Hi Guys,
Boy!! I must be getting really old. Some of this stuff is just not making any sense to me. Hi HI.
I finally have all my routing (/24) from the ISP to the 44 network worked out. Matter of fact, I am
able to use the OpenVPN client with no issue on a windows box. It is displaying the 44 address with no issues.
( I think I have it right.) I am able to access the internet with no issues.
To the hard part. I am using an Ubiquiti EdgeRouter10X. I have been able to get the Edge to connect to the
VPN server, but beyond that, I am unable to use a static address on any of my other devices and be able to
access the internet.
Here is some of the errors I am getting. Some of the error messages I am getting are :
Mar 3 13:23:23 ubnt openvpn[1839]: TCP/UDP: Preserving recently used remote address: [AF_INET]44.108.2.2:1194 Mar 3 13:23:23 ubnt openvpn[1839]: Socket Buffers: R=[180224->180224] S=[180224->180224] Mar 3 13:23:23 ubnt openvpn[1839]: UDP link local: (not bound) Mar 3 13:23:23 ubnt openvpn[1839]: UDP link remote: [AF_INET]44.108.2.2:**** ( hinden ) Mar 3 13:23:23 ubnt openvpn[1839]: write UDP: Network is unreachable (code=128) Mar 3 13:23:23 ubnt openvpn[1839]: Network unreachable, restarting Mar 3 13:23:23 ubnt openvpn[1839]: SIGUSR1[soft,network-unreachable] received, process restarting Mar 3 13:23:23 ubnt openvpn[1839]: Restart pause, 20 second(s)
The version of
Mar 3 13:23:23 ubnt openvpn[1839]: TCP/UDP: Preserving recently used remote address: [AF_INET]44.108.2.2:1194 Mar 3 13:23:23 ubnt openvpn[1839]: Socket Buffers: R=[180224->180224] S=[180224->180224] Mar 3 13:23:23 ubnt openvpn[1839]: UDP link local: (not bound) Mar 3 13:23:23 ubnt openvpn[1839]: UDP link remote: [AF_INET]44.108.2.2:1194 Mar 3 13:23:23 ubnt openvpn[1839]: write UDP: Network is unreachable (code=128) Mar 3 13:23:23 ubnt openvpn[1839]: Network unreachable, restarting Mar 3 13:23:23 ubnt openvpn[1839]: SIGUSR1[soft,network-unreachable] received, process restarting Mar 3 13:23:23 ubnt openvpn[1839]: Restart pause, 20 second(s)
The OS on the Edge is v.09 Hot fix. I am hoping to use some of the other ports for other eth (1-8 ) ports on the switch for other devices on the 44 network. Allstar, DX cluster, BPQ, Winlink etc.
Guys, be gentle with me. I feel as dumb as a rock right now.
Any help would be appreciated.
Angelo
I may be in somewhat of the same situation. I have my /24 subnet set up with VULTR and have installed OpenVPN on my instance with them. I added by gateway address, 44.18.51.1 to the NIC card on the VPS so can now ping that. The OpenVPN server assigns me an address from the 44.18.51.x range however I cannot access other 44net services and others are not seeing my OpenVPN assigned address when I am active. I note that when using "whatismyip" I am still coming up with the VULTR public address rather than my AMPR address or gateway address. Perhaps I have something configured wrong in OpenVPN server or am I missing a series of DNS entries for each OpenVPN client instances?
Thank you,
Keith AI6BX
On 3/3/21, 11:36 AM, "44Net on behalf of Angelo via 44Net" <44net-bounces+ai6bx=arrl.net@mailman.ampr.org on behalf of 44net@mailman.ampr.org> wrote:
Hi Guys,
Boy!! I must be getting really old. Some of this stuff is just not making any sense to me. Hi HI.
I finally have all my routing (/24) from the ISP to the 44 network worked out. Matter of fact, I am
able to use the OpenVPN client with no issue on a windows box. It is displaying the 44 address with no issues.
( I think I have it right.) I am able to access the internet with no issues.
To the hard part. I am using an Ubiquiti EdgeRouter10X. I have been able to get the Edge to connect to the
VPN server, but beyond that, I am unable to use a static address on any of my other devices and be able to
access the internet.
Here is some of the errors I am getting. Some of the error messages I am getting are :
Mar 3 13:23:23 ubnt openvpn[1839]: TCP/UDP: Preserving recently used remote address: [AF_INET]44.108.2.2:1194 Mar 3 13:23:23 ubnt openvpn[1839]: Socket Buffers: R=[180224->180224] S=[180224->180224] Mar 3 13:23:23 ubnt openvpn[1839]: UDP link local: (not bound) Mar 3 13:23:23 ubnt openvpn[1839]: UDP link remote: [AF_INET]44.108.2.2:**** ( hinden ) Mar 3 13:23:23 ubnt openvpn[1839]: write UDP: Network is unreachable (code=128) Mar 3 13:23:23 ubnt openvpn[1839]: Network unreachable, restarting Mar 3 13:23:23 ubnt openvpn[1839]: SIGUSR1[soft,network-unreachable] received, process restarting Mar 3 13:23:23 ubnt openvpn[1839]: Restart pause, 20 second(s)
The version of
> Mar 3 13:23:23 ubnt openvpn[1839]: TCP/UDP: Preserving recently used > remote address: [AF_INET]44.108.2.2:1194 > Mar 3 13:23:23 ubnt openvpn[1839]: Socket Buffers: R=[180224->180224] > S=[180224->180224] > Mar 3 13:23:23 ubnt openvpn[1839]: UDP link local: (not bound) > Mar 3 13:23:23 ubnt openvpn[1839]: UDP link remote: > [AF_INET]44.108.2.2:1194 > Mar 3 13:23:23 ubnt openvpn[1839]: write UDP: Network is unreachable > (code=128) > Mar 3 13:23:23 ubnt openvpn[1839]: Network unreachable, restarting > Mar 3 13:23:23 ubnt openvpn[1839]: SIGUSR1[soft,network-unreachable] > received, process restarting > Mar 3 13:23:23 ubnt openvpn[1839]: Restart pause, 20 second(s) > The OS on the Edge is v.09 Hot fix. I am hoping to use some of the other ports for other eth (1-8 ) ports on the switch for other devices on the 44 network. Allstar, DX cluster, BPQ, Winlink etc.
Guys, be gentle with me. I feel as dumb as a rock right now.
Any help would be appreciated.
Angelo
_________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
You need to add at least two outgoing static routes to force using 44.18.51.1 as your source.
ip route add 0.0.0.0/1 via 44.18.51.1 dev ens3 (or whatever your interface is called ip route add 128.0.0.0/1 via 44.18.51.1 dev ens3
The reason this works, is because the netmask (/1) is longer than the mask of the default route (/0)
You can add post-up instructions to /etc/network/interfaces, so this is always in place.
Also make sure you have disabled any NAT. Most OpenVPN instruction sets, assume you want to NAT your clients to the server address. You do not want that.
Yep, I have the two instances however will have to look at the NAT to see if that is disabled in OpenVPN as that is not something I looked at upon set up.
On 3/21/21, 10:26 AM, "44Net on behalf of Dave Gingrich via 44Net" <44net-bounces+ai6bx=arrl.net@mailman.ampr.org on behalf of 44net@mailman.ampr.org> wrote:
You need to add at least two outgoing static routes to force using 44.18.51.1 as your source.
ip route add 0.0.0.0/1 via 44.18.51.1 dev ens3 (or whatever your interface is called ip route add 128.0.0.0/1 via 44.18.51.1 dev ens3
The reason this works, is because the netmask (/1) is longer than the mask of the default route (/0)
You can add post-up instructions to /etc/network/interfaces, so this is always in place.
Also make sure you have disabled any NAT. Most OpenVPN instruction sets, assume you want to NAT your clients to the server address. You do not want that.
-- Dave K9DC Indianapolis
> On Mar 21, 2021, at 12:25, Keith Kasin via 44Net 44net@mailman.ampr.org wrote: > > I may be in somewhat of the same situation. I have my /24 subnet set up with VULTR and have installed OpenVPN on my instance with them. I added by gateway address, 44.18.51.1 to the NIC card on the VPS so can now ping that. The OpenVPN server assigns me an address from the 44.18.51.x range however I cannot access other 44net services and others are not seeing my OpenVPN assigned address when I am active. I note that when using "whatismyip" I am still coming up with the VULTR public address rather than my AMPR address or gateway address. Perhaps I have something configured wrong in OpenVPN server or am I missing a series of DNS entries for each OpenVPN client instances? > > Thank you, > > Keith AI6BX
_________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Dave,
Probably a dumb question but want to clarify before making the edits:
Do you lines below go in the interfaces file where I currently have -
auto lo iface lo inet loopback
allow-hotplug ens3 iface ens3 inet dhcp iface ens3 inet6 auto
or do I drop these in the bird.conf file where I have -
protocol static { route 44.18.51.0/24 via 149.28.84.243; route 44.18.51.1/32 via 149.28.84.243;
I am thinking the latter based on my original set up scripting.
Thanks,
Keith
On 3/21/21, 10:26 AM, "44Net on behalf of Dave Gingrich via 44Net" <44net-bounces+ai6bx=arrl.net@mailman.ampr.org on behalf of 44net@mailman.ampr.org> wrote:
You need to add at least two outgoing static routes to force using 44.18.51.1 as your source.
ip route add 0.0.0.0/1 via 44.18.51.1 dev ens3 (or whatever your interface is called ip route add 128.0.0.0/1 via 44.18.51.1 dev ens3
The reason this works, is because the netmask (/1) is longer than the mask of the default route (/0)
You can add post-up instructions to /etc/network/interfaces, so this is always in place.
Also make sure you have disabled any NAT. Most OpenVPN instruction sets, assume you want to NAT your clients to the server address. You do not want that.
-- Dave K9DC Indianapolis
> On Mar 21, 2021, at 12:25, Keith Kasin via 44Net 44net@mailman.ampr.org wrote: > > I may be in somewhat of the same situation. I have my /24 subnet set up with VULTR and have installed OpenVPN on my instance with them. I added by gateway address, 44.18.51.1 to the NIC card on the VPS so can now ping that. The OpenVPN server assigns me an address from the 44.18.51.x range however I cannot access other 44net services and others are not seeing my OpenVPN assigned address when I am active. I note that when using "whatismyip" I am still coming up with the VULTR public address rather than my AMPR address or gateway address. Perhaps I have something configured wrong in OpenVPN server or am I missing a series of DNS entries for each OpenVPN client instances? > > Thank you, > > Keith AI6BX
_________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
Is your BIRD setup to import default route or are you using a static one? You can set a src ip either way. I do it in bird.conf like so
protocol kernel { learn; scan time 10; import all; export filter { if source = RTS_STATIC then reject; if is_self_net() then reject; krt_prefsrc = 44.18.51.1; accept; }; }
The is_self_net() is custom function to be sure I don't import my own routes and can be left out.
That's for the routers preferred ip. The problem with openvpn clients is likely iptables setup to do NAT. You'll want to remove or restrict the MASQUERADE to not match that subnet which you route. I'd start with removing it unless you had other reasons for it.
Regards, Scott
On Sun, Mar 21, 2021, 12:28 PM Keith Kasin via 44Net 44net@mailman.ampr.org wrote:
I may be in somewhat of the same situation. I have my /24 subnet set up with VULTR and have installed OpenVPN on my instance with them. I added by gateway address, 44.18.51.1 to the NIC card on the VPS so can now ping that. The OpenVPN server assigns me an address from the 44.18.51.x range however I cannot access other 44net services and others are not seeing my OpenVPN assigned address when I am active. I note that when using "whatismyip" I am still coming up with the VULTR public address rather than my AMPR address or gateway address. Perhaps I have something configured wrong in OpenVPN server or am I missing a series of DNS entries for each OpenVPN client instances?
Thank you,
Keith AI6BX
On 3/3/21, 11:36 AM, "44Net on behalf of Angelo via 44Net" <44net-bounces+ai6bx=arrl.net@mailman.ampr.org on behalf of 44net@mailman.ampr.org> wrote:
Hi Guys, Boy!! I must be getting really old. Some of this stuff is just not making any sense to me. Hi HI. I finally have all my routing (/24) from the ISP to the 44 network worked out. Matter of fact, I am able to use the OpenVPN client with no issue on a windows box. It is displaying the 44 address with no issues. ( I think I have it right.) I am able to access the internet with no issues. To the hard part. I am using an Ubiquiti EdgeRouter10X. I have been able to get the Edge to connect to the VPN server, but beyond that, I am unable to use a static address onany of my other devices and be able to
access the internet. Here is some of the errors I am getting. Some of the error messages Iam getting are :
Mar 3 13:23:23 ubnt openvpn[1839]: TCP/UDP: Preserving recently used remote address: [AF_INET]44.108.2.2:1194 Mar 3 13:23:23 ubnt openvpn[1839]: Socket Buffers: R=[180224->180224] S=[180224->180224] Mar 3 13:23:23 ubnt openvpn[1839]: UDP link local: (not bound) Mar 3 13:23:23 ubnt openvpn[1839]: UDP link remote: [AF_INET]44.108.2.2:**** ( hinden ) Mar 3 13:23:23 ubnt openvpn[1839]: write UDP: Network is unreachable (code=128) Mar 3 13:23:23 ubnt openvpn[1839]: Network unreachable, restarting Mar 3 13:23:23 ubnt openvpn[1839]: SIGUSR1[soft,network-unreachable] received, process restarting Mar 3 13:23:23 ubnt openvpn[1839]: Restart pause, 20 second(s) The version of > Mar 3 13:23:23 ubnt openvpn[1839]: TCP/UDP: Preserving recentlyused > remote address: [AF_INET]44.108.2.2:1194 > Mar 3 13:23:23 ubnt openvpn[1839]: Socket Buffers: R=[180224->180224] > S=[180224->180224] > Mar 3 13:23:23 ubnt openvpn[1839]: UDP link local: (not bound) > Mar 3 13:23:23 ubnt openvpn[1839]: UDP link remote: > [AF_INET]44.108.2.2:1194 > Mar 3 13:23:23 ubnt openvpn[1839]: write UDP: Network is unreachable > (code=128) > Mar 3 13:23:23 ubnt openvpn[1839]: Network unreachable, restarting > Mar 3 13:23:23 ubnt openvpn[1839]: SIGUSR1[soft,network-unreachable] > received, process restarting > Mar 3 13:23:23 ubnt openvpn[1839]: Restart pause, 20 second(s) > The OS on the Edge is v.09 Hot fix. I am hoping to use some of the other ports for other eth (1-8 ) ports on the switch for other devices on the 44 network. Allstar, DX cluster, BPQ, Winlink etc.
Guys, be gentle with me. I feel as dumb as a rock right now. Any help would be appreciated. Angelo _________________________________________ 44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
44Net mailing list 44Net@mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net
-
Angelo -
Dave Gingrich -
Keith Kasin -
Scott Nicholas