Netgate m1n1wall

Author Topic: One client connects perfectly... other does not  (Read 1435 times)

0 Members and 1 Guest are viewing this topic.

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
One client connects perfectly... other does not
« on: March 07, 2012, 10:21:47 am »
I have setup openvpn at home and I can access it perfectly from my work desktop. The problem is that I am able to "connect" to it from my work laptop but I cannot access any computers. I cannot even ping the pfsense firewall. I am a little confused as to why this is happening. Does anyone have any thoughts as to why it works from my work desktop but not my work laptop? I am using two different accounts. Either work fine from the desktop, neither work from laptop. I have updated my laptop with all updates and I have disabled my local firewall.

Both machines are running Win7. Desktop is connected with ethernet and laptop is wifi. I have tried to use the vpn from different sources of internet and it is the same result.

Thank you in advance

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14976
  • Karma: +4/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #1 on: March 07, 2012, 10:53:21 am »
Are you running the client as Administrator?

OpenVPN requires admin-level access, and if you have UAC on it will need to be set to run as admin. Though if you have UAC off it may just work without doing anything else special.

Also make sure you aren't using the same certificate for both and trying to be on at the same time, or they'd end up getting the same IP and conflicting (unless you checked the duplicate cn option)
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #2 on: March 07, 2012, 11:42:23 am »
Yep, I have UAC off. I also tried by running as admin. Same results. Its really wierd... Also, I am using different certs.. I have tried two different ones and it is the same result

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #3 on: March 07, 2012, 12:35:33 pm »
I notice that I am running TAP-Win32 Adapter V8 on the laptop and V9 on the desktop. Is there a way for me to upgrade to V9?

I think that might be the problem

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14976
  • Karma: +4/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #4 on: March 07, 2012, 12:47:34 pm »
Just re-run the client installer, it should update everything. Or to be sure, uninstall it first then reinstall. It should leave the config alone.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #5 on: March 07, 2012, 01:11:10 pm »
I tried that too...

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #6 on: March 07, 2012, 02:06:25 pm »
Just tried the 2.1 beta and it wont install.. compatibility issues with the TAP driver

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #7 on: March 09, 2012, 08:49:56 am »
Does anyone have any ideas? Please let me know. Im at a point where I am about to go back to ubuntu or centos

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14976
  • Karma: +4/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #8 on: March 09, 2012, 09:07:04 am »
Check "route print" from a command prompt, see if you're actually getting routes. Try to do a traceroute and see where it goes.
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #9 on: March 09, 2012, 09:29:09 am »
Ah, thats a great idea. Thank you for getting back to me so quickly. I will test that out and post the results.

Thank you again

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #10 on: March 13, 2012, 09:00:08 am »
For some reason, now, I get auth failure when I try to connect to my vpn on any device.. i recreated the user account's cert and verified the password but it fails every time.. ugh.

Any thoughts?

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #11 on: March 13, 2012, 09:22:42 am »
I completely recreated the user accounts and certs and it appears to be working again. Still unable to access other network computers from laptop tho. I will try your previous suggestion and post results

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
Re: One client connects perfectly... other does not
« Reply #12 on: March 13, 2012, 09:42:45 am »
Ok so I am getting routes:


===========================================================================
Interface List
 18...00 ff 86 39 89 9c ......TAP-Win32 Adapter V8 #2
 12...00 18 de 21 75 76 ......Intel(R) PRO/Wireless 3945ABG Network Connection
 11...00 15 c5 a6 47 12 ......Broadcom NetXtreme 57xx Gigabit Controller
  1...........................Software Loopback Interface 1
 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    10.168.66.254     10.168.66.26     25
      10.168.66.0    255.255.255.0         On-link      10.168.66.26    281
     10.168.66.26  255.255.255.255         On-link      10.168.66.26    281
    10.168.66.255  255.255.255.255         On-link      10.168.66.26    281
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      172.10.10.4  255.255.255.252         On-link       172.10.10.6    286
      172.10.10.6  255.255.255.255         On-link       172.10.10.6    286
      172.10.10.7  255.255.255.255         On-link       172.10.10.6    286
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       172.10.10.6    286
        224.0.0.0        240.0.0.0         On-link      10.168.66.26    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       172.10.10.6    286
  255.255.255.255  255.255.255.255         On-link      10.168.66.26    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 14   1140 ::/0                     2002:c058:6301::c058:6301
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:5ef5:79fb:1403:3bd1:bec2:8b98/128
                                    On-link
 14   1040 2002::/16                On-link
 14    296 2002:ac0a:a06::ac0a:a06/128
                                    On-link
 18    286 fe80::/64                On-link
 12    281 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::1403:3bd1:bec2:8b98/128
                                    On-link
 18    286 fe80::292d:671e:abec:8227/128
                                    On-link
 12    281 fe80::ece8:ce7c:d89a:4593/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 18    286 ff00::/8                 On-link
 12    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None


------------------------------------------------------------------------------------------------------------------------------------------

I flushed dns and cleared the routing table, restarted and same results. Tracert showed the connection trying to go to 192.168.64.64... I have no idea what that ip is. It isnt on any of my networks on this one

Offline inzel

  • Jr. Member
  • **
  • Posts: 27
  • Karma: +0/-0
    • View Profile
SOLVED: Re: One client connects perfectly... other does not
« Reply #13 on: March 13, 2012, 01:43:01 pm »
SOLVED!!

Awesome. I really excited about this. In order to resolve this issue, I first, completely uninstalled OpenVPN from my laptop. (again) I then created a new user on the firewall. I made a cert for this user as well. Then, and this is the big difference... I exported the windows installer instead of the files themselves. I emailed that to myself and downloaded it to my laptop. I installed it, and noticed that it installed TAP 0901...

I tried to log in and it worked. I then tried to access my other computers, and it worked flawlessly. I hope this helps someone else out in the future!