server not redirecting traffic back to the clients. (openvpn

[venkata_ramanan]

I am trying to setup a openvpn setup where I have one server and one client. Requirement is so basic that client's web traffic should be through the server. I was able to do this before. I am not sure what I messed up with, everything stopped working. Please help me debug this.

I added these two lines to server's conf file

push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"

iptable-save output

# Generated by iptables-save v1.4.14 on Tue Aug 21 14:19:51 2012
*mangle
REROUTING ACCEPT [101:8304]
:INPUT ACCEPT [93:7824]
:FORWARD ACCEPT [8:480]
:OUTPUT ACCEPT [93:12327]
OSTROUTING ACCEPT [101:12807]
COMMIT
# Completed on Tue Aug 21 14:19:51 2012
# Generated by iptables-save v1.4.14 on Tue Aug 21 14:19:51 2012
*filter
:INPUT ACCEPT [96:7944]
:FORWARD ACCEPT [8:480]
:OUTPUT ACCEPT [101:13775]
COMMIT
# Completed on Tue Aug 21 14:19:51 2012
# Generated by iptables-save v1.4.14 on Tue Aug 21 14:19:51 2012
*nat
REROUTING ACCEPT [4:240]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [1:76]
OSTROUTING ACCEPT [1:76]
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Tue Aug 21 14:19:51 2012

ifconfig at server

[root@localhost openvpn]# ifconfig eth0: flags=4419 mtu 1500 metric 1 inet 10.0.0.3 netmask 255.255.255.0 broadcast 10.0.0.255 inet6 fe80::225:31ff:fe04:6ac7 prefixlen 64 scopeid 0x20 ether 00:25:31:04:6a:c7 txqueuelen 1000 (Ethernet) RX packets 8547 bytes 855469 (835.4 KiB) RX errors 0 dropped 1 overruns 0 frame 0 TX packets 9122 bytes 1227613 (1.1 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 11 .. tun0: flags=4305 mtu 1500 metric 1 inet 10.8.0.1 netmask 255.255.255.255 destination 10.8.0.2 unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC) RX packets 16 bytes 960 (960.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

ifconfig at client: eth0 Link encap:Ethernet HWaddr 00:0c:29:23:b2:78
inet addr:192.168.5.101 Bcast:192.168.5.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe23:b278/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1745 errors:0 dropped:0 overruns:0 frame:0 TX packets:1651 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:325001 (325.0 KB) TX bytes:201954 (201.9 KB) .. tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.6 P-t-P:10.8.0.5 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:87 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:336 (336.0 B) TX bytes:10212 (10.2 KB)

The client side's RX packets is always 0 and the server's TX is always 0. What could be the problem? The last thing that I tried was to forward tun0 of server to my proxy (squid)

iptables -A PREROUTING -t nat -p tcp -i tun0 --dport 80 -j REDIRECT --to-port 3128

[Mimiko]

I think this couse you problem:

push "dhcp-option DNS 10.8.0.1"

You server does not have a DNS servise, so you must better push

Code: Select all

push "dhcp-option DNS 8.8.8.8"