. But as @mssystems says try the firewall rule.
The route, source = 212.?.?.?/32 dest = 0.0.0.0/0 Interface = PPP, is the router's default route.
If you open a cmd prompt and type
route print
You will see the default route entry in your PC's routing table, with the router's address in the gateway field.
Re: OpenVPN
05-11-2016 10:19 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
so the question is. whilst i am connected to the VPN, when i load a webpage is that routing thru my own VPN/Plusnet connection, or does that still use the mobile data connection.
What you are talking about is known as a 'split tunnel' Can't remember what the default it but there are Open VPN directives to configure the client's default gateway dynamically. Easiest way to check is to install a trace-route app on your phone.
Re: OpenVPN
05-11-2016 10:25 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
when doing a tracert on bbc.co.uk the resulting route appears to be the same regardless of whether on VPN or data.
Re: OpenVPN
05-11-2016 10:27 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
You might find this of use:
https://openvpn.net/index.php/open-source/documentation/howto.html#redirect
Re: OpenVPN
05-11-2016 10:32 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
i already have such a tool installed (have bene using it for the pings).
when doing a tracert on bbc.co.uk the resulting route appears to be the same regardless of whether on VPN or data.
Then it would appear you have a split tunnel.
If you trace to 192.168.1.254 (your routers LAN interface) you should see your Open VPN server in the hop path.
Re: OpenVPN
05-11-2016 10:32 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
as long as i can "talk" to the local network devices then that is all i really need for now.
Re: OpenVPN
07-11-2016 8:52 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Not a word of thanks. Wow!
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page