OpenVPN cannot ping remote IP routing loop issue after connecting

Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop. 

This is because you need to use your normal ISP/LAN gateway to hit the OpenVPN server if it is remote/offsite as is usually the case.  So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN server via the tun0 device this breaks everything!

Example below:

  I am very familiar with OpenVPN servers but I can't seem to ping the gateway or the DNS server for some reason.

    Mon Jul  9 21:46:56 2018 [access] Peer Connection Initiated with [AF_INET]92.85.42.11:1194
    Mon Jul  9 21:46:58 2018 TUN/TAP device tun0 opened
    Mon Jul  9 21:46:58 2018 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Mon Jul  9 21:46:58 2018 /sbin/ip link set dev tun0 up mtu 1500
    Mon Jul  9 21:46:58 2018 /sbin/ip addr add dev tun0 local 10.45.100.14 peer 10.45.100.13
    Mon Jul  9 21:46:58 2018 Initialization Sequence Completed


    route looks good but I cannot ping the gateway

    10.0.0.0        10.45.100.13   255.0.0.0       UG    0      0        0 tun0
    92.85.42.11   10.45.100.13   255.255.255.255 UGH   0      0        0 tun0
    142.232.221.0   10.45.100.13   255.255.255.0   UG    0      0        0 tun0

    10.45.0.0      10.45.100.13   255.255.0.0     UG    0      0        0 tun0
    10.45.100.1    10.45.100.13   255.255.255.255 UGH   0      0        0 tun0
    10.45.100.13   0.0.0.0         255.255.255.255 UH    0      0        0 tun0

    ping 10.45.100.1
    PING 10.45.100.1 (10.45.100.13) 56(84) bytes of data.
    ^C
    --- 10.45.100.1 ping statistics ---
    11 packets transmitted, 0 received, 100% packet loss, time 9999ms


Notice how the route for the VPN server 92.85.42.11 above is going through tun0.  Of course this breaks everything.  How can you connect to the remote IP server when it is going through a tunnel already running to it.  It is basically like a routing loop.  You connect to the Public IP of the OpenVPN server and then you are telling all traffic to that VPN network must first go over the tunnel but really all you've done here is broken the connection to the VPN server!

tun0 IP: 10.45.58.249

fix routing loop:

ip route del 92.85.42.11
 

Simply just delete the erroneous route to the VPN server IP and this will force traffic to pass properly through the tunnel and allow you to stay connected to the VPN tunnel this way and actually use it.  Alternatively you also could have manually specified that the VPN IP of 92.85.42.11 be specifically routed over a particular interface such as 192.168.1.1 or interface such as eth0 or enp3s0 etc..


Tags:

openvpn, ping, ip, routing, connectingsometimes, configuration, server, tun, creates, isp, lan, gateway, offsite, via, servers, dns, jul, peer, initiated, af_inet, do_ifconfig, tt, ipv, did_ifconfig_ipv, _setup, sbin, dev, mtu, addr, initialization, sequence, completed, ug, bytes, statistics, packets, transmitted, packet, vpn, ve, delete, erroneous, alternatively, manually, specified, routed, interface, eth, enp, etc,

Latest Articles

  • Debian Ubuntu Mint Howto Create Bridge (br0)
  • How To Control Interface that dhcpd server listens to on Debian based Linux like Mint and Ubuntu
  • LUKS unable to type password to unlock during boot on Debian, Ubuntu and Mint
  • Debian Ubuntu and Linux Mint Broken Kernel After Date - New Extra Module Naming Convention
  • Wordpress overwrites and wipes out custom htaccess rules and changes soluton
  • Apache htaccess and mod_rewrite how to redirect and force all URLs and visitors to the SSL / HTTPS version
  • python 3 pip cannot install mysql module
  • QEMU-KVM won't boot Windows 2016 or 2019 server on an Intel Core i3
  • Virtualbox vbox not starting "No suitable module for running kernel found"
  • Bind / named not responding to queries solution
  • Linux Mint How To Set Desktop Background Image From Bash Prompt CLI
  • ImageMagick Convert PDF Not Authorized
  • ImageMagick Converted PDF to JPEG some files have a black background solution
  • Linux Mint Mate Customize the Lock screen messages and hide username and real name
  • Ubuntu/Gnome/Mint/Centos How To Take a partial screenshot
  • ssh how to verify your host key / avoid MIM attacks
  • Cisco IP Phone CP-8845 8800/8900 Series How To Reset To Factory Settings Instructions
  • ls how to list ONLY directories
  • How to encrypt your SSH private key file id_rsa
  • Linux Mint 18 Disable User Name List from showing on Login Screen