Thing is, once I've connected, all calls to URLs either inside or outside the local network, either by IP address or DNS name, just time out after a while.
I understood that I need to set up some static route in the router, so that the response packages from the URLs endpoints find their way back into the tunnel. That would explain the timeouts instead of a 404, I suppose. Some tutorial suggested to add a route between 10.10.10.0, Subnet 255.255.255.0 to my Raspi, let that be 192.168.178.17 (fixed IP over wired ethernet). I did that, but it didn't help. Maybe I need to use a different IP than 10.10.10.0, but I wouldn't know which one instead. I don't even know where they got 10.10.10.0 from. It can't be the client's IP adress, as that one might change constantly?
I'm fairly certain there's one last step missing to make it work, and that it's one step everybody must have done. But I just can't get my head around it. To be really frank: I already fail at understanding the Wikipedia article about NATs. I do have basic network knowledge, but not in-depth, and also sadly have an issue that I simply can't concentrate enough to dive into all those details. While I know how to program software and occasionally do it, I also can't read other people's code for the same reason. Brain just goes "boooring, la la la, what's the weather outside, and oh, what's on today's menu?"
So I hope someone here is willing to guide me through the steps of where to define what to make it work. The FRITZ!Box comes with its own VPN solution that does work, but it's a PITA to set it up with clients. So far I managed to get it working on my Smartphone, but still fail with my wife's phone (even though she has the same model) or my laptop, let alone other clients like a piCore Player, and from what I've understoof the solution also has some issues with my Internet provider (Vodafone Cable) in combination with IPv6. That's why I'd like to use OpenVPN instead.
My server.conf is this:
Code: Select all
local 192.168.[removed]
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 192.168.[removed]"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
verb 3
crl-verify crl.pem
explicit-exit-notify
Edit: I went and enabled "net.ipv4.ip_forward=1" and ran "sudo sysctl -p" which listed the aforementioned line. I also went and added a static route between 10.10.10.0/255.255.255.0 and 192.168.[IP of the OpenVPN server] to the internet router again. But that didn't change anything, I still get the timeouts.