By using AWS re:Post, you agree to the Terms of Use

Clientvpn, error on linux client when adding route number 63

0

Hi, we have a very rare problem with aws clientvpn, we have 62 routes/authorizations and the service works fine, we have windows clients with clientvpn software and linux clients with openvpn software.

But, when we add the route number 63, windows clients go fine, but linux clients (all of them) fails with messages like this:

...

55.0,route 10.53.4.0 255.255.255.0,route 10.1.124.0 255.255.255.0,route 10.105.0.0 255.255.0.0,route 172.25.246.0 255.255.255.0,route 172.24.191.0 255.255.255.0,route 172.25.182.0 255.255.255.0,route 10.55.36.0 255.255.255.0,route 10.53.132.0 255.255.255.0,route 172.25.196.0 255.255.255.0,route 172.25.76.0 255.255.255.0,route-gateway 10.200.0.129,topology subnet,ping 1,ping-restart 20,ifconfig'
2022-03-24 09:14:12 Options error: Unrecognized option or missing or extra parameter(s) in [PUSH-OPTIONS]:68: ifconfig (2.5.6)
2022-03-24 09:14:12 OPTIONS IMPORT: timers and/or timeouts modified
2022-03-24 09:14:12 OPTIONS IMPORT: --ifconfig/up options modified
2022-03-24 09:14:12 OPTIONS IMPORT: route options modified
2022-03-24 09:14:12 OPTIONS IMPORT: route-related options modified
2022-03-24 09:14:12 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
2022-03-24 09:14:12 Using peer cipher 'AES-256-GCM'
2022-03-24 09:14:12 Outgoing Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-03-24 09:14:12 Incoming Data Channel: Cipher 'AES-256-GCM' initialized with 256 bit key
2022-03-24 09:14:12 net_route_v4_best_gw query: dst 0.0.0.0
2022-03-24 09:14:12 net_route_v4_best_gw result: via 192.168.0.1 dev enx000ec675f0d5
2022-03-24 09:14:12 ROUTE_GATEWAY 192.168.0.1/255.255.255.0 IFACE=enx000ec675f0d5 HWADDR=00:0e:c6:75:f0:d5
2022-03-24 09:14:12 TUN/TAP device tun0 opened
2022-03-24 09:14:12 WARNING: OpenVPN was configured to add an IPv4 route. However, no IPv4 has been configured for tun0, therefore the route installation may fail or may not work as expected.
2022-03-24 09:14:12 net_route_v4_add: 10.203.0.0/16 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed
2022-03-24 09:14:12 net_route_v4_add: 10.204.0.0/16 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed
2022-03-24 09:14:12 net_route_v4_add: 10.202.0.0/16 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed
2022-03-24 09:14:12 net_route_v4_add: 10.52.12.0/24 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed
2022-03-24 09:14:12 net_route_v4_add: 10.24.0.0/24 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed
2022-03-24 09:14:12 net_route_v4_add: 10.201.0.0/16 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed
2022-03-24 09:14:12 net_route_v4_add: 10.53.8.0/24 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed
2022-03-24 09:14:12 net_route_v4_add: 172.24.224.0/24 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed
2022-03-24 09:14:12 net_route_v4_add: 10.1.28.0/24 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed
2022-03-24 09:14:12 net_route_v4_add: 172.24.0.0/24 via 10.200.0.129 dev [NULL] table 0 metric -1
2022-03-24 09:14:12 sitnl_send: rtnl: generic error (-101): Network is unreachable
2022-03-24 09:14:12 ERROR: Linux route add command failed

...

Any help is welcome, thanks in advance!

Bye,

1 Answer
0

Hello Angel, Thank you for reaching out. To clearly understand and bifurcate, You are using CVPN endpoint and have the below client software's: Windows Client- AWS Client Linux Client- Open VPN Client When you add more than 63 routes you face an issue.

If I understand your issue correctly, the best place to ask the questions regarding the same & with the detailed logs would be the Open VPN portal where you can post the same and connect with a wider audience using the same. Since it is not an AWS controlled client, it is very difficult to try and reproduce the same. To the best of my knowledge, this should not happen on the linux client if you have the correct routing command unless there is some device level issues blocking the same due to internal settings. Also, the client logs has been taken on the device or the Open VPN client ? Is there any detailed logs that can be enabled and pushed to be see details ? Also, try checking the device level logs to check for limits. Adding to that, I can also see that the limits mentioned on the routing are not OS dependent and are common for both on the Client VPN endpoint side. https://docs.aws.amazon.com/vpn/latest/clientvpn-admin/limits.html

Hope this helps. Thanks & stay safe. Feel free to reach out in case of any queries.

Thanks & stay safe

SUPPORT ENGINEER
answered 6 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions