Hi all, my openvpn net worked well for long time, but yesterday, after stopping and rebooting the server with the option "client-to-client" off and on, the win2k clients ( and not the xp and linux clients) stopped to answer to my ping requests.
Please note that they look for the server, and all the connection procedure works perfect. so I see ALL of my clients connected to my server, but the win2k doesn't talk with the server.
I checked the log file in my server, and there is no differences between a linux client and a win2k client.
I reached one of those, and everything seemed regular. i checked in the command line the command "route print" and the I've seen all my rules for my vpn.....
then I tryed to reboot the service and everything are now perfect, I can reach this machine from my linux server now.
The problem is that almost all of this clients are far from me, and I cannot reach them.
Is there a way to tell the server to "reset" all of my clients? all clients are using ccd files.
This is a very worryng situation for me, because many of these clients are many kilometers far from me....
my server conf:
;local a.b.c.d ;daemon
port 1194
;proto tcp proto udp
;dev tap dev tun
;dev-node MyTap
ca keys/ca.crt cert keys/server.crt key keys/server.key # This file should be kept secret
dh keys/dh1024.pem
;server 10.8.0.0 255.255.255.0 server 172.25.50.0 255.255.254.0
ifconfig-pool-persist ipp.txt
;push "route 192.168.10.0 255.255.255.0" ;push "route 192.168.20.0 255.255.255.0"
ccd-exclusive
;client-to-client
keepalive 60 300
user nobody group nogroup
persist-key persist-tun
status openvpn-status.log
log-append /var/log/openvpn/rokepo.log
verb 4
#####################################################
and here's a sample of my clients conf:
client
;dev tap dev tun
;dev-node MyTap
;proto tcp proto udp
remote "my-server ip" 1194
;remote-random
resolv-retry infinite
nobind
persist-key persist-tun
ca ca.crt cert client.crt key client.key
ns-cert-type server
comp-lzo
# Set log file verbosity. verb 3
##############################
thanks for any help or suggestions you can give me
Guido Caliandro