Can succesfuly connect to VPN, with an open TCP port, but no internet access.

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
sebzapata
OpenVpn Newbie
Posts: 1
Joined: Wed Dec 28, 2022 6:22 pm

Can succesfuly connect to VPN, with an open TCP port, but no internet access.

Post by sebzapata » Wed Dec 28, 2022 6:35 pm

Hi,
I have setup OpenVpn on my RaspberryPi, and I am able to connect to it from my laptop.
The issue however, is that I am unable to browse the internet.

After initially following this tutorial using UDP on port 1194, I was able to connect, but couldn't open the port on my router.
After changing to TCP protocol, the port is now open as checked using portchecker.co

The issue still remains that I cannot browse the internet.

Here is a copy of my server.conf file from the RaspberryPi

Code: Select all

dev tun
proto tcp
port 1194
ca /etc/openvpn/easy-rsa/pki/ca.crt
cert /etc/openvpn/easy-rsa/pki/issued/raspberrypi_d3a4d969-8e5f-416f-8f1b-c274a2f8f6f3.crt
key /etc/openvpn/easy-rsa/pki/private/raspberrypi_d3a4d969-8e5f-416f-8f1b-c274a2f8f6f3.key
dh none
ecdh-curve prime256v1
topology subnet
server 10.166.194.0 255.255.255.0
# Set your primary domain name server address for clients
push "dhcp-option DNS 1.1.1.1"
push "dhcp-option DNS 1.0.0.1"
# Prevent DNS leaks on Windows
push "block-outside-dns"
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
client-config-dir /etc/openvpn/ccd
keepalive 15 120
remote-cert-tls client
tls-version-min 1.2
 tls-crypt /etc/openvpn/easy-rsa/pki/ta.key
cipher AES-256-CBC
auth SHA256
user openvpn
group openvpn
persist-key
persist-tun
crl-verify /etc/openvpn/crl.pem
status /var/log/openvpn-status.log 20
status-version 3
syslog
verb 3
#DuplicateCNs allow access control on a less-granular, per user basis.
#Remove # if you will manage access by user instead of device. 
#duplicate-cn
# Generated for use by PiVPN.io
Here is a copy of (some of) my client file

Code: Select all

client
dev tun
proto tcp
remote DDNS.URL.COM 1194
resolv-retry infinite
nobind
remote-cert-tls server
tls-version-min 1.2
verify-x509-name raspberrypi_d3a4d969-8e5f-416f-8f1b-c274a2f8f6f3 name
cipher AES-256-CBC
auth SHA256
auth-nocache
verb 3
<ca>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN ENCRYPTED PRIVATE KEY-----
...
-----END ENCRYPTED PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
...
-----END OpenVPN Static key V1-----
</tls-crypt>
I am running OpenVPN GUI v11.31.0.0 - A Windows GUI for OpenVPN & OpenVPN v2.5.8 - An application to securely tunnel IP networks... on my Windows 10 machine.
I am running OpenVPN 2.5.1 on the RaspberryPi.

Can anyone advise me on what I may need to do to grant internet access?

Thanks
Top
Post Reply

Return to “Configuration”