Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 20th December 2010, 16:48
hypertyper hypertyper is offline
Junior Member
 
Join Date: Dec 2010
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default OpenVPN - can connect to server - can't access internet

SOLVED

This line needs to get changed:

iptables -t nat -A POSTROUTING -j SNAT --to-source YOURVPSIP

I've managed to install OpenVPN on a CentOs 5 VPS and get it to start. I can log in with my windows client but then I don't have any internet.

When I try to ping a url he seems to resolve it to an ip address but the ping attempt times out. I can ping the IP of the VPS though even when I'm connected.

Guide that I followed:
http://library.linode.com/networking...alling_openvpn

My configs look the way the tut describes.

I've spent over 10 hours on this now doing everything over, trying different pcs etc and I just can't get it to work. I would really appreciate some help.

this is the log from the client:

Code:
Mon Dec 20 15:39:33 2010 OpenVPN 2.1.4 i686-pc-mingw32 [SSL] [LZO2] [PKCS11] built on Nov  8 2010
Mon Dec 20 15:39:33 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Dec 20 15:39:33 2010 LZO compression initialized
Mon Dec 20 15:39:33 2010 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Mon Dec 20 15:39:33 2010 Socket Buffers: R=[8192->8192] S=[8192->8192]
Mon Dec 20 15:39:33 2010 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Mon Dec 20 15:39:33 2010 Local Options hash (VER=V4): '41690919'
Mon Dec 20 15:39:33 2010 Expected Remote Options hash (VER=V4): '530fdded'
Mon Dec 20 15:39:33 2010 UDPv4 link local: [undef]
Mon Dec 20 15:39:33 2010 UDPv4 link remote: 46.49.167.16:1194
Mon Dec 20 15:39:33 2010 TLS: Initial packet from 46.49.167.16:1194, sid=389525d0 b19e85bc
Mon Dec 20 15:39:33 2010 VERIFY OK: depth=1, /C=UK/ST=BE/L=Manchester/O=Fort-Peter/CN=Fort-Peter_CA/emailAddress=me@nohost.com
Mon Dec 20 15:39:33 2010 VERIFY OK: nsCertType=SERVER
Mon Dec 20 15:39:33 2010 VERIFY OK: depth=0, /C=UK/ST=BE/L=Manchester/O=Fort-Peter/CN=server/emailAddress=me@nohost.com
Mon Dec 20 15:39:33 2010 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Dec 20 15:39:33 2010 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Dec 20 15:39:33 2010 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Mon Dec 20 15:39:33 2010 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Mon Dec 20 15:39:33 2010 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Mon Dec 20 15:39:33 2010 [server] Peer Connection Initiated with 46.49.167.16:1194
Mon Dec 20 15:39:36 2010 SENT CONTROL [server]: 'PUSH_REQUEST' (status=1)
Mon Dec 20 15:39:36 2010 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Mon Dec 20 15:39:36 2010 OPTIONS IMPORT: timers and/or timeouts modified
Mon Dec 20 15:39:36 2010 OPTIONS IMPORT: --ifconfig/up options modified
Mon Dec 20 15:39:36 2010 OPTIONS IMPORT: route options modified
Mon Dec 20 15:39:36 2010 ROUTE default_gateway=192.168.1.254
Mon Dec 20 15:39:36 2010 TAP-WIN32 device [Local Area Connection 2] opened: \\.\Global\{0C85BD20-FAFD-43D1-B874-3876A390F03E}.tap
Mon Dec 20 15:39:36 2010 TAP-Win32 Driver Version 9.7 
Mon Dec 20 15:39:36 2010 TAP-Win32 MTU=1500
Mon Dec 20 15:39:36 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 10.8.0.6/255.255.255.252 on interface {0C85BD20-FAFD-43D1-B874-3876A390F03E} [DHCP-serv: 10.8.0.5, lease-time: 31536000]
Mon Dec 20 15:39:36 2010 Successful ARP Flush on interface [2] {0C85BD20-FAFD-43D1-B874-3876A390F03E}
Mon Dec 20 15:39:41 2010 TEST ROUTES: 2/2 succeeded len=1 ret=1 a=0 u/d=up
Mon Dec 20 15:39:41 2010 C:\WINDOWS\system32\route.exe ADD 46.49.167.16 MASK 255.255.255.255 192.168.1.254
Mon Dec 20 15:39:41 2010 Route addition via IPAPI succeeded [adaptive]
Mon Dec 20 15:39:41 2010 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Mon Dec 20 15:39:41 2010 Route addition via IPAPI succeeded [adaptive]
Mon Dec 20 15:39:41 2010 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Mon Dec 20 15:39:41 2010 Route addition via IPAPI succeeded [adaptive]
Mon Dec 20 15:39:41 2010 C:\WINDOWS\system32\route.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
Mon Dec 20 15:39:41 2010 Route addition via IPAPI succeeded [adaptive]
Mon Dec 20 15:39:41 2010 Initialization Sequence Completed

ip table - rc.local file:
Code:
iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

touch /var/lock/subsys/local

Last edited by hypertyper; 22nd December 2010 at 23:35.
Reply With Quote
Sponsored Links
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Statistic not working mzo Installation/Configuration 49 20th April 2011 12:19
amavis & ispconfig 3 yalex2000 Installation/Configuration 20 18th February 2010 17:02
Webmail problems with only one domain? compner Installation/Configuration 14 16th February 2010 16:59
ISPConfig3 Mail Warn Errors reason8 General 3 25th November 2009 13:58
problem with upgrade to 2.2.34 brianetilley Installation/Configuration 14 11th November 2009 17:22


All times are GMT +2. The time now is 08:15.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.