search

OpenVPN / openvpn

OpenVPN is an open source VPN daemon
http://openvpn.net
Other
10.25k stars 2.92k forks source link

problem with dns assignment #528

Closed joksik closed 3 months ago

joksik commented 3 months ago

New computer with Windows 11, all Windows updates installed. Clean install of openvpn 2.6.10. On the previous computer, the same certificate worked without any errors or problems with DNS address assignment. I tried both wintun and openvpn-dco network card. When I connect to the OpenVPN server I have an error 

2024-03-27 13:57:49 INET address service: add 172.16.1.11/24
2024-03-27 13:57:53 TUN: adding IPv4 dns failed using service: [Unknown Win32 Error] [status=3221225477 if_name=Local Area Connection]
2024-03-27 13:57:53 DNS domain set using service

The OpenVPNServiceInteractive service runs in the background, I also ran openvpn-gui as administrator the error still occurred. I also added a new network card and reinstalled OpenVPN.

For now, I solved the problem by manually entering dsn on the virtual network card Local Area Connection and everything including the domain connection works fine. I'm just wondering what the problem could be that openvpn-gui cannot assign DNS to the network card itself (the card only receives an IP address).

in the Windows application logs, before the error occurred, I only had an error regarding "netsh", i.e. the Windows firewall

ps: when I end the connection, I also get a error that DNS domain deleted using service is failed

lstipakov commented 3 months ago

status=3221225477 means STATUS_ACCESS_VIOLATION, which comes from the service. Check if there are any errors reported by the service in the event log.

selvanair commented 3 months ago

Try setting dns from command line and it may give a clue if it errors. From an elevated command prompt, do: netsh interface ip add dns <ifname> <dns-server-ip> validate=no Replace <ifname> and <dns-server-ip> by values you are trying to set.

The log shows the interface name as "Local Area Connection" -- does that really correspond to the tun interface or is it obfuscated in the logs? The service may also log an error to the event log though it may not be more useful.

joksik commented 3 months ago

thanks for the quick reply. This morning I reinstalled Windows (factory default) with another language You won't believe the error still exists on a clean install. I do all stetps. So when i try from cmd add netsh interface ip add dns <ifname> <dns-server-ip> validate=no i dont have any errors on cmd screen1 i change verb from 3 to 9 and i have identical logs, no additional information

`2024-03-28 08:26:18 us=890000 INET address service: add 172.16.1.11/24 2024-03-28 08:26:18 us=890000 Setting IPv4 dns servers on 'Połączenie lokalne 2' (if_index = 6) using service 2024-03-28 08:26:22 us=312000 TUN: adding IPv4 dns failed using service: [Unknown Win32 Error] [status=3221225477 if_name=Połączenie lokalne 2] 2024-03-28 08:26:22 us=312000 Setting dns domain on 'Połączenie lokalne 2' (if_index = 6) using service 2024-03-28 08:26:22 us=500000 DNS domain set using service 2024-03-28 08:26:22 us=500000 IPv4 MTU set to 1500 on interface 6 using service

2024-03-28 08:33:14 us=62000 Closing DCO interface 2024-03-28 08:33:14 us=62000 Deleting WINS servers on 'Połączenie lokalne 2' (if_index = 6) using service 2024-03-28 08:33:17 us=328000 TUN: deleting WINS failed using service: [Unknown Win32 Error] [status=3221225477 if_name=Połączenie lokalne 2] 2024-03-28 08:33:17 us=328000 Deleting dns domain on 'Połączenie lokalne 2' (if_index = 6) using service 2024-03-28 08:33:20 us=390000 TUN: deleting dns domain failed using service: [Unknown Win32 Error] [status=3221225477 if_name=Połączenie lokalne 2] 2024-03-28 08:33:20 us=390000 Deleting IPv4 dns servers on 'Połączenie lokalne 2' (if_index = 6) using service 2024-03-28 08:33:24 us=15000 TUN: deleting IPv4 dns failed using service: [Unknown Win32 Error] [status=3221225477 if_name=Połączenie `

i check also event log and i have in event logs this error: screen2

and logs from Application error a few seconds earlier

Nazwa aplikacji powodującej błąd: netsh.exe, wersja: 10.0.22621.1, sygnatura czasowa: 0x13af0815 Nazwa modułu powodującego błąd: netsh.exe, wersja: 10.0.22621.1, sygnatura czasowa: 0x13af0815 Kod wyjątku: 0xc0000005 Przesunięcie błędu: 0x0000000000005399 Identyfikator procesu powodującego błąd: 0x0x4410 Godzina uruchomienia aplikacji powodującej błąd: 0x0x1DA80E369B08762 Ścieżka aplikacji powodującej błąd: C:\WINDOWS\system32\netsh.exe Ścieżka modułu powodującego błąd: C:\WINDOWS\system32\netsh.exe Identyfikator raportu: 591be505-6802-49a5-b389-0f85fd7c5b18 Pełna nazwa pakietu powodującego błąd: Identyfikator aplikacji względem pakietu powodującego błąd:

i also download older version of OpenVPN 2.6.6 and 2.6.8 and i have the same error.

I don't understand why, after freshly installing the system, I only installed one OpenVPN application (no antivirus or any additional firewall) and unfortunately it doesn't work :/ maybe Microsoft broke something in recent updates?

ps: if this is important i have use Windows 11 Version 23H2 22631.3374

joksik commented 3 months ago

I found similar reports about netsh crash with vpn https://www.reddit.com/r/sysadmin/comments/13f679i/netshexe_crashes_wont_run_at_all/ so the error is not due to openvpn but, as I suspected to windows update probably some recent update is messing it up. I reinstalled Windows this time version 10 instead of 11 and everything works fine so you can close issue. Unfortunately, we will no longer find out what caused the error.