Find this post interesting? Do you like interesting things? Maybe you would like my invention, a connectible candle called a WickBrick!
Get one here http://wickbrick.etsy.com/
So I love openVPN, but it was just being a thorn in my side the other day. It would happen no matter what version of openVPN I was using (Openvpn gui 2.0.9, and 2.1_rc13) I spent all day trying to get it fixed. It was very strange because up until recently it had been rock solid. I think some windows update may have changed something, or possibly XP service pack 3? Anyways the symptoms:
The VPN would connect, then Route: Waiting for TUN/TAP interface to come up….
TEST ROUTES: 0/0 succeeeded len=3 ret=0 a=0 u/d=down
It would cycle like this for a long time and then
Initialization Sequence Completed With Errors [see http://openvpn.net/faq.html#dhcpclientserv ]
After a minute or two the virtual TAP adapter would grab a APIPA address instead. You know those stupid 169.x.x.x addresses.
From the error message and the behavior I surmised that it was having a problem grabbing an address via DHCP through the tunnel. Through much searching on the Internet I finally found a post that resolved my issue. Good ol Alessandro Cirelli, who ever he might be, bless his soul wrote this post
His words “The problem is known (the openvpn website explain that) after installing XP ServicePack 2, there are some problem with windows firewall and TAPI network adapter in configuration with a dhcp openvpn server.”
1. Install OpenVpn 2.1 Rc7 (tha last at this time)
2. Disable Or configure firewall for TAP Interface
3. Download devcon.exe from Microsoft website http://support.microsoft.com/kb/311272
4. Rename the TAP connection in MyTap
5. Identify the interface ID on TAP interface using : devcon hwids =net @root\NET\*
In my case tap0901
6. Create two .bat file in the OpenVPN config directory:
devcon enable tap0901
devcon disable tap0901
OpenVPN Gui launch this two file when start and close the connection ( note the name of the configfile )
remote server 1194
tls-auth ta.key 1
8. Start OpenVpn (using ConfigFileName file of course )
Another information, if you have the same subnet network class at home and at office you have to setting the metric of a TAP interface at a lower value than Etherter connection metric.
I have found this solution to work for me.
I did have to add the ‘append the DNS suffixes’ and add my domain, since the netsh method appears to not push the domain suffix. (Oh if you have TCP/IP properties open while initiating netsh it will fail!)
I haven’t tested whether I really need to enable and disable the device, or whether I really need a 30 second delay (10 appears to work just fine). But these settings do appear to fix my openVPN connection.
During the search I found a few other solutions that may help,
netsh int ip reset logfile.txt
netsh winsock reset catalog
A cool tool that I ran across as well is
netsh diag gui
It’s possible that this hotfix would address the issue as well
It’s possible that this is related as well
[…] https://michaelellerbeck.com/2008/10/27/openvpn-client-hangs-on-dhcp-renewal-gets-apipa-address-inste… […]