OpenVPN on Windows guest : routes not working after migration from Hyper-V

Fred91

New Member
Aug 20, 2010
13
0
1
Hello,

I have an OpenServer (installed using openvpn.se version) installed on a Windows XP VM which was running fine with Hyper-V.

OpenVPN is configured to assign an IP to the client (192.168.50.x) and a route is added to access our local network (192.168.2.x). User Authentication is done against our active directory on our local network (192.168.2.x)

Since I migrated this VM to Proxmox, clients can still connect to OpenVPN (they get an IP 192.168.50.x) but can't access to the local network (users can authenticate through AD, routes are created on the client but they can't ping machines in this network).

Nothing has changed on the VM excepted the network card :
In Hyper-V I used the Hyper-V network card.
In Proxmox, I used first a virtio card then changed it to e1000 with Intel Pro/1000 drivers.

I also recreated the bridge on Windows between the TAP Adapter and the e100 card but it doesn't change anything.

Here is my server.ovpn :

port 1194
proto udp
dev tap
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
ifconfig-pool-persist ipp.txt
server-bridge 192.168.50.1 255.255.255.0 192.168.50.2 192.168.50.253
push "route 192.168.2.0 255.255.255.0"
push "dhcp-option DOMAIN <my active directory domain>"
push "dhcp-option DNS 192.168.2.<ip of first dns server>"
push "dhcp-option DNS 192.168.2.<ip of second dns server>"
client-to-client
keepalive 10 120
tls-auth ta.key 0
comp-lzo
user <my user>
persist-key
persist-tun
status openvpn-status.log
verb 6
auth-user-pass-verify Auth4OpenVPN.vbs via-env


Do you have any idea on how to solve this problem ? Is there something to setup on the proxmox network card ?

Thanks for your help.

Fred
 
Last edited:
how did you migrate? do you use the same mac for the nic? so the winxp network setup will not be changed.
 
Thank you for your reply.

I created a new VM on Proxmox, with a new empty disk and a network card, then I used qemu-img convert to convert my vhd and replaced my empty disk.

So, the network card doesn't have the same MAC, but the IP configuration of the network card has been configured correctly (this machine has a static IP).

Fred
 
I am not that openvpn on win expert but maybe the mac change is playing a role here. can you try it using the same mac to test?
 
I can't get the MAC I used on Hyper-V as the machine has been deleted on Hyper-V.

I managed to make it work using direct IP from our local network (ie, the client gets an IP 192.168.2.x instead of 192.168.50.x).
But, I have defined routes to other networks which still doesn't work (they were also working fine on Hyper-V).

So I think it's really a routing problem but I can't determine if it comes from my Windows guest or from Proxmox host (my VM network card is using vmbr0).

Fred
 
I can't get the MAC I used on Hyper-V as the machine has been deleted on Hyper-V.

I managed to make it work using direct IP from our local network (ie, the client gets an IP 192.168.2.x instead of 192.168.50.x).
But, I have defined routes to other networks which still doesn't work (they were also working fine on Hyper-V).

So I think it's really a routing problem but I can't determine if it comes from my Windows guest or from Proxmox host (my VM network card is using vmbr0).

Fred
Hi,
three things which reminds me:
1. do you have deletet the old (hidden) Networkadapter (perhaps there you see the mac)?
2. do you use the e1000-driver from the intel-website (not the windows one)?
3. do you try to disable the firewall? Of course only for a very short time.

Udo
 
I checked hidden network card, but I'm afraid the Hyper-V card has been removed when I uninstalled the Hyper-V guest additions.

For the e1000 card, I used the Intel drivers and Firewall is off. The problem was exclty the same when I used the Virtio network card (that's why I switched to e1000, without succes)

Excepted the routing problem with openVPN, the network is working fine. We have other services wich are running without any problem (I can ping hosts on remote networks that I can't access through openvpn).

Fred
 
I managed to make OpenVPN work with routes by changing the default gateway in the server-bridge variable to our gateway IP (before, it was set to the IP of the server).

However, I still can't use the internal OpenVPN DHCP as routing doesn't work.

Fred
 
I managed to make OpenVPN work with routes by changing the default gateway in the server-bridge variable to our gateway IP (before, it was set to the IP of the server).

However, I still can't use the internal OpenVPN DHCP as routing doesn't work.

Fred
Hi Fred,
sure that all hidden nics are removed?
Has you tried this method?
Code:
Click Start, click Run, type cmd.exe, and then press ENTER.
Type set devmgr_show_nonpresent_devices=1, and then press ENTER.
Type Start DEVMGMT.MSC, and then press ENTER.
Click View, and then click Show Hidden Devices.
Expand the Network Adapters tree.
Right-click the dimmed network adapter, and then click Uninstall.

Udo
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!