Turning on OpenVPN client breaks ping for 15min after router reboot

5 posts / 0 new
Last post
Piotr.Dobrogost
Piotr.Dobrogost's picture
Turning on OpenVPN client breaks ping for 15min after router reboot

I have vpnkong 22200M running on WNR 3500L. After enabling OpenVPN client (and disabling firewall) pinging public hosts does not work for the first 15 minutes after router reboot. What's interesting is that at the same time

1. DNS lookup works

C:\Users\Piotr>nslookup onet.pl
Server:  router
Address:  192.168.1.1

Non-authoritative answer:
Name:    onet.pl
Address:  213.180.141.140

2. Pinging ip address instead of domain name works as well

C:\Users\Piotr>ping 213.180.141.140

Pinging 213.180.141.140 with 32 bytes of data:
Reply from 213.180.141.140: bytes=32 time=21ms TTL=56
Reply from 213.180.141.140: bytes=32 time=20ms TTL=56
Reply from 213.180.141.140: bytes=32 time=20ms TTL=56
Reply from 213.180.141.140: bytes=32 time=20ms TTL=56

Ping statistics for 213.180.141.140:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 20ms, Maximum = 21ms, Average = 20ms

What could be the reason?

Below is nat table as shown by iptables:

root@router:~# iptables -t nat -L -v
Chain PREROUTING (policy ACCEPT 63 packets, 6419 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DNAT       tcp  --  any    any     anywhere             213-238-64-4.adsl.inetia.pl tcp dpt:www to:192.168.1.1:80
    0     0 DNAT       tcp  --  any    any     anywhere             213-238-64-4.adsl.inetia.pl tcp dpt:https to:192.168.1.1:22
    0     0 DNAT       icmp --  any    any     anywhere             213-238-64-4.adsl.inetia.pl to:192.168.1.1
    8   402 TRIGGER    0    --  any    any     anywhere             213-238-64-4.adsl.inetia.pl TRIGGER type:dnat match:0 relate:0

Chain POSTROUTING (policy ACCEPT 8 packets, 1410 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MASQUERADE  0    --  any    tun1    anywhere             anywhere
   21  2426 SNAT       0    --  any    ppp0    192.168.1.0/24       anywhere            to:213.238.64.4
    0     0 MASQUERADE  0    --  any    any     anywhere             anywhere            mark match 0x80000000/0x80000000

Chain OUTPUT (policy ACCEPT 8 packets, 1410 bytes)
 pkts bytes target     prot opt in     out     source               destination

mmajunkie
mmajunkie's picture
What does the messages say

What does the messages say from your router, after the tunnel is up?

Piotr.Dobrogost
Piotr.Dobrogost's picture
What kind of message do you

What kind of message do you mean?

mmajunkie
mmajunkie's picture
Router Logs...If you do cat

Router Logs...If you do cat /var/log/messages after you run OpenVPN.

Subhra
Subhra's picture
I guess you have to enable

I guess you have to enable "System Log" option in "Services" tab for getting the logs.