Disable NAT Firewall for OpenVPN

This forum is for general conversation and user-user networking.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
MRizkBV
OpenVpn Newbie
Posts: 2
Joined: Mon Jun 12, 2017 5:38 am

Disable NAT Firewall for OpenVPN

Post by MRizkBV » Sun Aug 13, 2017 9:17 pm

I simply want OpenVPN to accept all incoming and outgoing traffic from clients connected. I need it mostly for accessing censored websites and services and that also includes gaming. It is giving me a really hard time with gaming as the game consoles are showing NAT as Strict.

I know it is not a limitation in TUN, or OpenVPN in general because I have had VyperVPN before (they use OpenVPN protocol) and it worked perfectly fine when I disabled their NAT Firewall service.

I am really lost and I am not sure what to do. OpenVPN is currently running perfectly fine and I am able to access all websites through it, but whenever I connect the Xbox One console through it (or Xbox app on Windows 10) they immediately fail to communicate with Microsoft and act as if the internet was down.

The script I used to install OpenVPN on a DigitalOcean droplet:

Code: Select all

 https://github.com/Angristan/OpenVPN-install 
Server.conf

Code: Select all

port 1194
proto udp
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 4.2.2.3"
push "dhcp-option DNS 4.2.2.4"
push "redirect-gateway def1 bypass-dhcp" 
client-to-client
crl-verify crl.pem
ca ca.crt
cert server.crt
key server.key
link-mtu 60000
mssfix 59970
dh dh.pem
auth SHA256
cipher AES-128-CBC
status openvpn.log
verb 0
Client.ovpn

Code: Select all

client
proto udp
remote IP ADDRESS(HIDDEN) PORT(HIDDEN)
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
link-mtu 1700
mssfix 1670
auth SHA256
cipher AES-128-CBC
setenv opt block-outside-dns
verb 3
<ca>
-----BEGIN CERTIFICATE-----
HIDDEN INFO
-----END CERTIFICATE-----
</ca>
<cert>
HIDDEN INDO
-----BEGIN CERTIFICATE-----
HIDDEN INFO
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
HIDDEN INFO
-----END PRIVATE KEY-----
</key>
key-direction 1

Post Reply