OpenVPN connects to the Server successfuly but no internet access











up vote
2
down vote

favorite












I want to setup an OpenVPN Server and after a week of trying day and night (no Linux Knowledge) I was able to successfully connect to the Server using OpenVPN GUI but now that I can Connect there is no ping 8.8.8.8 and the webpages won't open.



Server is Running: CentOS 7 X64



Client is Running: Windows 10 Pro Build 10586.17 X64 w/ Kaspersky Internet Security



This is my server Config



#change with your port

port 1337

#You can use udp or tcp

proto udp

# "dev tun" will create a routed IP tunnel.

dev tun

#Certificate Configuration

#ca certificate

ca ca.crt

#Server Certificate

cert server.crt

#Server Key and keep this is secret

key server.key

#See the size a dh key in /etc/openvpn/keys/

dh dh2048.pem

#Internal IP will get when already connect

server 192.168.200.0 255.255.255.0

#this line will redirect all traffic through our OpenVPN

push "redirect-gateway def1"

#Provide DNS servers to the client, you can use goolge DNS

push "dhcp-option DNS 8.8.8.8"

push "dhcp-option DNS 8.8.4.4"

#Enable multiple client to connect with same key

duplicate-cn

keepalive 20 60

comp-lzo

persist-key

persist-tun

daemon

#enable log

log-append /var/log/myvpn/openvpn.log

#Log Level

verb 3


This is my Client Config



client

dev tun

proto udp

remote MY_SERVER_IP_ADDRESS 1337



resolv-retry infinite

nobind

persist-key

persist-tun

mute-replay-warnings

comp-lzo

verb 3



<ca>

-----BEGIN CERTIFICATE-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END CERTIFICATE-----

</ca>





<cert>



-----BEGIN CERTIFICATE-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END CERTIFICATE-----

</cert>



<key>

-----BEGIN PRIVATE KEY-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END PRIVATE KEY-----

</key>


EDIT: so I added the below commands too.



yum install iptables-services -y

systemctl mask firewalld

systemctl enable iptables

systemctl stop firewalld

systemctl start iptables

iptables --flush

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

iptables-save > /etc/sysconfig/iptables

nano /etc/sysctl.conf

ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1

systemctl restart network.service

systemctl -f enable openvpn@server.service

systemctl start openvpn@server.service


But still I can connect but I have no ping and can't open any website.



Below is my route print after establishing the connection to my Server.



Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.11     10

          0.0.0.0        128.0.0.0    192.168.200.5    192.168.200.6     20

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

        128.0.0.0        128.0.0.0    192.168.200.5    192.168.200.6     20

     MY_SERVER_IP  255.255.255.255      192.168.1.1     192.168.1.11     10

      169.254.0.0      255.255.0.0         On-link     169.254.61.91    276

    169.254.61.91  255.255.255.255         On-link     169.254.61.91    276

  169.254.255.255  255.255.255.255         On-link     169.254.61.91    276

      192.168.1.0    255.255.255.0         On-link      192.168.1.11    266

     192.168.1.11  255.255.255.255         On-link      192.168.1.11    266

    192.168.1.255  255.255.255.255         On-link      192.168.1.11    266

    192.168.183.0    255.255.255.0         On-link     192.168.183.1    276

    192.168.183.1  255.255.255.255         On-link     192.168.183.1    276

  192.168.183.255  255.255.255.255         On-link     192.168.183.1    276

    192.168.200.1  255.255.255.255    192.168.200.5    192.168.200.6     20

    192.168.200.4  255.255.255.252         On-link     192.168.200.6    276

    192.168.200.6  255.255.255.255         On-link     192.168.200.6    276

    192.168.200.7  255.255.255.255         On-link     192.168.200.6    276

    192.168.230.0    255.255.255.0         On-link     192.168.230.1    276

    192.168.230.1  255.255.255.255         On-link     192.168.230.1    276

  192.168.230.255  255.255.255.255         On-link     192.168.230.1    276

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link      192.168.1.11    266

        224.0.0.0        240.0.0.0         On-link     169.254.61.91    276

        224.0.0.0        240.0.0.0         On-link     192.168.200.6    276

        224.0.0.0        240.0.0.0         On-link     192.168.230.1    276

        224.0.0.0        240.0.0.0         On-link     192.168.183.1    276

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link      192.168.1.11    266

  255.255.255.255  255.255.255.255         On-link     169.254.61.91    276

  255.255.255.255  255.255.255.255         On-link     192.168.200.6    276

  255.255.255.255  255.255.255.255         On-link     192.168.230.1    276

  255.255.255.255  255.255.255.255         On-link     192.168.183.1    276





centos openvpn internet







share|improve this question
















bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.






migrated from serverfault.com Dec 9 '15 at 21:28


This question came from our site for system and network administrators.















  • Is your server configured to NAT traffic from your OpenVPN subnet?
    – EEAA
    Dec 9 '15 at 21:10










  • Sorry man, but how can I be sure? I pretty new to Linux, only a week :(
    – williclarkam
    Dec 9 '15 at 21:25










  • If you didn't issue any iptables commands, then it's not yet set up correctly.
    – EEAA
    Dec 9 '15 at 21:25










  • Thanks man, I have improved the question, I have added the followings.yum install iptables-services -y systemctl mask firewalld systemctl enable iptables systemctl stop firewalld systemctl start iptables iptables --flush iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables-save > /etc/sysconfig/iptables nano /etc/sysctl.conf ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1 systemctl restart network.service systemctl -f enable openvpn@server.service systemctl start openvpn@server.service
    – bossModus
    Dec 9 '15 at 21:47

















up vote
2
down vote

favorite












I want to setup an OpenVPN Server and after a week of trying day and night (no Linux Knowledge) I was able to successfully connect to the Server using OpenVPN GUI but now that I can Connect there is no ping 8.8.8.8 and the webpages won't open.



Server is Running: CentOS 7 X64



Client is Running: Windows 10 Pro Build 10586.17 X64 w/ Kaspersky Internet Security



This is my server Config



#change with your port

port 1337

#You can use udp or tcp

proto udp

# "dev tun" will create a routed IP tunnel.

dev tun

#Certificate Configuration

#ca certificate

ca ca.crt

#Server Certificate

cert server.crt

#Server Key and keep this is secret

key server.key

#See the size a dh key in /etc/openvpn/keys/

dh dh2048.pem

#Internal IP will get when already connect

server 192.168.200.0 255.255.255.0

#this line will redirect all traffic through our OpenVPN

push "redirect-gateway def1"

#Provide DNS servers to the client, you can use goolge DNS

push "dhcp-option DNS 8.8.8.8"

push "dhcp-option DNS 8.8.4.4"

#Enable multiple client to connect with same key

duplicate-cn

keepalive 20 60

comp-lzo

persist-key

persist-tun

daemon

#enable log

log-append /var/log/myvpn/openvpn.log

#Log Level

verb 3


This is my Client Config



client

dev tun

proto udp

remote MY_SERVER_IP_ADDRESS 1337



resolv-retry infinite

nobind

persist-key

persist-tun

mute-replay-warnings

comp-lzo

verb 3



<ca>

-----BEGIN CERTIFICATE-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END CERTIFICATE-----

</ca>





<cert>



-----BEGIN CERTIFICATE-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END CERTIFICATE-----

</cert>



<key>

-----BEGIN PRIVATE KEY-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END PRIVATE KEY-----

</key>


EDIT: so I added the below commands too.



yum install iptables-services -y

systemctl mask firewalld

systemctl enable iptables

systemctl stop firewalld

systemctl start iptables

iptables --flush

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

iptables-save > /etc/sysconfig/iptables

nano /etc/sysctl.conf

ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1

systemctl restart network.service

systemctl -f enable openvpn@server.service

systemctl start openvpn@server.service


But still I can connect but I have no ping and can't open any website.



Below is my route print after establishing the connection to my Server.



Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.11     10

          0.0.0.0        128.0.0.0    192.168.200.5    192.168.200.6     20

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

        128.0.0.0        128.0.0.0    192.168.200.5    192.168.200.6     20

     MY_SERVER_IP  255.255.255.255      192.168.1.1     192.168.1.11     10

      169.254.0.0      255.255.0.0         On-link     169.254.61.91    276

    169.254.61.91  255.255.255.255         On-link     169.254.61.91    276

  169.254.255.255  255.255.255.255         On-link     169.254.61.91    276

      192.168.1.0    255.255.255.0         On-link      192.168.1.11    266

     192.168.1.11  255.255.255.255         On-link      192.168.1.11    266

    192.168.1.255  255.255.255.255         On-link      192.168.1.11    266

    192.168.183.0    255.255.255.0         On-link     192.168.183.1    276

    192.168.183.1  255.255.255.255         On-link     192.168.183.1    276

  192.168.183.255  255.255.255.255         On-link     192.168.183.1    276

    192.168.200.1  255.255.255.255    192.168.200.5    192.168.200.6     20

    192.168.200.4  255.255.255.252         On-link     192.168.200.6    276

    192.168.200.6  255.255.255.255         On-link     192.168.200.6    276

    192.168.200.7  255.255.255.255         On-link     192.168.200.6    276

    192.168.230.0    255.255.255.0         On-link     192.168.230.1    276

    192.168.230.1  255.255.255.255         On-link     192.168.230.1    276

  192.168.230.255  255.255.255.255         On-link     192.168.230.1    276

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link      192.168.1.11    266

        224.0.0.0        240.0.0.0         On-link     169.254.61.91    276

        224.0.0.0        240.0.0.0         On-link     192.168.200.6    276

        224.0.0.0        240.0.0.0         On-link     192.168.230.1    276

        224.0.0.0        240.0.0.0         On-link     192.168.183.1    276

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link      192.168.1.11    266

  255.255.255.255  255.255.255.255         On-link     169.254.61.91    276

  255.255.255.255  255.255.255.255         On-link     192.168.200.6    276

  255.255.255.255  255.255.255.255         On-link     192.168.230.1    276

  255.255.255.255  255.255.255.255         On-link     192.168.183.1    276





centos openvpn internet







share|improve this question
















bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.






migrated from serverfault.com Dec 9 '15 at 21:28


This question came from our site for system and network administrators.















  • Is your server configured to NAT traffic from your OpenVPN subnet?
    – EEAA
    Dec 9 '15 at 21:10










  • Sorry man, but how can I be sure? I pretty new to Linux, only a week :(
    – williclarkam
    Dec 9 '15 at 21:25










  • If you didn't issue any iptables commands, then it's not yet set up correctly.
    – EEAA
    Dec 9 '15 at 21:25










  • Thanks man, I have improved the question, I have added the followings.yum install iptables-services -y systemctl mask firewalld systemctl enable iptables systemctl stop firewalld systemctl start iptables iptables --flush iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables-save > /etc/sysconfig/iptables nano /etc/sysctl.conf ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1 systemctl restart network.service systemctl -f enable openvpn@server.service systemctl start openvpn@server.service
    – bossModus
    Dec 9 '15 at 21:47















up vote
2
down vote

favorite









up vote
2
down vote

favorite











I want to setup an OpenVPN Server and after a week of trying day and night (no Linux Knowledge) I was able to successfully connect to the Server using OpenVPN GUI but now that I can Connect there is no ping 8.8.8.8 and the webpages won't open.



Server is Running: CentOS 7 X64



Client is Running: Windows 10 Pro Build 10586.17 X64 w/ Kaspersky Internet Security



This is my server Config



#change with your port

port 1337

#You can use udp or tcp

proto udp

# "dev tun" will create a routed IP tunnel.

dev tun

#Certificate Configuration

#ca certificate

ca ca.crt

#Server Certificate

cert server.crt

#Server Key and keep this is secret

key server.key

#See the size a dh key in /etc/openvpn/keys/

dh dh2048.pem

#Internal IP will get when already connect

server 192.168.200.0 255.255.255.0

#this line will redirect all traffic through our OpenVPN

push "redirect-gateway def1"

#Provide DNS servers to the client, you can use goolge DNS

push "dhcp-option DNS 8.8.8.8"

push "dhcp-option DNS 8.8.4.4"

#Enable multiple client to connect with same key

duplicate-cn

keepalive 20 60

comp-lzo

persist-key

persist-tun

daemon

#enable log

log-append /var/log/myvpn/openvpn.log

#Log Level

verb 3


This is my Client Config



client

dev tun

proto udp

remote MY_SERVER_IP_ADDRESS 1337



resolv-retry infinite

nobind

persist-key

persist-tun

mute-replay-warnings

comp-lzo

verb 3



<ca>

-----BEGIN CERTIFICATE-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END CERTIFICATE-----

</ca>





<cert>



-----BEGIN CERTIFICATE-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END CERTIFICATE-----

</cert>



<key>

-----BEGIN PRIVATE KEY-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END PRIVATE KEY-----

</key>


EDIT: so I added the below commands too.



yum install iptables-services -y

systemctl mask firewalld

systemctl enable iptables

systemctl stop firewalld

systemctl start iptables

iptables --flush

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

iptables-save > /etc/sysconfig/iptables

nano /etc/sysctl.conf

ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1

systemctl restart network.service

systemctl -f enable openvpn@server.service

systemctl start openvpn@server.service


But still I can connect but I have no ping and can't open any website.



Below is my route print after establishing the connection to my Server.



Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.11     10

          0.0.0.0        128.0.0.0    192.168.200.5    192.168.200.6     20

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

        128.0.0.0        128.0.0.0    192.168.200.5    192.168.200.6     20

     MY_SERVER_IP  255.255.255.255      192.168.1.1     192.168.1.11     10

      169.254.0.0      255.255.0.0         On-link     169.254.61.91    276

    169.254.61.91  255.255.255.255         On-link     169.254.61.91    276

  169.254.255.255  255.255.255.255         On-link     169.254.61.91    276

      192.168.1.0    255.255.255.0         On-link      192.168.1.11    266

     192.168.1.11  255.255.255.255         On-link      192.168.1.11    266

    192.168.1.255  255.255.255.255         On-link      192.168.1.11    266

    192.168.183.0    255.255.255.0         On-link     192.168.183.1    276

    192.168.183.1  255.255.255.255         On-link     192.168.183.1    276

  192.168.183.255  255.255.255.255         On-link     192.168.183.1    276

    192.168.200.1  255.255.255.255    192.168.200.5    192.168.200.6     20

    192.168.200.4  255.255.255.252         On-link     192.168.200.6    276

    192.168.200.6  255.255.255.255         On-link     192.168.200.6    276

    192.168.200.7  255.255.255.255         On-link     192.168.200.6    276

    192.168.230.0    255.255.255.0         On-link     192.168.230.1    276

    192.168.230.1  255.255.255.255         On-link     192.168.230.1    276

  192.168.230.255  255.255.255.255         On-link     192.168.230.1    276

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link      192.168.1.11    266

        224.0.0.0        240.0.0.0         On-link     169.254.61.91    276

        224.0.0.0        240.0.0.0         On-link     192.168.200.6    276

        224.0.0.0        240.0.0.0         On-link     192.168.230.1    276

        224.0.0.0        240.0.0.0         On-link     192.168.183.1    276

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link      192.168.1.11    266

  255.255.255.255  255.255.255.255         On-link     169.254.61.91    276

  255.255.255.255  255.255.255.255         On-link     192.168.200.6    276

  255.255.255.255  255.255.255.255         On-link     192.168.230.1    276

  255.255.255.255  255.255.255.255         On-link     192.168.183.1    276





centos openvpn internet







share|improve this question















I want to setup an OpenVPN Server and after a week of trying day and night (no Linux Knowledge) I was able to successfully connect to the Server using OpenVPN GUI but now that I can Connect there is no ping 8.8.8.8 and the webpages won't open.



Server is Running: CentOS 7 X64



Client is Running: Windows 10 Pro Build 10586.17 X64 w/ Kaspersky Internet Security



This is my server Config



#change with your port

port 1337

#You can use udp or tcp

proto udp

# "dev tun" will create a routed IP tunnel.

dev tun

#Certificate Configuration

#ca certificate

ca ca.crt

#Server Certificate

cert server.crt

#Server Key and keep this is secret

key server.key

#See the size a dh key in /etc/openvpn/keys/

dh dh2048.pem

#Internal IP will get when already connect

server 192.168.200.0 255.255.255.0

#this line will redirect all traffic through our OpenVPN

push "redirect-gateway def1"

#Provide DNS servers to the client, you can use goolge DNS

push "dhcp-option DNS 8.8.8.8"

push "dhcp-option DNS 8.8.4.4"

#Enable multiple client to connect with same key

duplicate-cn

keepalive 20 60

comp-lzo

persist-key

persist-tun

daemon

#enable log

log-append /var/log/myvpn/openvpn.log

#Log Level

verb 3


This is my Client Config



client

dev tun

proto udp

remote MY_SERVER_IP_ADDRESS 1337



resolv-retry infinite

nobind

persist-key

persist-tun

mute-replay-warnings

comp-lzo

verb 3



<ca>

-----BEGIN CERTIFICATE-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END CERTIFICATE-----

</ca>





<cert>



-----BEGIN CERTIFICATE-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END CERTIFICATE-----

</cert>



<key>

-----BEGIN PRIVATE KEY-----

XXXXXXXXXXXXXXXXXXXXXXXXX

-----END PRIVATE KEY-----

</key>


EDIT: so I added the below commands too.



yum install iptables-services -y

systemctl mask firewalld

systemctl enable iptables

systemctl stop firewalld

systemctl start iptables

iptables --flush

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

iptables-save > /etc/sysconfig/iptables

nano /etc/sysctl.conf

ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1

systemctl restart network.service

systemctl -f enable openvpn@server.service

systemctl start openvpn@server.service


But still I can connect but I have no ping and can't open any website.



Below is my route print after establishing the connection to my Server.



Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.11     10

          0.0.0.0        128.0.0.0    192.168.200.5    192.168.200.6     20

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

        128.0.0.0        128.0.0.0    192.168.200.5    192.168.200.6     20

     MY_SERVER_IP  255.255.255.255      192.168.1.1     192.168.1.11     10

      169.254.0.0      255.255.0.0         On-link     169.254.61.91    276

    169.254.61.91  255.255.255.255         On-link     169.254.61.91    276

  169.254.255.255  255.255.255.255         On-link     169.254.61.91    276

      192.168.1.0    255.255.255.0         On-link      192.168.1.11    266

     192.168.1.11  255.255.255.255         On-link      192.168.1.11    266

    192.168.1.255  255.255.255.255         On-link      192.168.1.11    266

    192.168.183.0    255.255.255.0         On-link     192.168.183.1    276

    192.168.183.1  255.255.255.255         On-link     192.168.183.1    276

  192.168.183.255  255.255.255.255         On-link     192.168.183.1    276

    192.168.200.1  255.255.255.255    192.168.200.5    192.168.200.6     20

    192.168.200.4  255.255.255.252         On-link     192.168.200.6    276

    192.168.200.6  255.255.255.255         On-link     192.168.200.6    276

    192.168.200.7  255.255.255.255         On-link     192.168.200.6    276

    192.168.230.0    255.255.255.0         On-link     192.168.230.1    276

    192.168.230.1  255.255.255.255         On-link     192.168.230.1    276

  192.168.230.255  255.255.255.255         On-link     192.168.230.1    276

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link      192.168.1.11    266

        224.0.0.0        240.0.0.0         On-link     169.254.61.91    276

        224.0.0.0        240.0.0.0         On-link     192.168.200.6    276

        224.0.0.0        240.0.0.0         On-link     192.168.230.1    276

        224.0.0.0        240.0.0.0         On-link     192.168.183.1    276

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link      192.168.1.11    266

  255.255.255.255  255.255.255.255         On-link     169.254.61.91    276

  255.255.255.255  255.255.255.255         On-link     192.168.200.6    276

  255.255.255.255  255.255.255.255         On-link     192.168.230.1    276

  255.255.255.255  255.255.255.255         On-link     192.168.183.1    276





centos openvpn internet




centos openvpn internet






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 9 '15 at 22:56

























asked Dec 9 '15 at 21:10









bossModus

113




113





bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.







bumped to the homepage by Community 2 days ago


This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.






migrated from serverfault.com Dec 9 '15 at 21:28


This question came from our site for system and network administrators.






migrated from serverfault.com Dec 9 '15 at 21:28


This question came from our site for system and network administrators.














  • Is your server configured to NAT traffic from your OpenVPN subnet?
    – EEAA
    Dec 9 '15 at 21:10










  • Sorry man, but how can I be sure? I pretty new to Linux, only a week :(
    – williclarkam
    Dec 9 '15 at 21:25










  • If you didn't issue any iptables commands, then it's not yet set up correctly.
    – EEAA
    Dec 9 '15 at 21:25










  • Thanks man, I have improved the question, I have added the followings.yum install iptables-services -y systemctl mask firewalld systemctl enable iptables systemctl stop firewalld systemctl start iptables iptables --flush iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables-save > /etc/sysconfig/iptables nano /etc/sysctl.conf ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1 systemctl restart network.service systemctl -f enable openvpn@server.service systemctl start openvpn@server.service
    – bossModus
    Dec 9 '15 at 21:47




















  • Is your server configured to NAT traffic from your OpenVPN subnet?
    – EEAA
    Dec 9 '15 at 21:10










  • Sorry man, but how can I be sure? I pretty new to Linux, only a week :(
    – williclarkam
    Dec 9 '15 at 21:25










  • If you didn't issue any iptables commands, then it's not yet set up correctly.
    – EEAA
    Dec 9 '15 at 21:25










  • Thanks man, I have improved the question, I have added the followings.yum install iptables-services -y systemctl mask firewalld systemctl enable iptables systemctl stop firewalld systemctl start iptables iptables --flush iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables-save > /etc/sysconfig/iptables nano /etc/sysctl.conf ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1 systemctl restart network.service systemctl -f enable openvpn@server.service systemctl start openvpn@server.service
    – bossModus
    Dec 9 '15 at 21:47


















Is your server configured to NAT traffic from your OpenVPN subnet?
– EEAA
Dec 9 '15 at 21:10




Is your server configured to NAT traffic from your OpenVPN subnet?
– EEAA
Dec 9 '15 at 21:10












Sorry man, but how can I be sure? I pretty new to Linux, only a week :(
– williclarkam
Dec 9 '15 at 21:25




Sorry man, but how can I be sure? I pretty new to Linux, only a week :(
– williclarkam
Dec 9 '15 at 21:25












If you didn't issue any iptables commands, then it's not yet set up correctly.
– EEAA
Dec 9 '15 at 21:25




If you didn't issue any iptables commands, then it's not yet set up correctly.
– EEAA
Dec 9 '15 at 21:25












Thanks man, I have improved the question, I have added the followings.yum install iptables-services -y systemctl mask firewalld systemctl enable iptables systemctl stop firewalld systemctl start iptables iptables --flush iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables-save > /etc/sysconfig/iptables nano /etc/sysctl.conf ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1 systemctl restart network.service systemctl -f enable openvpn@server.service systemctl start openvpn@server.service
– bossModus
Dec 9 '15 at 21:47






Thanks man, I have improved the question, I have added the followings.yum install iptables-services -y systemctl mask firewalld systemctl enable iptables systemctl stop firewalld systemctl start iptables iptables --flush iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables-save > /etc/sysconfig/iptables nano /etc/sysctl.conf ADDEDD THIS TO sysctl.conf -> net.ipv4.ip_forward = 1 systemctl restart network.service systemctl -f enable openvpn@server.service systemctl start openvpn@server.service
– bossModus
Dec 9 '15 at 21:47












1 Answer
1






active

oldest

votes

















up vote
0
down vote













You didn't mention what OS the client computer is using. It can be a fiewall issue or a problem with proper nat or ip forwarding.



First of all, after connecting check the ip configuration and routing at the client computer. Make sure that the routing table is correct and default route is set to the vpn server. You should also be able to ping it. If this much is ok then you have to check your vpn server's nat and firewall rules.



For Windows 7 or higher Windows OS, you also need to run the openvpn client as Administrator, otherwise the client is not able to set proper routing.






share|improve this answer





















  • I have setup pritunl server and I have connected successfully using this method, with my Laptop and with my phone, so I don't think there has to be a firewall issue. I'm using Windows 10 with Kaspersky Internet Security 2016. How can i check in windows, that my routing table is correct? I run OpenVPN GUI always as administrator. Thanks for the reply, I greatly appreciated it.
    – bossModus
    Dec 9 '15 at 22:18










  • You can use route print to check the routing table.
    – Diamant
    Dec 9 '15 at 22:20










  • Thanks man for the replies. I have updated my question with route print . @bangal
    – bossModus
    Dec 9 '15 at 22:31










  • Well, as you can see there is no route for the network, 10.8.0.0/24, and there should also be a default route to your vpn server. You should also check with ipconfig if you are getting an ip at all. Windows 10 also has issue with openvpn. So see if you have the latest version installed.
    – Diamant
    Dec 9 '15 at 22:38










  • Interesting, But as you see I have added iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE to my firewall rules, right? maybe there is a problem with my interface card (eth0)? Is there any way to determine which interface is being used on my server to connect to internet) e.g. venet0 or ... ?
    – bossModus
    Dec 9 '15 at 22:49











Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f248421%2fopenvpn-connects-to-the-server-successfuly-but-no-internet-access%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes








up vote
0
down vote













You didn't mention what OS the client computer is using. It can be a fiewall issue or a problem with proper nat or ip forwarding.



First of all, after connecting check the ip configuration and routing at the client computer. Make sure that the routing table is correct and default route is set to the vpn server. You should also be able to ping it. If this much is ok then you have to check your vpn server's nat and firewall rules.



For Windows 7 or higher Windows OS, you also need to run the openvpn client as Administrator, otherwise the client is not able to set proper routing.






share|improve this answer





















  • I have setup pritunl server and I have connected successfully using this method, with my Laptop and with my phone, so I don't think there has to be a firewall issue. I'm using Windows 10 with Kaspersky Internet Security 2016. How can i check in windows, that my routing table is correct? I run OpenVPN GUI always as administrator. Thanks for the reply, I greatly appreciated it.
    – bossModus
    Dec 9 '15 at 22:18










  • You can use route print to check the routing table.
    – Diamant
    Dec 9 '15 at 22:20










  • Thanks man for the replies. I have updated my question with route print . @bangal
    – bossModus
    Dec 9 '15 at 22:31










  • Well, as you can see there is no route for the network, 10.8.0.0/24, and there should also be a default route to your vpn server. You should also check with ipconfig if you are getting an ip at all. Windows 10 also has issue with openvpn. So see if you have the latest version installed.
    – Diamant
    Dec 9 '15 at 22:38










  • Interesting, But as you see I have added iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE to my firewall rules, right? maybe there is a problem with my interface card (eth0)? Is there any way to determine which interface is being used on my server to connect to internet) e.g. venet0 or ... ?
    – bossModus
    Dec 9 '15 at 22:49















up vote
0
down vote













You didn't mention what OS the client computer is using. It can be a fiewall issue or a problem with proper nat or ip forwarding.



First of all, after connecting check the ip configuration and routing at the client computer. Make sure that the routing table is correct and default route is set to the vpn server. You should also be able to ping it. If this much is ok then you have to check your vpn server's nat and firewall rules.



For Windows 7 or higher Windows OS, you also need to run the openvpn client as Administrator, otherwise the client is not able to set proper routing.






share|improve this answer





















  • I have setup pritunl server and I have connected successfully using this method, with my Laptop and with my phone, so I don't think there has to be a firewall issue. I'm using Windows 10 with Kaspersky Internet Security 2016. How can i check in windows, that my routing table is correct? I run OpenVPN GUI always as administrator. Thanks for the reply, I greatly appreciated it.
    – bossModus
    Dec 9 '15 at 22:18










  • You can use route print to check the routing table.
    – Diamant
    Dec 9 '15 at 22:20










  • Thanks man for the replies. I have updated my question with route print . @bangal
    – bossModus
    Dec 9 '15 at 22:31










  • Well, as you can see there is no route for the network, 10.8.0.0/24, and there should also be a default route to your vpn server. You should also check with ipconfig if you are getting an ip at all. Windows 10 also has issue with openvpn. So see if you have the latest version installed.
    – Diamant
    Dec 9 '15 at 22:38










  • Interesting, But as you see I have added iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE to my firewall rules, right? maybe there is a problem with my interface card (eth0)? Is there any way to determine which interface is being used on my server to connect to internet) e.g. venet0 or ... ?
    – bossModus
    Dec 9 '15 at 22:49













up vote
0
down vote










up vote
0
down vote









You didn't mention what OS the client computer is using. It can be a fiewall issue or a problem with proper nat or ip forwarding.



First of all, after connecting check the ip configuration and routing at the client computer. Make sure that the routing table is correct and default route is set to the vpn server. You should also be able to ping it. If this much is ok then you have to check your vpn server's nat and firewall rules.



For Windows 7 or higher Windows OS, you also need to run the openvpn client as Administrator, otherwise the client is not able to set proper routing.






share|improve this answer












You didn't mention what OS the client computer is using. It can be a fiewall issue or a problem with proper nat or ip forwarding.



First of all, after connecting check the ip configuration and routing at the client computer. Make sure that the routing table is correct and default route is set to the vpn server. You should also be able to ping it. If this much is ok then you have to check your vpn server's nat and firewall rules.



For Windows 7 or higher Windows OS, you also need to run the openvpn client as Administrator, otherwise the client is not able to set proper routing.







share|improve this answer












share|improve this answer



share|improve this answer










answered Dec 9 '15 at 22:07









Diamant

1515




1515












  • I have setup pritunl server and I have connected successfully using this method, with my Laptop and with my phone, so I don't think there has to be a firewall issue. I'm using Windows 10 with Kaspersky Internet Security 2016. How can i check in windows, that my routing table is correct? I run OpenVPN GUI always as administrator. Thanks for the reply, I greatly appreciated it.
    – bossModus
    Dec 9 '15 at 22:18










  • You can use route print to check the routing table.
    – Diamant
    Dec 9 '15 at 22:20










  • Thanks man for the replies. I have updated my question with route print . @bangal
    – bossModus
    Dec 9 '15 at 22:31










  • Well, as you can see there is no route for the network, 10.8.0.0/24, and there should also be a default route to your vpn server. You should also check with ipconfig if you are getting an ip at all. Windows 10 also has issue with openvpn. So see if you have the latest version installed.
    – Diamant
    Dec 9 '15 at 22:38










  • Interesting, But as you see I have added iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE to my firewall rules, right? maybe there is a problem with my interface card (eth0)? Is there any way to determine which interface is being used on my server to connect to internet) e.g. venet0 or ... ?
    – bossModus
    Dec 9 '15 at 22:49


















  • I have setup pritunl server and I have connected successfully using this method, with my Laptop and with my phone, so I don't think there has to be a firewall issue. I'm using Windows 10 with Kaspersky Internet Security 2016. How can i check in windows, that my routing table is correct? I run OpenVPN GUI always as administrator. Thanks for the reply, I greatly appreciated it.
    – bossModus
    Dec 9 '15 at 22:18










  • You can use route print to check the routing table.
    – Diamant
    Dec 9 '15 at 22:20










  • Thanks man for the replies. I have updated my question with route print . @bangal
    – bossModus
    Dec 9 '15 at 22:31










  • Well, as you can see there is no route for the network, 10.8.0.0/24, and there should also be a default route to your vpn server. You should also check with ipconfig if you are getting an ip at all. Windows 10 also has issue with openvpn. So see if you have the latest version installed.
    – Diamant
    Dec 9 '15 at 22:38










  • Interesting, But as you see I have added iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE to my firewall rules, right? maybe there is a problem with my interface card (eth0)? Is there any way to determine which interface is being used on my server to connect to internet) e.g. venet0 or ... ?
    – bossModus
    Dec 9 '15 at 22:49
















I have setup pritunl server and I have connected successfully using this method, with my Laptop and with my phone, so I don't think there has to be a firewall issue. I'm using Windows 10 with Kaspersky Internet Security 2016. How can i check in windows, that my routing table is correct? I run OpenVPN GUI always as administrator. Thanks for the reply, I greatly appreciated it.
– bossModus
Dec 9 '15 at 22:18




I have setup pritunl server and I have connected successfully using this method, with my Laptop and with my phone, so I don't think there has to be a firewall issue. I'm using Windows 10 with Kaspersky Internet Security 2016. How can i check in windows, that my routing table is correct? I run OpenVPN GUI always as administrator. Thanks for the reply, I greatly appreciated it.
– bossModus
Dec 9 '15 at 22:18












You can use route print to check the routing table.
– Diamant
Dec 9 '15 at 22:20




You can use route print to check the routing table.
– Diamant
Dec 9 '15 at 22:20












Thanks man for the replies. I have updated my question with route print . @bangal
– bossModus
Dec 9 '15 at 22:31




Thanks man for the replies. I have updated my question with route print . @bangal
– bossModus
Dec 9 '15 at 22:31












Well, as you can see there is no route for the network, 10.8.0.0/24, and there should also be a default route to your vpn server. You should also check with ipconfig if you are getting an ip at all. Windows 10 also has issue with openvpn. So see if you have the latest version installed.
– Diamant
Dec 9 '15 at 22:38




Well, as you can see there is no route for the network, 10.8.0.0/24, and there should also be a default route to your vpn server. You should also check with ipconfig if you are getting an ip at all. Windows 10 also has issue with openvpn. So see if you have the latest version installed.
– Diamant
Dec 9 '15 at 22:38












Interesting, But as you see I have added iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE to my firewall rules, right? maybe there is a problem with my interface card (eth0)? Is there any way to determine which interface is being used on my server to connect to internet) e.g. venet0 or ... ?
– bossModus
Dec 9 '15 at 22:49




Interesting, But as you see I have added iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE to my firewall rules, right? maybe there is a problem with my interface card (eth0)? Is there any way to determine which interface is being used on my server to connect to internet) e.g. venet0 or ... ?
– bossModus
Dec 9 '15 at 22:49


















draft saved

draft discarded




















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f248421%2fopenvpn-connects-to-the-server-successfuly-but-no-internet-access%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-

Popular posts from this blog

Accessing regular linux commands in Huawei's Dopra Linux

Image
4 Backstory: I have a Huawei HG8245 router in my house and I want to change the default username/password. I've tried following this guide but the config file always gets reset. My ISP isn't helping either so I'm looking for other ways to accomplish this. The router has telnet access so this seems like a way to change the credentials. The first shell I gain access to looks like this: WAP> Pressing "?" gives me a list of available commands which I've pasted here, the two interesting ones are "su" and "shell". I can't seem to get su access, even after logging in as root (challenge password prompt, and then nothing happens), but shell gives me a proper linux shell. WAP>shell BusyBox v1.18.4 (2017-12-26 17:06:34 CST) built-in shell (ash) Enter 'hel...
Read more

Can't connect RFCOMM socket: Host is down

Image
up vote 3 down vote favorite I have bluez 5.4.3 and I am attempting to communicate with a ble device through minicom. These two deceives (my computer and a bluno nano) are alreadt paired and this has been my method so far. #bluetoothctl # pair xx:xx:xx:xx:xx:xx # exit Everything is working well so far then... #sudo rfcomm connect /dev/rfcomm0 xx:xx:xx:xx:xx:xx 1 & [1] 3665 Can't connect RFCOMM socket: Host is down Does anyone know how to resolve this issue? Any help would be very much appreciated. bluetooth bluez share | improve this question asked Feb 9 '17 at 18:46 Brandon Knape 46 2 ...
Read more

Kernel panic - not syncing: Fatal Exception in Interrupt

Image
0 Every day this error occured on my pc, kernel panic error on interrupt, what will be the problem? linux-mint share asked 6 mins ago Vinod Selvin Vinod Selvin 1 1 New contributor Vinod Selvin is a new contributor to this site. Take care in asking for clarification, commenting, and answering. Check out our Code of Conduct. add a comment ...
Read more