Opened 6 years ago
Closed 3 years ago
#1065 closed Bug / Defect (invalid)
OpenVPN 2.4.6 Not NAT on Windows Server 2012 R2
| Reported by: | frans_a4 | Owned by: | |
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | Generic / unclassified | Version: | OpenVPN 2.4.6 (Community Ed) |
| Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
| Cc: |
Description
OpenVPN 2.4.6 (server-mod) on Windows Server 2012 R2-x64 connects but Not NAT Or there is a problem with TAP driver, And Clients are connected but they do not have the Internet.
More Tests:
Windows Server 2012 R2-64 / OpenVPN-Server Mod:
openvpn-install-2.4.6-I601.exe : Clients can Conncet to open-vpn server but not have any ping Or ability to open the web-page.
openvpn-install-2.4.6-I602.exe : Clients can Conncet to open-vpn server but not have any ping Or ability to open the web-page.
openvpn-install-2.3.14-I601-x86_64.exe : works Fine
openvpn-install-2.3.18-I602-x86_64.exe : works Fine
Windows Server 2016 Standard / OpenVPN-Server Mod:
openvpn-install-2.4.6-I602.exe : works Fine
Change History (5)
comment:1 Changed 6 years ago by
comment:2 Changed 6 years ago by
I've been NAT with routing and remote access on Windows Server 2012 R2 And set IPEnableRouter=1 in windows registry. routing and remote access-Service is also Started after OpenVPN-Service.
The primary network card (which has the Internet) receives the IP from the DHCP.
OpenVPN 2.4.6-I602-Config:
(Server):
proto tcp port 1194 dev tun route-metric 1 ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt" cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.crt" key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\server.key" dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh4096.pem" server 10.8.0.0 255.255.255.0 push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" keepalive 10 120 comp-lzo persist-key persist-tun route-delay 2 tap-sleep 3 status openvpn-status.log verb 3
(client):
client dev tun proto tcp remote <SERVER-IP> 1194 resolv-retry infinite nobind persist-key persist-tun route-delay 1 3 comp-lzo verb 3 <ca> MY CA </ca> <cert> MY CERT </cert> <key> MY KEY </key>
comment:3 Changed 6 years ago by
As 2.3 works but 2.4 does not, NAT is unlikely to be the issue. Look at the server and clients logs (at verb = 4) for any possible errors. Is it only external access that is affected? -- can a client successfully ping the server IP? What version does the client run?
comment:4 Changed 6 years ago by
@frans_a4 is this still an issue? If so, any chance you could provide the information asked by selvanair?
comment:5 Changed 3 years ago by
| Milestone: | release 2.4.6 |
|---|---|
| Resolution: | → invalid |
| Status: | new → closed |
| Version: | → OpenVPN 2.4.6 (Community Ed) |
We can't fix anything without the requested information.
(Especially if 2.4.6 works fine on Server 2016 but not on 2012r2, it's unlikely to be an OpenVPN issue)
Where is the server running? Who is supposed to do the NAT? Please provide configs and logs of the device that should do the NAT.
OpenVPN is normally not doing NAT at all on the server side, so this bug report is lacking many details to understand what is going on.