OpenVPN Support Forum

hi, new to openvpn ,
i tried to install on windows xp openvpn, but seems to have problems with routing to tunneling web trafic through vpn..;
so i decided to run Openvpn server on my ubuntu 12.04 LTS

everything seems to be ok : i can ping, i can tunneling web trafic through vpn (i can see it with my public ip witch is the same than public ip of the server ) !

but the problem is the following one :

when i reboot the pc where my openvpn is, i lose my rules to redirect web trafic to vpn (ping is good , but no tunnel for web)

so i have to write the rules manually :

sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'
net.ipv4.ip_forward = 1
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

i restart openvpn server, and now it works ! (web trhough vpn is ok )

but if reboot pc with openvpn server installed, it is lost and i have to restart ...

so i do this :

sudo sh -c "iptables-save > /etc/iptables.rules"
put this line after if lo inet loopback
"pre-up iptables-restore < /etc/iptables.rules "

and it doess'nt work

why on my iptables rules i haven't got my interface eth0 ??

where is the mistake ??

please !

thanks for your help !!!

hi

so i spent a lot of time on this problem, seems to be ok , here the way ....

Here all my config which allows me to tunnelise web traffic and access my lan :

PC for SERVER
Ubuntu 12.04 LTS
Box provided by FAI - lan : 192.168.10.1

SERVER

port 4500 - cos open on the spot wifi i used
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "route 192.168.10.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3

PC CLIENT
Windows 7
connected on another lan : free spot wifi or another connexion provided by FAI

CLIENT

client
dev tun
proto udp
remote X.X.X.X 4500
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
route-method exe
route-delay 2


I 've added a route in my box (server side ) : 10.8.0.0 255.255.255.0 192.168.10.42 (IP of my computer where OpenVpn is installed)


The problem was to KEEP persistent rules in iptables : so i found on internet the following way :

create a script in /root : iptables.sh

the script :
" iptables -F
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o -eth0 -j MASQUERADE "

seems to be ok
if restart openvpn server or reboot your PC, on client just deconnect and reconnect and you still can retrieve all i want : web through vpn and access to lan !

i think i will discover more problems by using these conf , but i think it's a good beginning

hope it will help