FedoraForum.org - Fedora Support Forums and Community
Results 1 to 7 of 7
  1. #1
    stuartornum Guest

    OpenVPN route issues, all traffic through VPN tunnel

    Hi,

    I have a VPS (FC4 on Xen, in a datacenter), I have installed OpenVPN with tun/tap and it works all fine, I can connect to the server from my Windows XP machine and the server give my client (Win XP) the correct IP, however I cannot route all my internet ie web browsing, P2P etc down the VPN.

    So im not sure if its the server config file or the client config file or the servers route table? So I thought I would post all my .conf and see what you think...

    Server config file (server-tcp-1194.conf) I have a UDP conf file too, its just the same with UDP instaed of TCP.

    Code:
    local my.domain.com // this is obviously my actual domain
    port 1194
    proto tcp
    dev tun
    ca keys/ca.crt
    cert keys/server.crt
    key keys/server.key
    dh keys/dh1024.pem
    server 192.168.2.0 255.255.255.0
    ifconfig-pool-persist ipp.txt
    push "redirect-gateway"
    keepalive 10 120
    comp-lzo
    persist-key
    persist-tun
    status openvpn-status-notebook-tcp-1194.log
    verb 3
    Here is my client config file (client1-tcp-1194.ovpn)

    Code:
    client
    dev tun
    proto tcp
    remote my.domain.com 1194
    float
    resolv-retry infinite
    nobind
    persist-key
    persist-tun
    ca ca.crt
    cert client2.crt
    key client2.key
    ns-cert-type server
    comp-lzo
    verb 3
    Here is my netstat

    Code:
    [root@ns1 ~]# netstat -nr
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
    192.168.4.2     0.0.0.0         255.255.255.255 UH        0 0          0 tun1
    192.168.2.2     0.0.0.0         255.255.255.255 UH        0 0          0 tun0
    192.168.4.0     192.168.4.2     255.255.255.0   UG        0 0          0 tun1
    192.168.2.0     192.168.2.2     255.255.255.0   UG        0 0          0 tun0
    my.public.ip    0.0.0.0         255.255.255.0   U         0 0          0 eth0
    169.254.0.0     0.0.0.0         255.255.0.0     U         0 0          0 eth0
    0.0.0.0         194.150.121.254 0.0.0.0         UG        0 0          0 eth0

    If you require more info please post, im really at a dead end here.

    Many Thanks

  2. #2
    stuartornum Guest
    Does anyone have any ideas at all?

  3. #3
    Join Date
    Jun 2005
    Location
    Westminster, Colorado
    Posts
    2,306
    I've never used OpenVPN, but from what I know about pptp, ppp and vpnc, it sounds like you need a "default route" directive in your client config.
    Registered Linux User #4837
    411th in line to get sued by Micro$oft
    Basically, to learn Unix you learn to understand and apply a small set of key ideas and achieve expertise by expanding both the set of ideas and your ability to apply them - Paul Murphy

  4. #4
    stuartornum Guest
    Hi brunson,

    How would I go about setting the "default route" directive, sorry I am rather new to this.

    Thanks

  5. #5
    Join Date
    Jun 2005
    Location
    Westminster, Colorado
    Posts
    2,306
    Like I said, I haven't used OpenVPN before, the first place I would check is the documentation. This was meant to help you find the answer yourself, I was not volunteering to read the OpenVPN docs for you.
    Registered Linux User #4837
    411th in line to get sued by Micro$oft
    Basically, to learn Unix you learn to understand and apply a small set of key ideas and achieve expertise by expanding both the set of ideas and your ability to apply them - Paul Murphy

  6. #6
    Join Date
    Jan 2005
    Posts
    200
    I know this is a pretty old topic..but I figured I'd post my solution in case anyone else ever has the same problem.

    I was in the same boat as you with OpenVPN. I could connect fine, but I could not get my gateway to redirect. Turns out I had to add a firewall rule and turn on ip forwarding. I use the following two commands to accomplish this (server side):

    Code:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    Code:
    iptables -t nat -A POSTROUTING -j MASQUERADE
    After this, everything worked like a champ.

    NOTE: You may need to push a route or two in addition to the redirect-gateway option on the server side.
    Last edited by havenoclu; 8th June 2007 at 02:48 PM.

  7. #7
    Join Date
    Nov 2007
    Location
    Lviv, Ukraine
    Age
    36
    Posts
    5

    Question

    Quote Originally Posted by brunson
    I've never used OpenVPN, but from what I know about pptp, ppp and vpnc, it sounds like you need a "default route" directive in your client config.

    hi,
    can you tell be more detailed about pptp route.

    I create pptp tunnel but can't route any data over this tunnel.

    I set default route rule as:
    route add default dev ppp0
    or
    route add default dev ppp0 gw xxx.xxx.xxx.xxx
    where
    xxx.xxx.xxx.xxx - IP address of GW in local lan to IP of VPN serve

    but it doesn't work in any case.

    please tell me how did you do that ?

    thanks.
    make it simple as possible, but not simpler
    (c) Albert Einstein

Similar Threads

  1. Openvpn can connect but cannot ping other server in network issues
    By bearbasher in forum Servers & Networking
    Replies: 0
    Last Post: 29th August 2007, 04:36 AM
  2. OpenVPN. Setting up IP INSIDE the tunnel?
    By stormvice in forum Servers & Networking
    Replies: 0
    Last Post: 15th July 2005, 12:51 PM
  3. Gateway/route issues with ppp+wlan+eth
    By sej7278 in forum Servers & Networking
    Replies: 0
    Last Post: 10th May 2005, 12:08 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •