hi, new to openvpn ,
i tried to install on windows xp openvpn, but seems to have problems with routing to tunneling web trafic through vpn..;
so i decided to run Openvpn server on my ubuntu 12.04 LTS
everything seems to be ok : i can ping, i can tunneling web trafic through vpn (i can see it with my public ip witch is the same than public ip of the server ) !
but the problem is the following one :
when i reboot the pc where my openvpn is, i lose my rules to redirect web trafic to vpn (ping is good , but no tunnel for web)
so i have to write the rules manually :
sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'
net.ipv4.ip_forward = 1
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
i restart openvpn server, and now it works ! (web trhough vpn is ok )
but if reboot pc with openvpn server installed, it is lost and i have to restart ...
so i do this :
sudo sh -c "iptables-save > /etc/iptables.rules"
put this line after if lo inet loopback
"pre-up iptables-restore < /etc/iptables.rules "
and it doess'nt work
why on my iptables rules i haven't got my interface eth0 ??
where is the mistake ??
please !
thanks for your help !!!
how to make config persistent on server when reboot ?
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
Please visit (and READ) the OpenVPN HowTo http://openvpn.net/howto prior to asking any questions in here!
-
jmarshallh
- OpenVpn Newbie
- Posts: 14
- Joined: Wed Apr 03, 2013 1:57 am
-
jmarshallh
- OpenVpn Newbie
- Posts: 14
- Joined: Wed Apr 03, 2013 1:57 am
Re: how to make config persistent on server when reboot ?
hi
so i spent a lot of time on this problem, seems to be ok , here the way ....
Here all my config which allows me to tunnelise web traffic and access my lan :
PC for SERVER
Ubuntu 12.04 LTS
Box provided by FAI - lan : 192.168.10.1
SERVER
port 4500 - cos open on the spot wifi i used
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.10.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
PC CLIENT
Windows 7
connected on another lan : free spot wifi or another connexion provided by FAI
CLIENT
client
dev tun
proto udp
remote X.X.X.X 4500
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
route-method exe
route-delay 2
I 've added a route in my box (server side ) : 10.8.0.0 255.255.255.0 192.168.10.42 (IP of my computer where OpenVpn is installed)
The problem was to KEEP persistent rules in iptables : so i found on internet the following way :
create a script in /root : iptables.sh
the script :
" iptables -F
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o -eth0 -j MASQUERADE "
seems to be ok
if restart openvpn server or reboot your PC, on client just deconnect and reconnect and you still can retrieve all i want : web through vpn and access to lan !
i think i will discover more problems by using these conf , but i think it's a good beginning
hope it will help
so i spent a lot of time on this problem, seems to be ok , here the way ....
Here all my config which allows me to tunnelise web traffic and access my lan :
PC for SERVER
Ubuntu 12.04 LTS
Box provided by FAI - lan : 192.168.10.1
SERVER
port 4500 - cos open on the spot wifi i used
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.10.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
PC CLIENT
Windows 7
connected on another lan : free spot wifi or another connexion provided by FAI
CLIENT
client
dev tun
proto udp
remote X.X.X.X 4500
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
route-method exe
route-delay 2
I 've added a route in my box (server side ) : 10.8.0.0 255.255.255.0 192.168.10.42 (IP of my computer where OpenVpn is installed)
The problem was to KEEP persistent rules in iptables : so i found on internet the following way :
create a script in /root : iptables.sh
the script :
" iptables -F
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o -eth0 -j MASQUERADE "
seems to be ok
if restart openvpn server or reboot your PC, on client just deconnect and reconnect and you still can retrieve all i want : web through vpn and access to lan !
i think i will discover more problems by using these conf , but i think it's a good beginning
hope it will help