openvpn not resolving to the internet
 

I bought a linux vps (centOS 5.3) in the UK im in the US. The purpose to the VPN is just to grab another IP address but in the UK area. VPN connects and I can ping sites/domains but it doesn't resolve them. What things should I look for to find out why it is not working?

try this...
 

Here is a link to review vpn connections like you are trying to establish. Maybe it would be just a routing problem related. follow the guide, have some fun ... play special attention to

echo 1 > /proc/sys/net/ipv4/ip_forward

sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

http://www.ventanazul.com/webzine/ar...buntu-and-hulu

Best Regards,

If you can ping www.somewhere.com then it is resolved. Do you mean that your browser can't connect through this end device?

Everything on that site appears to be the same way I have, something I am overlooking though

My IPtables are not sticking..

[root@uk ~]# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

If I put it in
[root@uk ~]# /sbin/iptables -t nat -s 10.8.0.6/32 -A POSTROUTING -j SNAT --to 78.129.159.88
[root@uk ~]# iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- 10.8.0.6 anywhere to:78.129.159.88

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

But once I reboot it goes away.

Not my biggest concern at the moment

[root@uk ~]# cat /proc/sys/net/ipv4/ip_forward
1

ifconfig

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:849 (849.0 b) TX bytes:0 (0.0 b)

Once the VPN connects I can get into the server of course but I can't get to anything on the internet. Says connecting, waiting on reply but times out. If I ping a site I get a IP response but request times out. If I tracert to anything other then the VPN server it just times out.


C:\Users\Ron>nslookup yahoo.com
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 208.67.222.222

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
*** Request to UnKnown timed-out

You need to have some dns at that end.

Please, paste this (both server and vpn client side):

route -an

Regards!

Not sure how to use the a command so -an gives nothing

route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
192.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 venet0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 venet0
0.0.0.0 192.0.2.1 0.0.0.0 UG 0 0 0 venet0

C:\>route PRINT -4
===========================================================================
Interface List
33...00 ff c9 ca f0 13 ......TAP-Win32 Adapter V9
14...00 ff 46 ad 30 52 ......Anchorfree HSS Adapter
12...00 05 5d 33 23 8d ......D-Link DFE-530TX+ PCI Adapter
17...00 50 56 c0 00 01 ......VMware Virtual Ethernet Adapter for VMnet1
18...00 50 56 c0 00 08 ......VMware Virtual Ethernet Adapter for VMnet8
31...08 00 27 00 c8 e2 ......VirtualBox Host-Only Ethernet Adapter
1...........................Software Loopback Interface 1
25...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
26...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4
27...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5
28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.46 20
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.46 276
192.168.1.46 255.255.255.255 On-link 192.168.1.46 276
192.168.1.255 255.255.255.255 On-link 192.168.1.46 276
192.168.56.0 255.255.255.0 On-link 192.168.56.1 276
192.168.56.1 255.255.255.255 On-link 192.168.56.1 276
192.168.56.255 255.255.255.255 On-link 192.168.56.1 276
192.168.141.0 255.255.255.0 On-link 192.168.141.1 276
192.168.141.1 255.255.255.255 On-link 192.168.141.1 276
192.168.141.255 255.255.255.255 On-link 192.168.141.1 276
192.168.222.0 255.255.255.0 On-link 192.168.222.1 276
192.168.222.1 255.255.255.255 On-link 192.168.222.1 276
192.168.222.255 255.255.255.255 On-link 192.168.222.1 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.56.1 276
224.0.0.0 240.0.0.0 On-link 192.168.1.46 276
224.0.0.0 240.0.0.0 On-link 192.168.222.1 276
224.0.0.0 240.0.0.0 On-link 192.168.141.1 276
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.56.1 276
255.255.255.255 255.255.255.255 On-link 192.168.1.46 276
255.255.255.255 255.255.255.255 On-link 192.168.222.1 276
255.255.255.255 255.255.255.255 On-link 192.168.141.1 276
===========================================================================
Persistent Routes:
None

Which end they both have working dns client and server

anyone else have any further input?

I almost forgot, sometime i has a problem alike.

The problem was the cablemodem dhcp from my isp after vpnclient install, dhcp still offers the dns servers for my isp. those were internal ip address like 10.x.x.x. so try to add the route to your dns.

im a linux user, lets say my dns server are 10.1.1.1 and 10.1.1.2 so i did at the vpn client side:

route add 10.1.1.1 mask 255.255.255.255 gw internal_ip.cablemodem.of.isp
route add 10.1.1.2 mask 255.255.255.255. gw internal_ip.cablemodem.of.isp

Regards!

As said above: you probably do not have packet forwarding enabled.
Also check if dns is working. You can easily configure a forwarding dns with bind.
Or just add a route to your local dns server (probably your router) and use the local dns.

Somethings up with opendns I think. I have (had) a working one on another server that works just fine but I haven't used it in a month or so. When I connect with it I get the same result as I do on the VPS server... the other server is a live/working server with sites hosted on it. Even that one does the same thing. Maybe opendns has decided to filter stuff now

Switched the one that did work to the internal DNS rather than using opendns and same result nothing. grrr nothings changed on my original one

What is your openvpn config?

Do you tunnel everything through your server?
first fix your dns issue.

If your local dns works: add a route for that ip to your normal lan interface.

Yea tunnel thru.. how would I add a route specifically and which interface specifically? I have 6 IPs on the server.