OpenVPN cannot ping remote IP routing loop issue after connecting

Sometimes if you have a very basic configuration OpenVPN on the client side for some reason sends all traffic to the OpenVPN server IP through the tun0 which is of course impossible and creates a block or routing loop. 

This is because you need to use your normal ISP/LAN gateway to hit the OpenVPN server if it is remote/offsite as is usually the case.  So if you are connected to the OpenVPN through say a tun0 device and your routing is set to connect to the OpenVPN server via the tun0 device this breaks everything!

Example below:

  I am very familiar with OpenVPN servers but I can't seem to ping the gateway or the DNS server for some reason.

    Mon Jul  9 21:46:56 2018 [access] Peer Connection Initiated with [AF_INET]92.85.42.11:1194
    Mon Jul  9 21:46:58 2018 TUN/TAP device tun0 opened
    Mon Jul  9 21:46:58 2018 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
    Mon Jul  9 21:46:58 2018 /sbin/ip link set dev tun0 up mtu 1500
    Mon Jul  9 21:46:58 2018 /sbin/ip addr add dev tun0 local 10.45.100.14 peer 10.45.100.13
    Mon Jul  9 21:46:58 2018 Initialization Sequence Completed

    route looks good but I cannot ping the gateway

    10.0.0.0        10.45.100.13   255.0.0.0       UG    0      0        0 tun0
    92.85.42.11   10.45.100.13   255.255.255.255 UGH   0      0        0 tun0
    142.232.221.0   10.45.100.13   255.255.255.0   UG    0      0        0 tun0

    10.45.0.0      10.45.100.13   255.255.0.0     UG    0      0        0 tun0
    10.45.100.1    10.45.100.13   255.255.255.255 UGH   0      0        0 tun0
    10.45.100.13   0.0.0.0         255.255.255.255 UH    0      0        0 tun0

    ping 10.45.100.1
    PING 10.45.100.1 (10.45.100.13) 56(84) bytes of data.
    ^C
    --- 10.45.100.1 ping statistics ---
    11 packets transmitted, 0 received, 100% packet loss, time 9999ms

Notice how the route for the VPN server 92.85.42.11 above is going through tun0.  Of course this breaks everything.  How can you connect to the remote IP server when it is going through a tunnel already running to it.  It is basically like a routing loop.  You connect to the Public IP of the OpenVPN server and then you are telling all traffic to that VPN network must first go over the tunnel but really all you've done here is broken the connection to the VPN server!

tun0 IP: 10.45.58.249

fix routing loop:

ip route del 92.85.42.11
 

Simply just delete the erroneous route to the VPN server IP and this will force traffic to pass properly through the tunnel and allow you to stay connected to the VPN tunnel this way and actually use it.  Alternatively you also could have manually specified that the VPN IP of 92.85.42.11 be specifically routed over a particular interface such as 192.168.1.1 or interface such as eth0 or enp3s0 etc..


Tags:

openvpn, ping, ip, routing, connectingsometimes, configuration, server, tun, creates, isp, lan, gateway, offsite, via, servers, dns, jul, peer, initiated, af_inet, do_ifconfig, tt, ipv, did_ifconfig_ipv, _setup, sbin, dev, mtu, addr, initialization, sequence, completed, ug, bytes, statistics, packets, transmitted, packet, vpn, ve, delete, erroneous, alternatively, manually, specified, routed, interface, eth, enp, etc,

Latest Articles

  • How To Upgrade Debian 8,9,10 to Debian 12 Bookworm
  • Linux dhcp dhclient Mint Redhat Ubuntu Debian How To Use Local Domain DNS Server Instead of ISPs
  • Docker dockerd swarm high CPU usage cause solution
  • Docker Minimum Requirements/How Efficient is Docker? How Much Memory Does Dockerd Use?
  • qemu-nbd: Failed to set NBD socket solution qemu-nbd: Disconnect client, due to: Failed to read request: Unexpected end-of-file before all bytes were read
  • apache2 httpd apache server will not start [pid 22449:tid 139972160445760] AH00052: child pid 23248 exit signal Aborted (6) solution Mint Debian Ubuntu Redhat
  • How to use the FTDI USB serial cable to RJ45 adapter to connect to the console on Cisco/Juniper Switch Router Firewall in Linux Ubuntu Debian Redhat
  • How To Setup Python3 in Ubuntu Docker Image for AI Deep Learning
  • How to Configure NVIDIA GPUs with Docker on Ubuntu: A Comprehensive Guide for AI Deep Learning CUDA Solution
  • Linux Ubuntu Mint how to check nameservers when /etc/resolv.conf disabled solution
  • Docker cannot work on other overlayfs filesystems such as ecryptfs won't start overlayfs: filesystem on '/home/docker/overlay2/check-overlayfs-support130645871/upper' not supported as upperdir
  • Linux How To Access Original Contents of Directory Mounted Debian Mint CentOS Redhat Solution
  • ecryptfs how to manually encrypt your existing home directory or other directory
  • How to Reset CIPC Cisco IP Communicator for CME CUCM CallManager
  • Internet Explorer Cannot Download File "Your security settings do not allow for this file to be downloaded." Security Settings Solution
  • Linux How To Upgrade To The Latest Kernel Debian Mint Ubuntu
  • Firefox how to restore and backup saved passwords and history which files/location
  • Linux How To echo as root solution to use tee permission denied solution Ubuntu Debian Mint Redhat CentOS
  • Linux how to keep command line bash process running if you are disconnected or need to logout of SSH remotely
  • Linux swapping too much? How to check the swappiness and stop swapping
    • Copyright © realtechtalk.com 2023