Pesky OpenVPN Issue - Solved 28 Jun, 2006
This has been hounding me for a while. I had OpenVPN working just great on both Mac and PC clients, talking to a (Debian) Linux server. I had all the option for redirect-gateway on, had ipv4_forward enabled, and had all the iptables rules in place like they ought to be. Then all of a sudden, things stopped working.
After rebuilding first the sever, then the Mac, it was still not working. The error is as follows (and would happen with every packet):
Wed Jun 28 16:06:03 2006 farnsworth/a.b.c.d:50424 MULTI: bad source address from client [a.b.c.d], packet dropped
Where, of course, a.b.c.d is the real ip address of the client.
I let this simmer for the past two months or so but it finally came to me today
after reading the man page for ifconfig on the mac.
sudo ifconfig tun0 metric -1
Yes, that’s all it needs. None of this fancy ccd stuff, or esoteric routes. The mac just needs to know that the packets “ought to” originate from the tunneled interface, then all the automatic routes from openvpn take over and get it from point A to point B.