Page 1 of 1
Traffic redirect and IP forwarding
Posted: Wed Jun 12, 2013 12:03 pm
by EyalMendel
Hello,
I have installed a VPN server on my VPS and this is the server.conf file:
Code: Select all
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
Each time I connect, not all the traffic is redirected to the OpenVPN (for example, while surfing the browser).
I have noticed that the IP I get from OpenVPN is internal (10.x.x.x), even though I connect to an real IP address (VPS server).
If needed, here is the client conf file:
Code: Select all
client
dev tun
proto udp
remote x.x.x.x (example) 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
comp-lzo
verb 3
redirect-gateway def1
I have read almost every topic here about the traffic redirection but I wasn't able to fix it.
Thank you.
Re: Traffic redirect and IP forwarding
Posted: Wed Jun 12, 2013 1:13 pm
by janjust
the fact that your VPN client gets the address 10.8.0.6 is normal with your setup; whether you're actually redirecting via the server is another matter (although the "redirect-gateway def1" should do that).
from the client, can you ping the VPN Ip of the server (10.8.0.1) ?
what happens if you run a traceroute from the client?
Windows
Mac/Linux
?
Re: Traffic redirect and IP forwarding
Posted: Wed Jun 12, 2013 1:28 pm
by EyalMendel
Thank you the quick response. Here is the trace:
Code: Select all
Tracing route to 8.8.8.8 over a maximum of 30 hops
1 5 ms <1 ms <1 ms 192.168.1.1
2 558 ms 48 ms 41 ms 172.28.37.98
3 70 ms 79 ms 109 ms 172.28.239.181
4 106 ms 78 ms 79 ms 172.28.189.193
5 116 ms 78 ms 118 ms 212.143.203.80
6 305 ms 88 ms 78 ms 212.143.203.212
7 149 ms 126 ms 178 ms 212.143.12.4
8 136 ms 150 ms 136 ms 10.50.1.1
9 164 ms 149 ms 158 ms 80.81.192.108
10 145 ms 158 ms 148 ms 209.85.241.110
11 165 ms 178 ms 139 ms 209.85.251.246
12 137 ms 148 ms 138 ms 209.85.254.116
13 * * * Request timed out.
14 191 ms 138 ms 168 ms 8.8.8.8
Trace complete.
Re: Traffic redirect and IP forwarding
Posted: Wed Jun 12, 2013 3:57 pm
by janjust
the output
1 5 ms <1 ms <1 ms 192.168.1.1
shows that the first hop is 192.168.1.1 which is , most likely, your LAN gateway and not your VPN tunnel; check the client connection log (with 'verb 5' added) to see if the default route is actually set. Post the output of
after the VPN has started.
Re: Traffic redirect and IP forwarding
Posted: Wed Jun 12, 2013 6:13 pm
by EyalMendel
Code: Select all
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.100 10
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 266
192.168.1.100 255.255.255.255 On-link 192.168.1.100 266
192.168.1.255 255.255.255.255 On-link 192.168.1.100 266
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 266
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 266
===========================================================================
Persistent Routes:
None
Re: Traffic redirect and IP forwarding
Posted: Thu Jun 13, 2013 11:59 am
by janjust
this outptu does not show *ANY* VPN adapters - ensure that openvpn is running and that the connection has been established.