Forwarding problem

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
N3mesis98
OpenVpn Newbie
Posts: 6
Joined: Sat Nov 22, 2014 6:17 pm

Forwarding problem

Post by N3mesis98 » Sat Nov 22, 2014 7:48 pm

Hello,

I'm currently trying to setup an OpenVPN server following the howto tutorial of this site.
For the moment, I'm able to connect a client to the VPN server, but I'm still unable to forward client's traffic through the VPN.

Here is what I've done for the moment:

server.conf:

Code: Select all

    #server
    proto tcp
    dev tun
    port 443

    #keys
    ca ca.crt
    cert ovh-vpn.crt
    key ovh-vpn.key
    dh dh1024.pem
    tls-auth ta.key 0

    #network
    server 10.9.8.0 255.255.255.0
    push "redirect-gateway def1"
    ;push "dhcp-option DNS 208.67.222.222"
    ;push "dhcp-option DNS 208.67.220.220"
    keepalive 10 60

    #security
    comp-lzo
    persist-key
    persist-tun
    chroot /etc/openvpn/jail

    #log
    status openvpn-status.log
    ;log-append  openvpn.log
    verb 3
    mute 20
client.conf:

Code: Select all

    #client
    client
    dev tun
    proto tcp
    remote server_ip
    resolv-retry infinite
    nobind

    #proxy
    http-proxy-retry
    http-proxy proxy port

    #keys
    ca ca.crt
    cert client.crt
    key client.key
    tls-auth ta.key 1

    #security
    comp-lzo
    persist-key
    persist-tun
    ns-cert-type server

    #output
    verb 3
    mute 20
server forwarding commands:

Code: Select all

    iptables -t nat -A POSTROUTING -s 10.9.8.0/24 -o venet0:0 -j MASQUERADE
resulting iptable:

Code: Select all

    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    10.9.8.2        *               255.255.255.255 UH    0      0        0 tun0
    178.32.35.0     *               255.255.255.0   U     0      0        0 venet0
    10.9.8.0        10.9.8.2        255.255.255.0   UG    0      0        0 tun0
    default         *               0.0.0.0         U     0      0        0 venet0
client forwarding command:

Code: Select all

    route del default
    route add default gw 10.9.8.5
resulting client iptable:

Code: Select all

    Kernel IP routing table
    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    default         10.9.8.5        0.0.0.0         UG    0      0        0 tun0
    10.9.8.1        10.9.8.5        255.255.255.255 UGH   20     0        0 tun0
    10.9.8.5        *               255.255.255.255 UH    0      0        0 tun0
    128.0.0.0       10.9.8.5        128.0.0.0       UG    20     0        0 tun0
Do someone understand where is my error in these manipulations ?
By the way, do someone know a command to check if I'm able to reach the internet throughout the VPN server ?

Thank you all in advance,

Post Reply