dimanche 1 mars 2015

OpenVPN Server only Serves traffic from Google.com to Client


So I am pretty sure this is a routing/config problem. Whenever my client (Android OpenVPN) connects to the OpenVPN server it can only retrieve traffic from google.com searches. Whenever I try and access another website or service I get "connection interrupted" or "DNS lookup failed". Any help/insights would be appreciated!


server.conf



local 192.168.X.X
dev tun
proto udp 
port 1194
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/1.crt 
key /etc/openvpn/easy-rsa/keys/1.key 
dh /etc/openvpn/easy-rsa/keys/dh2048.pem 
server 10.8.0.0 255.255.255.0
# server and remote endpoints
ifconfig 10.8.0.1 10.8.0.2
# Add route to Client routing table for the OpenVPN Server
push "route 10.8.0.1 255.255.255.255"
# Add route to Client routing table for the OpenVPN Subnet
push "route 10.8.0.0 255.255.255.0"
# your local subnet
push "route 192.168.X.X 255.255.255.0" 
# Set primary domain name server address to the SOHO Router
# If your router does not do DNS, you can use Google DNS 8.8.8.8
push "dhcp-option DNS 192.168.X.X" # This should already match your router address and not need to be changed.
# Override the Client default gateway by using 0.0.0.0/1 and
# 128.0.0.0/1 rather than 0.0.0.0/0. This has the benefit of
# overriding but not wiping out the original default gateway.
push "redirect-gateway def1"
client-to-client
duplicate-cn
keepalive 10 120
tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0
cipher AES-128-CBC
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn-status.log 20
log /var/log/openvpn.log
verb 1


iptables -t nat -L



Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
SNAT       all  --  10.8.0.0/24          anywhere             to:192.168.X.X
MASQUERADE  all  --  10.8.0.0/24          anywhere


iptables -L



Has no rules.


tcpdump -i eth0 port 80 when trying to access something outside of google search



empty


tcpdump -i tun0 port 80 when trying to access something outside of google search



empty


If there is any other output needed, please ask I would be happy to oblige haha.



Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)