OpenVPN on Ubuntu 10.04 in OpenVZ container

This forum is for all inquiries relating to the installation of OpenVPN from source and with binaries.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Post Reply
WouterDS
OpenVpn Newbie
Posts: 1
Joined: Sat Mar 03, 2012 8:50 am

OpenVPN on Ubuntu 10.04 in OpenVZ container

Post by WouterDS » Sat Mar 03, 2012 8:59 am

Hello,

I'm relatively new to Linux but I have worked with in the past and was able to setup nginx, mysql & a fully working email server on my VPS.
Now I tried to install OpenVPN on it but got into a few problems. The first one was that the OpenVPN wouldn't start, after Googleing a bit I've found I needed my VPS provider to enable tap/tun. They enabled it and that worked.
Now I've read some things about iptables needs a different rule because it's OpenVZ and I tried it but something is still wrong I think.

I'm able to connect to the VPN but I can't connect "to the outside world". I can't connect to the internet, only local services can be used.
Anyone who can help me with the iptables or tell me what's wrong and how to solve it?

Thanks in advance,
Best regards,
WouterDS

This is the log from the client btw

Code: Select all

2012-03-04 17:01:37 *Tunnelblick: OS X 10.8.0; Tunnelblick 3.2.3 (build 2891.2932)
2012-03-04 17:01:37 *Tunnelblick: Attempting connection with WouterDS VPN; Set nameserver = 0; not monitoring connection
2012-03-04 17:01:37 *Tunnelblick: /Applications/Tunnelblick.app/Contents/Resources/openvpnstart start WouterDS\ VPN.tblk 1337 0 0 0 1 49 -atDASNGWrdasngw 
2012-03-04 17:01:37 *Tunnelblick: openvpnstart: /Applications/Tunnelblick.app/Contents/Resources/openvpn/openvpn-2.2.1/openvpn --cd /Users/WouterDS/Library/Application Support/Tunnelblick/Configurations/WouterDS VPN.tblk/Contents/Resources --daemon --management 127.0.0.1 1337 --config /Users/WouterDS/Library/Application Support/Tunnelblick/Configurations/WouterDS VPN.tblk/Contents/Resources/config.ovpn --log /Library/Application Support/Tunnelblick/Logs/-SUsers-SWouterDS-SLibrary-SApplication Support-STunnelblick-SConfigurations-SWouterDS VPN.tblk-SContents-SResources-Sconfig.ovpn.0_0_0_1_49.1337.openvpn.log --management-query-passwords --management-hold --script-security 2
2012-03-04 17:01:38 *Tunnelblick: openvpnstart message: Loading tun.kext
2012-03-04 17:01:38 *Tunnelblick: Established communication with OpenVPN
2012-03-04 17:01:38 OpenVPN 2.2.1 i386-apple-darwin10.8.0 [SSL] [LZO2] [PKCS11] [eurephia] built on Jan  8 2012
2012-03-04 17:01:38 MANAGEMENT: TCP Socket listening on 127.0.0.1:1337
2012-03-04 17:01:38 Need hold release from management interface, waiting...
2012-03-04 17:01:38 MANAGEMENT: Client connected from 127.0.0.1:1337
2012-03-04 17:01:38 MANAGEMENT: CMD 'pid'
2012-03-04 17:01:38 MANAGEMENT: CMD 'state on'
2012-03-04 17:01:38 MANAGEMENT: CMD 'state'
2012-03-04 17:01:38 MANAGEMENT: CMD 'hold release'
2012-03-04 17:01:38 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2012-03-04 17:01:38 WARNING: file 'wouterds.key' is group or others accessible
2012-03-04 17:01:38 LZO compression initialized
2012-03-04 17:01:38 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
2012-03-04 17:01:38 Socket Buffers: R=[196724->65536] S=[9216->65536]
2012-03-04 17:01:38 MANAGEMENT: >STATE:1330876898,RESOLVE,,,
2012-03-04 17:01:38 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
2012-03-04 17:01:38 Local Options hash (VER=V4): '41690919'
2012-03-04 17:01:38 Expected Remote Options hash (VER=V4): '530fdded'
2012-03-04 17:01:38 UDPv4 link local: [undef]
2012-03-04 17:01:38 UDPv4 link remote: 199.180.129.110:1194
2012-03-04 17:01:38 MANAGEMENT: >STATE:1330876898,WAIT,,,
2012-03-04 17:01:38 MANAGEMENT: >STATE:1330876898,AUTH,,,
2012-03-04 17:01:38 TLS: Initial packet from 199.180.129.110:1194, sid=a1c3c21f c69f5637
2012-03-04 17:01:39 VERIFY OK: depth=1, /C=BE/ST=OV/L=Astene/O=WouterDSVPN/CN=WouterDSVPN_CA/name=Wouter_De_Schuyter/emailAddress=info@wouterds.be
2012-03-04 17:01:39 VERIFY OK: nsCertType=SERVER
2012-03-04 17:01:39 VERIFY OK: depth=0, /C=BE/ST=OV/L=Astene/O=WouterDSVPN/CN=server/name=Wouter_De_Schuyter/emailAddress=info@wouterds.be
2012-03-04 17:01:40 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-03-04 17:01:40 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-03-04 17:01:40 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
2012-03-04 17:01:40 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
2012-03-04 17:01:40 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
2012-03-04 17:01:40 [server] Peer Connection Initiated with 199.180.129.110:1194
2012-03-04 17:01:41 MANAGEMENT: >STATE:1330876901,GET_CONFIG,,,
2012-03-04 17:01:43 *Tunnelblick: Flushed the DNS cache
2012-03-04 17:01:43 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
2012-03-04 17:01:43 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
2012-03-04 17:01:43 OPTIONS IMPORT: timers and/or timeouts modified
2012-03-04 17:01:43 OPTIONS IMPORT: --ifconfig/up options modified
2012-03-04 17:01:43 OPTIONS IMPORT: route options modified
2012-03-04 17:01:43 ROUTE default_gateway=192.168.0.1
2012-03-04 17:01:43 TUN/TAP device /dev/tun0 opened
2012-03-04 17:01:43 MANAGEMENT: >STATE:1330876903,ASSIGN_IP,,10.8.0.6,
2012-03-04 17:01:43 /sbin/ifconfig tun0 delete
                                        ifconfig: ioctl (SIOCDIFADDR): Can't assign requested address
2012-03-04 17:01:43 NOTE: Tried to delete pre-existing tun/tap instance -- No Problem if failure
2012-03-04 17:01:43 /sbin/ifconfig tun0 10.8.0.6 10.8.0.5 mtu 1500 netmask 255.255.255.255 up
2012-03-04 17:01:43 /sbin/route add -net 199.180.129.110 192.168.0.1 255.255.255.255
                                        add net 199.180.129.110: gateway 192.168.0.1
2012-03-04 17:01:43 /sbin/route add -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        add net 0.0.0.0: gateway 10.8.0.5
2012-03-04 17:01:43 /sbin/route add -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        add net 128.0.0.0: gateway 10.8.0.5
2012-03-04 17:01:43 MANAGEMENT: >STATE:1330876903,ADD_ROUTES,,,
2012-03-04 17:01:43 /sbin/route add -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        add net 10.8.0.1: gateway 10.8.0.5
2012-03-04 17:01:43 Initialization Sequence Completed
2012-03-04 17:01:43 MANAGEMENT: >STATE:1330876903,CONNECTED,SUCCESS,10.8.0.6,199.180.129.110
2012-03-04 17:02:01 event_wait : Interrupted system call (code=4)
2012-03-04 17:02:01 TCP/UDP: Closing socket
2012-03-04 17:02:01 /sbin/route delete -net 10.8.0.1 10.8.0.5 255.255.255.255
                                        delete net 10.8.0.1: gateway 10.8.0.5
2012-03-04 17:02:01 /sbin/route delete -net 199.180.129.110 192.168.0.1 255.255.255.255
                                        delete net 199.180.129.110: gateway 192.168.0.1
2012-03-04 17:02:01 /sbin/route delete -net 0.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 0.0.0.0: gateway 10.8.0.5
2012-03-04 17:02:01 /sbin/route delete -net 128.0.0.0 10.8.0.5 128.0.0.0
                                        delete net 128.0.0.0: gateway 10.8.0.5
2012-03-04 17:02:01 Closing TUN/TAP interface
2012-03-04 17:02:01 SIGTERM[hard,] received, process exiting
2012-03-04 17:02:01 MANAGEMENT: >STATE:1330876921,EXITING,SIGTERM,,
2012-03-04 17:02:02 *Tunnelblick: Flushed the DNS cache
Top
User avatar
Mimiko
Forum Team
Posts: 1564
Joined: Wed Sep 22, 2010 3:18 am

Re: OpenVPN on Ubuntu 10.04 in OpenVZ container

Post by Mimiko » Mon Mar 12, 2012 11:13 am

Read this topic topic8588.html for the help.
Top
Post Reply

Return to “Installation Help”