No internet connectivity on client

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Amareshwari
OpenVpn Newbie
Posts: 3
Joined: Fri Jan 28, 2022 12:21 pm

No internet connectivity on client

Post by Amareshwari » Fri Jan 28, 2022 12:32 pm

Hi,

We were running OpenVPN without any issues for past 1 year. And clients started to see connection time out issue from last day. After enabling logs on server we saw the following error :

Code: Select all

VERIFY ERROR: depth=0, error=CRL has expired
So, we regenerated CRL with

Code: Select all

./easyrsa gen-crl
and updated server and restarted. After which client started to connect fine, but internet connectivity is not available on client . All clients are facing the same issue. Can somebody guide us where is it going wrong?

Here are the server configuration for redirecting client traffic :

push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"

Same configuration was working all well till last 2 days. Really appreciate any help on fixing this further.

Thanks
Amareshwari

User avatar
TinCanTech
Forum Team
Posts: 10721
Joined: Fri Jun 03, 2016 1:17 pm

Re: No internet connectivity on client

Post by TinCanTech » Fri Jan 28, 2022 4:50 pm


User avatar
openvpn_inc
OpenVPN Inc.
Posts: 660
Joined: Tue Feb 16, 2021 10:41 am

Re: No internet connectivity on client

Post by openvpn_inc » Sat Jan 29, 2022 1:20 am

Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Amareshwari
OpenVpn Newbie
Posts: 3
Joined: Fri Jan 28, 2022 12:21 pm

Re: No internet connectivity on client

Post by Amareshwari » Sat Jan 29, 2022 5:23 am

Thanks for the flow chart shared. It is failing at pinging 8.8.8.8. And IP forwarding and NAT is enabled, but still pinging 8.8.8.8 is problem.
Below are the configuration. Can you let us know if anything more need to be done ?

And as per the flowchart, client and server are not on the same LAN, and chart says likely firewall issue? What sort of firewall issue would cause this. There are no firewall issue on the vpn server itself for internet traffic. Please let us know what can be done further.

Code: Select all

$ sudo sysctl -p
net.ipv4.ip_forward = 1

Code: Select all

$ ip route | grep default
default via 10.160.0.1 dev eth0 

Code: Select all

$ cat /etc/ufw/before.rules
#
# rules.before
#
# Rules that should be run before the ufw command line added rules. Custom
# rules should be added to one of these chains:
#   ufw-before-input
#   ufw-before-output
#   ufw-before-forward
#

# START OPENVPN RULES
# NAT table rules
*nat
:POSTROUTING ACCEPT [0:0]
# Allow traffic from OpenVPN client to eth0 (change to the interface you discovered!)
-A POSTROUTING -s 10.8.0.0/8 -o eth0 -j MASQUERADE
COMMIT
# END OPENVPN RULES

# Don't delete these required lines, otherwise there will be errors
*filter
. . .

Code: Select all

$ cat /etc/default/ufw
DEFAULT_FORWARD_POLICY="ACCEPT"

Amareshwari
OpenVpn Newbie
Posts: 3
Joined: Fri Jan 28, 2022 12:21 pm

Re: No internet connectivity on client

Post by Amareshwari » Mon Jan 31, 2022 7:03 am

Hi,

Can somebody help what can be done to avoid this problem?

Thanks

User avatar
TinCanTech
Forum Team
Posts: 10721
Joined: Fri Jun 03, 2016 1:17 pm

Re: No internet connectivity on client

Post by TinCanTech » Mon Jan 31, 2022 4:08 pm

Sanitised output of

Code: Select all

ip a

Post Reply