Topic: OpenVPN - MULTI: bad source address from client

[jvels]

Hello

I have install the OpenVPN bridge from Firewall-Services.

But i get this error:
Tue Oct 17 21:04:03 2006 client/10.0.0.100:33496 MULTI: bad source address from client 10.0.0.10, packet dropped

Code: [Select]


[root@velsserver openvpn]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
10.0.0.0        0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 br0
0.0.0.0         10.0.0.1        0.0.0.0         UG    0      0        0 eth1


My SME box lan ip: 192.168.0.1
     SME box wan ip: 10.0.0.10

My client: 10.0.0.100

Some ideas whats wrong?  

Best Regrads
Jesper Vels

[Daniel B.]

Well, your route seems to be good, can you post your /etc/openvpn/server.conf ?
maybe it can help me debugging this.

[jvels]

Here are server.conf:

Code: [Select]


#------------------------------------------------------------
#              !!DO NOT MODIFY THIS FILE!!
#
# Manual changes will be lost when this file is regenerated.
#
# Please read the developer's guide, which is available
# at http://wiki.contribs.org/development/
#
# Copyright (C) 1999-2006 Mitel Networks Corporation
#------------------------------------------------------------
port    1194
dev tap0
dh dh1024.pem
ca ca.crt
cert server.crt
key server.key
auth-user-pass-verify ./validate.sh via-env
client-disconnect ./logoff.shduplicate-cn



server-bridge   192.168.0.1     255.255.255.0   192.168.0.101   192.168.0.150
ping 10
ping-restart 120
push "ping 10"
push "ping-restart 120"
push "dhcp-option DOMAIN net.vels.dk"
push "dhcp-option DNS 192.168.0.1"
push "dhcp-option WINS 192.168.0.1"
fragment 1400
mssfix


client-to-client
max-clients 20comp-lzo



status-version 2
log-append /var/log/openvpn/openvpn.log
status openvpn-status.log
verb 3



[jvels]

I  use the bridge openvpn from firewallservice.com with webpanel

[Daniel B.]

The error is here

Code: [Select]

client-to-client
max-clients 20comp-lzo

it should be

Code: [Select]

client-to-client
max-clients 20
comp-lzo

This error comes from a template, I forgot to update the archive. To fix it, edit the file /etc/e-smith/templates/etc/openvpn/server.conf/80clients

and change the line:

Code: [Select]


$OUT .= "max-clients $maxClient";

by this one:

Code: [Select]


$OUT .= "max-clients $maxClient\n";

then expand the template

Code: [Select]

expand-template /etc/openvpn/server.conf

And restart the service

Code: [Select]

/etc/init.d/openvpn restart

I think it should be ok then, I use it on several servers. I'll update the tar archive. For the new version with much more features you'll have to wait more than I thought as I'm working on the integration of trixbox (that you can already test).

Hopes this will fix the pb.
Cheers, daniel

[jvels]

Thanks!!

You my hero!!

Best Regrads
Jesper Vels