Groentjuh schreef op woensdag 7 december 2022 @ 09:33:
[...]
Command prompt openen en "route print" zonder quotes intypen en op enter drukken. Dan krijg je de regels te zien, die bepalen waar windows een packet naartoe stuurt. Door de VPN of door wifi/hotspot.
Kun je 192.168.0.1 wel pingen?
Staat er niet iets in de OpenVPN logs (zowel router kant als client?)
Kun je de OpenVPN config aanpassen? Er staat "verb 0" in en kun je dat naar bijvoorbeeld "verb 3" veranderen en dan eens in de OpenVPN log kijken?
C:\Users\XXXX>ping 192.168.0.1 -t
Pinging 192.168.0.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 192.168.0.1:
Packets: Sent = 5, Received = 0, Lost = 5 (100% loss),
Control-C
^C
C:\Users\XXXX>
C:\Users\XXXX>route print
===========================================================================
Interface List
7...00 ff 22 b2 a5 f6 ......Sophos TAP Adapter
15...b4 45 06 33 ee 2d ......Realtek PCIe GbE Family Controller
20...........................Wintun Userspace Tunnel
2...00 ff 01 cb 84 52 ......TAP-Windows Adapter V9
14...cc 15 31 0b 73 dc ......Microsoft Wi-Fi Direct Virtual Adapter #3
6...ce 15 31 0b 73 db ......Microsoft Wi-Fi Direct Virtual Adapter #4
16...cc 15 31 0b 73 db ......Intel(R) Wi-Fi 6 AX201 160MHz
21...cc 15 31 0b 73 df ......Bluetooth Device (Personal Area Network)
1...........................Software Loopback Interface 1
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 172.20.10.1 172.20.10.7 50
127.0.0.0 255.0.0.0 On-link 127.0.0.1 331
127.0.0.1 255.255.255.255 On-link 127.0.0.1 331
127.255.255.255 255.255.255.255 On-link 127.0.0.1 331
172.20.10.0 255.255.255.240 On-link 172.20.10.7 306
172.20.10.7 255.255.255.255 On-link 172.20.10.7 306
172.20.10.15 255.255.255.255 On-link 172.20.10.7 306
224.0.0.0 240.0.0.0 On-link 127.0.0.1 331
224.0.0.0 240.0.0.0 On-link 172.20.10.7 306
255.255.255.255 255.255.255.255 On-link 127.0.0.1 331
255.255.255.255 255.255.255.255 On-link 172.20.10.7 306
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 306 ::/0 fe80::b456:e3ff:fe99:9f64
1 331 ::1/128 On-link
16 306 2a02:a420:19:7ea3::/64 On-link
16 306 2a02:a420:19:7ea3:90ef:95ca:4e6c:ae0c/128
On-link
16 306 2a02:a420:19:7ea3:faa3:d063:b944:8e8a/128
On-link
16 306 fe80::/64 On-link
16 306 fe80::50f4:c96:38f1:712/128
On-link
1 331 ff00::/8 On-link
16 306 ff00::/8 On-link
===========================================================================
Persistent Routes: None
Logbestand met Verb 0:
2022-12-07 09:49:40 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2022-12-07 09:49:40 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
2022-12-07 09:49:41 WARNING: No server certificate verification method has been enabled. See
http://openvpn.net/howto.html#mitm for more info.
2022-12-07 09:49:52 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Logbestand met Verb 3:
2022-12-07 09:52:29 WARNING: Compression for receiving enabled. Compression has been used in the past to break encryption. Sent packets are not compressed unless "allow-compression yes" is also set.
2022-12-07 09:52:29 DEPRECATED OPTION: --cipher set to 'AES-128-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). Future OpenVPN version will ignore --cipher for cipher negotiations. Add 'AES-128-CBC' to --data-ciphers or change --cipher 'AES-128-CBC' to --data-ciphers-fallback 'AES-128-CBC' to silence this warning.
2022-12-07 09:52:29 OpenVPN 2.5.7 Windows-MSVC [SSL (OpenSSL)] [LZO] [LZ4] [PKCS11] [AEAD] built on May 27 2022
2022-12-07 09:52:29 Windows version 10.0 (Windows 10 or greater) 64bit
2022-12-07 09:52:29 library versions: OpenSSL 1.1.1o 3 May 2022, LZO 2.10
2022-12-07 09:52:29 MANAGEMENT: TCP Socket listening on [AF_INET]127.0.0.1:25340
2022-12-07 09:52:29 Need hold release from management interface, waiting...
2022-12-07 09:52:29 MANAGEMENT: Client connected from [AF_INET]127.0.0.1:25340
2022-12-07 09:52:29 MANAGEMENT: CMD 'state on'
2022-12-07 09:52:29 MANAGEMENT: CMD 'log all on'
2022-12-07 09:52:30 MANAGEMENT: CMD 'echo all on'
2022-12-07 09:52:30 MANAGEMENT: CMD 'bytecount 5'
2022-12-07 09:52:30 MANAGEMENT: CMD 'hold off'
2022-12-07 09:52:30 MANAGEMENT: CMD 'hold release'
2022-12-07 09:52:30 WARNING: No server certificate verification method has been enabled. See
http://openvpn.net/howto.html#mitm for more info.
2022-12-07 09:52:30 TCP/UDP: Preserving recently used remote address: [AF_INET]XX.XX.XX.XX:12974
2022-12-07 09:52:30 Socket Buffers: R=[65536->393216] S=[65536->393216]
2022-12-07 09:52:30 UDP link local: (not bound)
2022-12-07 09:52:30 UDP link remote: [AF_INET]XX.XXX.XXX.XX:12974
2022-12-07 09:52:30 MANAGEMENT: >STATE:1670403150,WAIT,,,,,,
2022-12-07 09:52:30 MANAGEMENT: >STATE:1670403150,AUTH,,,,,,
2022-12-07 09:52:30 TLS: Initial packet from [AF_INET]XX.XXX.XX.XX:12974, sid=efb74889 f4eb04b1
2022-12-07 09:52:30 VERIFY OK: depth=1, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=netgear CA, name=EasyRSA, emailAddress=mail@netgear
2022-12-07 09:52:30 VERIFY OK: depth=0, C=TW, ST=TW, L=Taipei, O=netgear, OU=netgear, CN=server, name=EasyRSA, emailAddress=mail@netgear
2022-12-07 09:52:30 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, peer certificate: 1024 bit RSA, signature: RSA-SHA256
2022-12-07 09:52:30 [server] Peer Connection Initiated with [AF_INET]91.195.200.83:12974
2022-12-07 09:52:31 MANAGEMENT: >STATE:1670403151,GET_CONFIG,,,,,,
2022-12-07 09:52:31 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2022-12-07 09:52:31 PUSH: Received control message: 'PUSH_REPLY,ping 10,ping-restart 120,route-delay 10,route 192.168.0.0 255.255.255.0 192.168.0.1,peer-id 2,cipher AES-256-GCM'
2022-12-07 09:52:31 OPTIONS IMPORT: timers and/or timeouts modified
2022-12-07 09:52:31 OPTIONS IMPORT: route options modified
2022-12-07 09:52:31 OPTIONS IMPORT: route-related options modified
2022-12-07 09:52:31 OPTIONS IMPORT: peer-id set
2022-12-07 09:52:31 OPTIONS IMPORT: adjusting link_mtu to 1657
2022-12-07 09:52:31 OPTIONS IMPORT: data channel crypto options modified
2022-12-07 09:52:31 Data Channel: using negotiated cipher 'AES-256-GCM'
2022-12-07 09:52:31 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-12-07 09:52:31 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-12-07 09:52:31 interactive service msg_channel=480
2022-12-07 09:52:31 open_tun
2022-12-07 09:52:31 tap-windows6 device [NETGEAR-VPN] opened
2022-12-07 09:52:31 TAP-Windows Driver Version 9.24
2022-12-07 09:52:31 Successful ARP Flush on interface [2] {01CB8452-67A5-42E4-96AA-7E5613C4DAEF}
2022-12-07 09:52:31 MANAGEMENT: >STATE:1670403151,ASSIGN_IP,,,,,,
2022-12-07 09:52:41 TEST ROUTES: 0/0 succeeded len=-1 ret=1 a=0 u/d=up
2022-12-07 09:52:41 WARNING: OpenVPN was configured to add an IPv4 route. However, no IPv4 has been configured for NETGEAR-VPN, therefore the route installation may fail or may not work as expected.
2022-12-07 09:52:41 MANAGEMENT: >STATE:1670403161,ADD_ROUTES,,,,,,
2022-12-07 09:52:41 C:\WINDOWS\system32\route.exe ADD 192.168.0.0 MASK 255.255.255.0 192.168.0.1
2022-12-07 09:52:41 Route addition via service succeeded
2022-12-07 09:52:41 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2022-12-07 09:52:41 Initialization Sequence Completed
2022-12-07 09:52:41 MANAGEMENT: >STATE:1670403161,CONNECTED,SUCCESS,,XX.XX.XXX.XX,12974,,
2022-12-07 09:56:06 C:\WINDOWS\system32\route.exe DELETE 192.168.0.0 MASK 255.255.255.0 192.168.0.1
2022-12-07 09:56:06 Route deletion via service succeeded
2022-12-07 09:56:06 Closing TUN/TAP interface
Nu krijg ik net als op de windows 10 laptop af en toe een reactie:
Pinging 192.168.0.150 with 32 bytes of data:
Reply from 192.168.0.5: Destination host unreachable.
Reply from 192.168.0.150: bytes=32 time=2109ms TTL=64
Reply from 192.168.0.150: bytes=32 time=29ms TTL=64
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Reply from 192.168.0.150: bytes=32 time=25ms TTL=64
Request timed out.
Request timed out.
Ping statistics for 192.168.0.150:
Packets: Sent = 10, Received = 4, Lost = 6 (60% loss),
Approximate round trip times in milli-seconds:
Minimum = 25ms, Maximum = 2109ms, Average = 721ms
Control-C
[
Voor 3% gewijzigd door
jordy272 op 07-12-2022 10:04
]