Opened 3 years ago
Closed 15 months ago
#1339 closed Bug / Defect (worksforme)
Windows 10 BitLocker Conflict with TAP Protocol
Reported by: | digitizedme | Owned by: | |
---|---|---|---|
Priority: | major | Milestone: | |
Component: | tap-windows6 | Version: | |
Severity: | Not set (select this one, unless your'e a OpenVPN developer) | Keywords: | |
Cc: | Samuli Seppänen |
Description
Host: ASUS RT-AX88U, Asuswrt-Merlin 384.19
Host OpenVPN Version: OpenVPN 2.4.9 arm-buildroot-linux-gnueabi
Client OS: Windows 10 Pro Version 2004
Client OpenVPN Versions: openvpn-install-2.4.4-I601, openvpn-install-2.4.9-I601-Win10, OpenVPN-2.5-rc2-I601-amd64
Problem: Connecting from Windows client with BitLocker? protection enabled, to host with TAP proto causes disconnect and host reboot.
Cause: BitLocker? protection enabled on client Windows OS drive.
Solution: Suspend BitLocker? protection and reconnect to host.
Cannot reproduce problem on any other client devices (Android, macOS) using same configuration and certificates.
Cannot reproduce problem on any other Windows client devices with BitLocker? disabled.
Change History (4)
comment:1 Changed 3 years ago by
comment:2 Changed 3 years ago by
Cc: | Samuli Seppänen added |
---|---|
Component: | Generic / unclassified → tap-windows6 |
Owner: | set to jamesyonan |
I have no idea how BitLocker? can interfere with network drivers, and why it would be an issue for --dev tap
and not for --dev tun
(from the windows side, it does not see the difference, it is handled by the tuntap driver internally).
The standard method for "any problems with tap driver" is "uninstall openvpn and the tap driver, remove all tap interfaces, reboot, then install 2.5.0" - if that doesn't help, something in this windows client is beyond our powers to repair.
comment:3 Changed 3 years ago by
Owner: | jamesyonan deleted |
---|---|
Status: | new → assigned |
comment:4 Changed 15 months ago by
Resolution: | → worksforme |
---|---|
Status: | assigned → closed |
I have been testing this for a week and cannot find a consistent way to resolve the conflict with TAP config on the host and on the Windows 10 2004 client. Using TUN config on the host appears to be the only solution.
Although BitLocker? suspended/disabled does appear to have an affect on the reliability of the TAP connection, the host still does a force reboot over time.
I believe this to be a problem with only one client device, although resulting in a forced reboot might be a problem with the host device.