i am trying to install and run the Openvpn on my Centos 7.8.2003 vps and connect to it with my machine. i followed instructions of this site https://www.howtoforge.com/tutorial/how ... -centos-7/ (centos 7.6 way) except this part ./easyrsa revoke someone, cause i didn't want to revoke any client.
everything went well but when i try to connect to it in Windows it connects but has no internet. openvpn connect shows that there's no income packets (Download) and like 700b upload. there is no running firewall.
i've searched a lot and tried many things but nothing worked out.
the last configs are these:
Server config
port 1194
proto udp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/hakase-server.crt
key /etc/openvpn/server/hakase-server.key
#DH and CRL key
dh /etc/openvpn/server/dh.pem
#crl-verify /etc/openvpn/server/crl.pem
server 10.10.1.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
#duplicate-cn
cipher AES-256-CBC
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
auth SHA512
auth-nocache
link-mtu 1601
# tun-mtu 1500
keepalive 20 60
persist-key
persist-tun
comp-lzo no
daemon
user nobody
group nobody
log-append /var/log/openvpn.log
verb 3
proto udp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/hakase-server.crt
key /etc/openvpn/server/hakase-server.key
#DH and CRL key
dh /etc/openvpn/server/dh.pem
#crl-verify /etc/openvpn/server/crl.pem
server 10.10.1.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
#duplicate-cn
cipher AES-256-CBC
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
auth SHA512
auth-nocache
link-mtu 1601
# tun-mtu 1500
keepalive 20 60
persist-key
persist-tun
comp-lzo no
daemon
user nobody
group nobody
log-append /var/log/openvpn.log
verb 3
Client config
client
dev tun
proto udp
remote ***.***.***.** 1194
ca ca.crt
cert client01.crt
key client01.key
cipher AES-256-CBC
auth SHA512
auth-nocache
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
comp-lzo no
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
verb 3
dev tun
proto udp
remote ***.***.***.** 1194
ca ca.crt
cert client01.crt
key client01.key
cipher AES-256-CBC
auth SHA512
auth-nocache
tls-version-min 1.2
tls-cipher TLS-DHE-RSA-WITH-AES-256-GCM-SHA384:TLS-DHE-RSA-WITH-AES-256-CBC-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-CBC-SHA256
comp-lzo no
resolv-retry infinite
nobind
persist-key
persist-tun
mute-replay-warnings
verb 3
route output:
Code: Select all
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192-227-134-65- 0.0.0.0 UG 100 0 0 ens32
10.10.1.0 10.10.1.2 255.255.255.0 UG 0 0 0 tun0
10.10.1.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.66.66.0 0.0.0.0 255.255.255.0 U 0 0 0 wg0
192.227.134.64 0.0.0.0 255.255.255.224 U 100 0 0 ens32
Code: Select all
ERROR: Linux route delete command failed: external program exited with error status: 2
Linux ip addr del failed: external program exited with error status: 2
Code: Select all
normally if you use --mssfix and/or --fragment, you should also set --tun-mtu 1500 (currently it is 1479)
'link-mtu' is used inconsistently, local='link-mtu 1601', remote='link-mtu 1602'
'tun-mtu' is used inconsistently, local='tun-mtu 1479', remote='tun-mtu 1500'
what should i do?