VPN Established but not able to connect to internet

[shariff]

Hi,

After many attempts after configuring I manage to connect the VPN from my Android device.
But I am not able browse through internet.

I tried following steps given in many forums but not able connect to the internet.



Here is my server.conf file details:-
server.conf:
==============
local 192.168.200.112
dev tun
proto udp
port 1194
ca ca.crt
cert maxs.crt
key maxs.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0

push "route 192.168.200.0 255.255.255.0"

#push "dhcp-option DOMAIN Max-DataSolutions.com"

push "dhcp-option DNS 192.168.200.0"

push "dhcp-option DNS 8.8.8.8"

push "dhcp-option DNS 8.8.4.4"

keepalive 10 90

log openvpn.log

comp-lzo

push "redirect-gateway def1"

================================================================================

root@Max-DataSolutions:~# iptables -L -v -t nat
Chain PREROUTING (policy ACCEPT 284 packets, 20890 bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 222 packets, 17012 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 49 packets, 3675 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 49 packets, 3675 bytes)
pkts bytes target prot opt in out source destination
712 49401 SNAT all -- any eth0 10.8.0.0/24 anywhere to:192.168.200.112
5 1386 MASQUERADE all -- any any 10.8.0.0/24 anywhere
0 0 MASQUERADE all -- any any 10.8.0.0/24 anywhere
0 0 MASQUERADE all -- any eth0 10.8.0.0/24 anywhere
root@Max-DataSolutions:~#
================================================================================
root@Max-DataSolutions:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.200.1 0.0.0.0 UG 0 0 0 eth0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.200.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
root@Max-DataSolutions:~#
================================================================================
root@Max-DataSolutions:~# ip route
default via 192.168.200.1 dev eth0
10.8.0.0/24 via 10.8.0.2 dev tun0
10.8.0.2 dev tun0 proto kernel scope link src 10.8.0.1
192.168.200.0/24 dev eth0 proto kernel scope link src 192.168.200.112
root@Max-DataSolutions:~#
================================================================================
root@Max-DataSolutions:~# ifconfig
eth0 Link encap:Ethernet HWaddr de:adad:be:ef
inet addr:192.168.200.112 Bcast:192.168.200.255 Mask:255.255.255.0
inet6 addr: fe80::dcad:deff:fead:beef/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3224987 errors:0 dropped:0 overruns:0 frame:0
TX packets:4179048 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1430849933 (1.4 GB) TX bytes:2173706386 (2.1 GB)
Interrupt:51 Base address:0x8000

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:5204 errors:0 dropped:0 overruns:0 frame:0
TX packets:5204 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:19491278 (19.4 MB) TX bytes:19491278 (19.4 MB)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:623 errors:0 dropped:0 overruns:0 frame:0
TX packets:958 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:83203 (83.2 KB) TX bytes:848850 (848.8 KB)

wlan0 Link encap:Ethernet HWaddr 44:33:4c:1b:e1:4c
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)

================================================================================
/etc/network/interfaces output:-
# interfaces(5) file used by ifup(8) and ifdown(8)
# Include files from /etc/network/interfaces.d:
source-directory /etc/network/interfaces.d

auto lo
iface lo inet loopback

#dns-domain Max-DataSolutions.com

#auto eth0
#iface eht0 inet static
#pre-up /etc/firewall-openvpn-rules.sh
#address 192.168.200.112
#netmask 255.255.255.0
#gateway 192.168.200.1
#network 192.168.200.0
#broadcast 192.168.200.255
auto eth0
iface eth0 inet static
pre-up /etc/firewall-openvpn-rules.sh
address 192.168.200.112
netmask 255.255.255.0
gateway 192.168.200.1
================================================================================
firewall-openvpn-rules.sh:-
#!/bin/sh

iptables -t nat -A INPUT -i eth0 -p tcp -dport 1194 -j ACCEPT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 192.168.200.112

#iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source 192.168.1.112

[Traffic]

push "dhcp-option DNS 192.168.200.0"

This is wrong as 200.0 is not a host .. you can remove it as youy are pushing google dns as well.

After that try:

• ping 8.8.8.8
  ping google.com

Post results.

[shariff]

Hi,

As suggested I have removed the entry and restarted by openvpn server and connected to it through android phone.
Earlier when I browsed to my openvpn server 192.168.200.112 I used to see my apache page and I was also able to router page ( 192.168.200.1)
After this change I am not able to see these in the browser. I have attached the ping done on 8.8.8.8
My server.conf looks like this now

Thanks for the quick reply
server.conf
==========
local 192.168.200.112
dev tun
proto udp
port 1194
ca ca.crt
cert maxs.crt
key maxs.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0

push "route 192.168.200.0 255.255.255.0"

#push "dhcp-option DOMAIN Max-DataSolutions.com"

push "dhcp-option DNS 8.8.8.8"

push "dhcp-option DNS 8.8.4.4"

keepalive 10 90

log openvpn.log

comp-lzo

push "redirect-gateway def1"
client-to-client