I can't open any page on the internet.
Code: Select all
# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3053ms
Code: Select all
# ping 98.76.54.32
PING 98.76.54.32 (98.76.54.32) 56(84) bytes of data.
64 bytes from 98.76.54.32: icmp_seq=1 ttl=53 time=66.8 ms
64 bytes from 98.76.54.32: icmp_seq=2 ttl=53 time=64.4 ms
64 bytes from 98.76.54.32: icmp_seq=3 ttl=53 time=65.0 ms
64 bytes from 98.76.54.32: icmp_seq=4 ttl=53 time=67.8 ms
64 bytes from 98.76.54.32: icmp_seq=5 ttl=53 time=73.4 ms
64 bytes from 98.76.54.32: icmp_seq=6 ttl=53 time=64.7 ms
--- 98.76.54.32 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5010ms
rtt min/avg/max/mdev = 64.438/67.021/73.408/3.098 ms
Code: Select all
CLIENT_NAME/12.34.56.78:50518 MULTI: bad source address from client [192.168.1.16], packet dropped
Here's my configurations:
Code: Select all
# server.conf
port 1194
proto udp
dev tun
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/server.crt
key /etc/openvpn/easy-rsa/pki/private/server.key # keep secret
dh /etc/openvpn/easy-rsa/pki/dh.pem
askpass /etc/openvpn/pass.txt
topology subnet
server 10.9.8.0 255.255.255.0 # internal tun0 connection IP
ifconfig-pool-persist ipp.txt
push "route 192.168.0.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
# push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 1.1.1.1"
keepalive 10 120
tls-auth /etc/openvpn/server/ta.key 0
auth-nocache
cipher AES-256-CBC
data-ciphers AES-256-CBC
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log /var/log/openvpn/openvpn.log
log-append /var/log/openvpn/openvpn.log
verb 4 # verbose mode
client-to-client
explicit-exit-notify 1
Code: Select all
# client.conf
client
dev tun
proto udp
remote 98.76.54.32 1194 # [VPN server IP] [PORT]
resolv-retry infinite
nobind
persist-key
persist-tun
ca ./path/to/ca.crt
cert ./path/to/CLIENT_NAME.crt
key ./path/to/CLIENT_NAME.key
remote-cert-tls server
tls-auth /home/user/Downloads/hyperspace/ta.key 1
auth-nocache
cipher AES-256-CBC
data-ciphers AES-256-CBC
mute-replay-warnings
verb 4
Code: Select all
# cat /proc/sys/net/ipv4/ip_forward
1
Code: Select all
# sysctl -a | grep ip_forward
net.ipv4.ip_forward = 1
...
Code: Select all
# iptables -L -n -v
Chain INPUT (policy ACCEPT 6221 packets, 435K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
147 20957 ACCEPT all -- eth0 tun0 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
89 9293 ACCEPT all -- * eth0 10.9.8.0/24 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 5751 packets, 1299K bytes)
pkts bytes target prot opt in out source destination
Code: Select all
# iptables -t nat -L -n -v
Chain PREROUTING (policy ACCEPT 2199 packets, 92559 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 2168 packets, 90647 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 20 packets, 1486 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 20 packets, 1486 bytes)
pkts bytes target prot opt in out source destination
28 1732 MASQUERADE all -- * eth0 10.9.8.0/24 0.0.0.0/0
Sincerely,
iljyable