#1 2017-09-24 11:03:36

-sandro-
Trusted Member
Registered: 2014-01-22
Posts: 36

OpenVPN internet not working

Hi,
not sure what I'm doing wrong, I used NYR script to install and all good. Problem is I can't find a way to forward internet traffic. I tried every possible iptable rules I found and that always worked but no luck with this!

Could be something different with this VPS? I'm using Inception Hosting UK 128MB.
Internal Network is 10.10.100.28.

Thanks!

Offline

#2 2017-09-24 11:39:18

layfon
Trusted Member
Registered: 2017-03-31
Posts: 6

Re: OpenVPN internet not working

Nyr script modifies iptables. If you haven't modified iptables manually, you probably don't need to touch iptables.
What does "can't forward traffic" mean?

Offline

#3 2017-09-24 12:01:01

Backtogeek
Low End Boss
From: ~/
Registered: 2013-02-13
Posts: 3,498
Website

Re: OpenVPN internet not working

did you enable tun and reboot the container (from solusvm) before installing?


http://LittleHappyCloud.net KVM VPS with 1TB Bandwidth for €3.00

Offline

#4 2017-09-24 12:22:04

-sandro-
Trusted Member
Registered: 2014-01-22
Posts: 36

Re: OpenVPN internet not working

Yes it's enabled or the script won't even install.
I didn't know the script also added rules. OK, so I flushed everything and reinstalled the script from scratch, still can't access internet from the client connected, connection works though and can ping the VPN network. Public domains/IPs won't work.
I thought it was the client but they all behave the same (Android and MACOS).

Don't know what else to do, if the script is supposed to set up everything...

Offline

#5 2017-09-24 15:32:10

WSS
Trusted Member
Registered: 2016-12-22
Posts: 255

Re: OpenVPN internet not working

It sounds like you're going to need to set your route locally.  Make sure your local connection uses the VPN as your gateway after you connect.


RbyeR4Nm.png

Offline

#6 2017-09-24 15:40:18

-sandro-
Trusted Member
Registered: 2014-01-22
Posts: 36

Re: OpenVPN internet not working

WSS wrote:

It sounds like you're going to need to set your route locally.  Make sure your local connection uses the VPN as your gateway after you connect.

It does use the VPN (standard 10.8.0.1) as the gateway...
Can I post some logs or configs?

Last edited by -sandro- (2017-09-24 15:40:45)

Offline

#7 2017-09-24 15:42:09

Backtogeek
Low End Boss
From: ~/
Registered: 2013-02-13
Posts: 3,498
Website

Re: OpenVPN internet not working

can you ping 8.8.8.8 while connected to the vpn and can you ping yahoo.com?


http://LittleHappyCloud.net KVM VPS with 1TB Bandwidth for €3.00

Offline

#8 2017-09-24 15:57:20

-sandro-
Trusted Member
Registered: 2014-01-22
Posts: 36

Re: OpenVPN internet not working

Backtogeek wrote:

can you ping 8.8.8.8 while connected to the vpn and can you ping yahoo.com?

Nope neither.

Offline

#9 2017-09-24 16:22:01

Backtogeek
Low End Boss
From: ~/
Registered: 2013-02-13
Posts: 3,498
Website

Re: OpenVPN internet not working

well, first of all, make sure you run the openvpn client as administrator, and please give screenshots of your network settings after connecting or as much as you can, not really much to go on here smile


http://LittleHappyCloud.net KVM VPS with 1TB Bandwidth for €3.00

Offline

#10 2017-09-24 19:08:00

-sandro-
Trusted Member
Registered: 2014-01-22
Posts: 36

Re: OpenVPN internet not working

I'm testing on a mac but on Android the result is the same.
I'm getting this log once connected

2017-09-24 20:56:40 *Tunnelblick: No 'connected.sh' script to execute
2017-09-24 20:56:40 /sbin/route add -net 185.164.136.112 192.168.1.1 255.255.255.255
                                        add net 185.164.136.112: gateway 192.168.1.1
2017-09-24 20:56:40 /sbin/route add -net 0.0.0.0 10.8.0.1 128.0.0.0
                                        add net 0.0.0.0: gateway 10.8.0.1
2017-09-24 20:56:40 /sbin/route add -net 128.0.0.0 10.8.0.1 128.0.0.0
                                        add net 128.0.0.0: gateway 10.8.0.1
2017-09-24 20:56:40 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
2017-09-24 20:56:40 Initialization Sequence Completed
2017-09-24 20:56:40 MANAGEMENT: >STATE:1506279400,CONNECTED,SUCCESS,10.8.0.2,185.164.136.112
2017-09-24 20:57:21 *Tunnelblick: After 30.0 seconds, gave up trying to fetch IP address information using the ipInfo host's name after connecting.


ping to 8.8.8.8

ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes

Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
^C
--- 8.8.8.8 ping statistics ---
6 packets transmitted, 0 packets received, 100.0% packet loss


server.conf

port $myport
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-auth ta.key 0
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 10 120
cipher AES-256-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem


client.opvn

client
dev tun
proto udp
sndbuf 0
rcvbuf 0
remote 185.164.136.112 $myport
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
comp-lzo
setenv opt block-outside-dns
key-direction 1
verb 3
<ca>....

everything is default from the NYR script basically...

Offline

Board footer