Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 7th December 2007, 21:12
DrJohn DrJohn is offline
Join Date: Aug 2007
Location: Portland, OR, USA
Posts: 66
Thanks: 8
Thanked 2 Times in 2 Posts
Default OpenVPN DHCP, DNS problems

<Gutsy, OpenVPN 2.0.9, Shorewall 3.4.4, Samba 3.0.26 as PDC, dhcpd is running>

Shorewall server policy is configured for open access between loc <--> vpn and $FW<--> vpn (vpn is the separate zone established for openVPN). OpenVPN is in a routing configuration. Samba is running as PDC and WINS is enabled.

The WinXP Pro laptop's firewall is on with ports 1024-2096 open, and it reports no blocked packets.

I have no problems establishing a tunnel from the laptop either 1) when connected directly to the Internet (on a spare fixed IP address), or 2) from behind a NATed corporate firewall at work.

Once connected, however, I encounter several problems.

1) I only can connect to the server and the other systems on its local LAN using their IP addresses; network names don't work. This is true for SSH, NetHood shares, Remote Desktop Connections. For the server I can use either its openVNP or its local IP of

The corporate LAN on which the laptop sits uses subnets and, separate from anything on the vpn or the local LAN.

From a WinXP system on the LAN I can use network names internally, but the laptop doesn't appear in the NetHood. From a Gutsy client setup on the LAN I see the server and the WinXP machines, but not the laptop.

It doesn't make any difference if I explicitly enable NetBIOS over TCP/IP in the Tap adapter or not.

So, routing is up but SMB or NetBIOS aren't hitting the vpn.

Here's the relevant part of smb.conf:

   passdb backend = tdbsam
   security = user
   username map = /etc/samba/smbusers
   name resolve order = bcast wins host lmhosts
   domain logons = yes
   preferred master = yes
   wins support = yes

   #Control net access
   hosts allow = 192.168.2. 192.168.3. 10.8.0. localhost
   interfaces = eth0 eth2 vpn lo
   bind interfaces only = yes

2) I get one DHCP lease renewal error in the WinXP application event log with a timestamp that matches the time that the tunnel was established:
The IP address lease for the Network Card with network address 00FF2B6ED103 has been denied by the DHCP server (The DHCP Server sent a DHCPNACK message).
ipconfig on the laptop reveals that it was given as DHCP server address for the Tap-Win32 adapter (it also has for DNS and WINS servers as pushed from openVPN's server).

This isn't really a problem but may be a symptom of another related issue.

Any comments, hints, suggestions on how to get network browsing to work on OpenVPN are greatly appreciated.

-- Dr John

Reply With Quote
Sponsored Links


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
DNS server problems sulfuric Installation/Configuration 1 8th October 2007 18:17
DNS Configuration Problems VMartins Installation/Configuration 10 24th July 2007 15:40
Unable send receive emails vassilis3 Installation/Configuration 15 19th May 2007 15:34
No SPF record. beryl Installation/Configuration 6 17th May 2007 20:52
dns problems rayit General 2 24th August 2006 19:04

All times are GMT +2. The time now is 23:27.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.