Connected to VPN, able to ping but no internet access

Need help configuring your VPN? Just post here and you'll get that help.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
Xensoul
OpenVpn Newbie
Posts: 7
Joined: Thu Apr 28, 2011 8:31 am

Connected to VPN, able to ping but no internet access

Post by Xensoul » Thu Apr 28, 2011 8:34 am

I am not able to access the internet with my VPN connected and i am able to ping the server.
I am using a vps server for my openvpn server.
My Laptop is on ubuntu. I can't access the internet from my campus but i am connected successfully.

Hopefully someone can help me. Thanks.

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: Connected to VPN, able to ping but no internet access

Post by janjust » Thu Apr 28, 2011 8:51 am

make sure you're using

Code: Select all

push "redirect-gateway def1"
on the VPN server; also make sure that ip forwarding is enabled and that masquerading is turned on:

Code: Select all

echo 1 > /proc/sys/net/ip4/ip_forward
modprobe iptable_nat
iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE

Xensoul
OpenVpn Newbie
Posts: 7
Joined: Thu Apr 28, 2011 8:31 am

Re: Connected to VPN, able to ping but no internet access

Post by Xensoul » Thu Apr 28, 2011 12:02 pm

janjust wrote:make sure you're using

Code: Select all

push "redirect-gateway def1"
on the VPN server; also make sure that ip forwarding is enabled and that masquerading is turned on:

Code: Select all

echo 1 > /proc/sys/net/ip4/ip_forward
modprobe iptable_nat
iptables -t nat -I POSTROUTING -o eth0 -j MASQUERADE
Thanks for the reply.

I am using push "redirect-gateway def1"

however when i try

Code: Select all

echo 1 > /proc/sys/net/ip4/ip_forward
modprobe iptable_nat
I get FATAL: Could not load /lib/modules/2.6.32/modules.dep: No such file or directory for both.

Edit: I have ask my hosting they say that current there are no MASQUERADE service on their vps. They ask me to try to work around using SNAT and DNAT.

Xensoul
OpenVpn Newbie
Posts: 7
Joined: Thu Apr 28, 2011 8:31 am

Re: Connected to VPN, able to ping but no internet access

Post by Xensoul » Thu Apr 28, 2011 4:41 pm

It's working at my home now. Gonna test when i am in campus.

User avatar
krzee
Forum Team
Posts: 729
Joined: Fri Aug 29, 2008 5:42 pm

Re: Connected to VPN, able to ping but no internet access

Post by krzee » Thu Apr 28, 2011 4:48 pm

sounds like they are using openvz...
try

Code: Select all

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to <PUBLIC-IP>
you still need ip forwarding, the command JJK gave you should still work fine:

Code: Select all

echo 1 > /proc/sys/net/ipv4/ip_forward 
for a temp solution (til reboot) or

Code: Select all

echo "net.ipv4.ip_forward = 1" >> sysctl.conf
for perm solution

Xensoul
OpenVpn Newbie
Posts: 7
Joined: Thu Apr 28, 2011 8:31 am

Re: Connected to VPN, able to ping but no internet access

Post by Xensoul » Fri Apr 29, 2011 2:11 am

krzee wrote:sounds like they are using openvz...
try

Code: Select all

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to <PUBLIC-IP>
you still need ip forwarding, the command JJK gave you should still work fine:

Code: Select all

echo 1 > /proc/sys/net/ipv4/ip_forward 
for a temp solution (til reboot) or

Code: Select all

echo "net.ipv4.ip_forward = 1" >> sysctl.conf
for perm solution
Hmm.. it's working at my home but not in my campus. I have known that my compus have port 80, 443 and 22 open. So i am using 22.

Edit: i realise that it works after i start the vpn for awhile. Like 20 seconds? Then can't access after that.
Side note: You can only connect to the ISA or school vpn to access internet in my school.

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: Connected to VPN, able to ping but no internet access

Post by janjust » Fri Apr 29, 2011 8:11 am

if the VPN works for 20 seconds and then stops then I'd suspect a smart campus firewall (you're on The Great LAN, I presume) - there's little you can do about that. OpenVPN does not "hide" itself from firewalls , so a modern firewall with deep packet inspection can easily see that it's openVPN traffic that is flowing over the SSH port instead of SSH traffic.

On the other hand, if you have SSH access then why not simply use that? Set up SSH on your home server, 'ssh' to it using port forwarding, e.g.

Code: Select all

ssh -D 1080 <user>@<IP>
and then use either SOCKS support in your client apps or use 'socks-proxy' to run a VPN tunnel over the SSH tunnel .

Xensoul
OpenVpn Newbie
Posts: 7
Joined: Thu Apr 28, 2011 8:31 am

Re: Connected to VPN, able to ping but no internet access

Post by Xensoul » Sat Apr 30, 2011 7:14 am

Yup i have been using the SSH access for the socks-proxy. But it does not allow me to update my ubuntu or install application from the software centre as it seems it was blocked. I wasn't able to torrent too.

I have a friend who is able to use his OpenVPN in the campus. I asked him how he do it. He told me he just follow the guide in ubuntu wiki. Well i did follow the guide too. Just not sure why i can't and he can.

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: Connected to VPN, able to ping but no internet access

Post by janjust » Mon May 02, 2011 6:04 am

what I meant by 'socks-proxy' was that you can
* set up the SSH tunnel using '-D 1080' to your remote host
* also set up OpenVPN on the remote host
* configure OpenVPN to use a socks proxy

Code: Select all

socks-proxy 127.0.0.1
this will establish a VPN tunnel via the socks proxy - you should be able to torrent anything over that.

Xensoul
OpenVpn Newbie
Posts: 7
Joined: Thu Apr 28, 2011 8:31 am

Re: Connected to VPN, able to ping but no internet access

Post by Xensoul » Mon May 02, 2011 1:57 pm

janjust wrote:what I meant by 'socks-proxy' was that you can
* set up the SSH tunnel using '-D 1080' to your remote host
* also set up OpenVPN on the remote host
* configure OpenVPN to use a socks proxy

Code: Select all

socks-proxy 127.0.0.1
this will establish a VPN tunnel via the socks proxy - you should be able to torrent anything over that.
Opps. I am sorry. Misunderstood what you mean. I will give it a try when i go back to school tomorrow. Thanks

Xensoul
OpenVpn Newbie
Posts: 7
Joined: Thu Apr 28, 2011 8:31 am

Re: Connected to VPN, able to ping but no internet access

Post by Xensoul » Tue May 03, 2011 7:45 am

I got it working by changing my machine to connect to dns 8.8.8.8
Learn it from someone i know.

Thanks to all who help. :)

Cheers.

Post Reply