I just migrated my server datas and config to a new one.
Every thing is the same as before except for the ip but I can't get the internet when I m connected to my VPN.
(I was able to do it before!)
There are my config files :
iptables
Code: Select all
#NAT FOR VPN
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
#Accept VPN
iptables -t filter -i eth0 -A INPUT -p tcp --dport 1194 -j ACCEPT
#Accept http, https, ssh, imap, pop, popssl, smtp, smtpssl, ftp
iptables -t filter -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 443 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 143 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 995 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 110 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 25 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 465 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 587 -j ACCEPT
#Don t cut established connexion
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
#Accept transfer between VPN and server
iptables -A FORWARD -i tap0 -o eth0 -j ACCEPT
iptables -A FORWARD -i eth0 -o tap0 -j ACCEPT
#Block every port
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
Code: Select all
dev tap0
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
client-to-client
duplicate-cn
keepalive 10 120
cipher AES-256-CBC # AES
persist-key
persist-tun
Thanks!