This is a bit of specific situation, but i hope someone can help.
I have recently encountered a problem with setting up OpenVPN. I am able to connect to the VPN server and I can access the machines connected to the LAN, but some packets cannot find their way back to the devices behind the VPN.
I am running a Java application that acts like a proxy, which is on the same LAN as the (Linux) machine that is hosting the VPN server. This application sends and receives different packets on different ports to mobile applications. Sending a packet from the phone (connected to the VPN) to the Java app works fine, but when trying to send a packet back to the phone, the packet doesn't reach the destination. It goes back to the machine that is hosting the VPN server, but it never reaches the mobile device connected to the VPN.
To make things more problematic, some packets do get through (SIP packets on port 35555, while other UDP packets on port 50000 can't be routed back to the device).
Here's the server config file (the keys are removed):
Server config
dev tun
proto udp
port 1194
topology subnet
server 10.8.0.0 255.255.255.0
push "dhcp-option DNS 192.168.0.1"
push "route 192.168.0.0 255.255.255.0"
client-to-client
keepalive 1800 3600
remote-cert-tls client
tls-version-min 1.2
tls-auth /etc/openvpn/easy-rsa/pki/ta.key 0
And this is a basic scenario:
This works (SIP packets are going back and forth)
And this doesn't (UDP packets arrive to the machine hosting the Java app, it replies with another packet, but the packet never reaches the phone)
192.168.0.102 - Linux machine hosting the VPN server
192.168.0.105 - Linux machine hosting the Java application
10.8.0.2 - Mobile address using VPN
And I have this in the iptables on the Linux machine hosting the VPN server (had to add it so the VPN client can access the machines inside the LAN):
I don't have a lot of experience with VPN setup or networking overall, so I might be missing something obvious here.
Any help would be appreciated.
Thanks in advance