OpenVPN Support Forum

Posted: **Wed Jun 12, 2013 7:47 pm**

Hi,
I have OpenVPN running on Ubuntu 12.04 in a bridged setup, and I can connect from my client and access the machines on the local LAN (the LAN on which the VPN server resides), but I can't access anything on the internet. Web pages cannot load, and I'm unable to ping anything outside (I tried 8.8.8.8 and got no response).

My server.conf is:

Code: Select all

local 192.168.2.7

port 1195

proto udp

dev tap0
up "/etc/openvpn/up.sh br0 eth0"

ca /home/david/easy-rsa/2.0/keys/ca.crt
cert /home/david/easy-rsa/2.0/keys/server.crt
key /home/david/easy-rsa/2.0/keys/server.key  # This file should be kept secret

dh /home/david/easy-rsa/2.0/keys/dh1024.pem

ifconfig-pool-persist ipp.txt

server-bridge 192.168.2.7 255.255.255.0 192.168.2.110 192.168.2.120

push "redirect-gateway def1"

push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"

duplicate-cn

keepalive 10 120

comp-lzo

user nobody
group nogroup

persist-key
persist-tun

status openvpn-status.log

verb 3

When I run iptables -L -v I get:

Code: Select all

Chain INPUT (policy ACCEPT 4032 packets, 309K bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  tap0   any     anywhere             anywhere
15440 2762K ACCEPT     all  --  br0    any     anywhere             anywhere

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
 6573 2783K ACCEPT     all  --  br0    any     anywhere             anywhere

Chain OUTPUT (policy ACCEPT 15865 packets, 5557K bytes)
 pkts bytes target     prot opt in     out     source               destination

I've been looking through this forum, and I see a lot of issues with NAT, but I'm not sure they apply here because I'm using bridging, so my router should see my client machine as the same as any other machine on the network. Any help would be greatly appreciated - this is driving me nuts!

Dave

Posted: **Thu Jun 13, 2013 12:00 pm**

is IP forwarding enabled on the server? (cat /proc/sys/net/ipv4/ip_forward)

what is the server-side LAN GW address? can the client reach that address?

Posted: **Thu Jun 13, 2013 12:46 pm**

That was it! I can't believe it was that simple - I've been beating my head on this for 2 days. I hadn't realized that ip forwarding needed to be turned on with a bridged setup, I thought that having an IP address from the host network would allow the router to recognize the proper destination for my packets. Thanks!

Dave

Posted: **Thu Jun 13, 2013 1:06 pm**

Thx for reporting back, closing topic.

OpenVPN Support Forum

[SOLVED] OpenVPN running, local access but no internet

[SOLVED] OpenVPN running, local access but no internet

Re: OpenVPN running, local access but no internet

Re: OpenVPN running, local access but no internet

Re: OpenVPN running, local access but no internet