Comments (9)
DimitriPapadopoulos
commented on July 18, 2024
1
First things first, which is the version of pppd and where did you get openfortivpn from?
If the version of pppd is < 2.5.0, then openfortivpn should have been built with --enable-legacy-pppd. If that's not the case:
- report it as a bug to the packagers,
- use
ipcp-accept-remoteas a workaround, as you do.
from openfortivpn.
DimitriPapadopoulos
commented on July 18, 2024
1
You have to use the routes proposed by the server, as that's often part of the implicit contract when using corporate VPN servers.
I don't know what Luci web is. We don't maintain it and the error is probably in Lucy web.
from openfortivpn.
DimitriPapadopoulos
commented on July 18, 2024
For the rest, it's hard to tell without actual routes and IP addresses. Do you ping DNS hostnames or IP addresses?
from openfortivpn.
DimitriPapadopoulos
commented on July 18, 2024
4G mobile network works ok.
With Hughes satellite connection I have problems.
Could be an MTU problem. Satellite connections may have lower MTU values than usual. Look for MTU values in the output of ip addr in either case. Try Troubleshooting MTU size over IPSEC VPN.
from openfortivpn.
antoniovalenzuela
commented on July 18, 2024
First things first, which is the version of
pppdand where did you get openfortivpn from?If the version of
pppdis < 2.5.0, then openfortivpn should have been built with--enable-legacy-pppd. If that's not the case:
- report it as a bug to the packagers,
- use
ipcp-accept-remoteas a workaround, as you do.
pppd version 2.4.9
openfortivpn from https://mirror-03.infra.openwrt.org/releases/23.05.3/packages/arm_cortex-a9_vfpv3-d16/packages/
from openfortivpn.
antoniovalenzuela
commented on July 18, 2024
For the rest, it's hard to tell without actual routes and IP addresses. Do you ping DNS hostnames or IP addresses?
With ipcp-accept-remote
ping to IP address no response and the route exist
Forticlient Windows without connection issue through Satellite.
from openfortivpn.
antoniovalenzuela
commented on July 18, 2024
4G mobile network works ok.
With Hughes satellite connection I have problems.Could be an MTU problem. Satellite connections may have lower MTU values than usual. Look for MTU values in the output of
ip addrin either case. Try Troubleshooting MTU size over IPSEC VPN.
It's SSL VPN TCP 443.
from openfortivpn.
antoniovalenzuela
commented on July 18, 2024
New background Sat connection.
The console connection (with ipcp-accept-remote) has no problems, the routes work properly.
Luci web connection connected, but without ping response.
I checked the scripts, maybe some need to be modified
from openfortivpn.
antoniovalenzuela
commented on July 18, 2024
Luci use the arg "no-routes"
/lib/netifd/proto/openfortivpn.sh
[ -n "$port" ] && port=":$port"
append_args "$peeraddr$port" --ifname="$ifname" --use-syslog -c /dev/null
append_args "--set-dns=0"
append_args "--no-routes"
append_args "--pppd-use-peerdns=1"
no-routes with ipcp-accept-remote assign this routing table (wrong way)
181.212.X.X * 255.255.255.255 UH 0 0 0 ppp0
only ipcp-accept-remote (default routes yes)
181.212.X.X lte 255.255.255.255 UGH 0 0 0 eth1
Where 181.212.X,X is the remote VPN server.
My routes are manual in OpenWRT.
When commeting or discard this arg, assumes the routes provided by the server and the connectivity to the destination works.
#append_args "--no-routes"
I prefer not to use the routes assigned by the server. I think it is better for me to use the Windows client when using the satellite connection.
from openfortivpn.
Related Issues (20)
- Invalid session ID error when trying to connect from a different network HOT 5
- Use private key file from Windows?
- macOS 14.2.1 and 1.21.0 blocks HOT 5
- modify firewall HOT 3
- connecting with @ in username and context in host HOT 3
- Empty cookie error after server upgrade from 7.2.7 to 7.2.8 HOT 10
- "Error writing to SSL connection" on FreeBSD
- 405 Method Not Allowed HOT 1
- openfortivpn on MAC gets stuck HOT 6
- openfortivpn version 1.22.0
- Wrong value in the 'Accept-Encoding' header HOT 2
- openfortivpn version 1.22.1
- IPCP terminated by peer (conflicting remote IP address) HOT 8
- Explain OTP Flag HOT 1
- Older macOS do not provide `vdprintf`: `Undefined symbols: "_vdprintf"` HOT 11
- openfortivpn 1.3.0 not working on ubuntu 24.04 HOT 1
- ERROR: SSL_connect: error:0A000126:SSL routines::unexpected eof while reading, Error happen randomly HOT 7
- Possibly caching issue ? pppd-ipparam
- set resolvectl domains at vpn-up HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openfortivpn.