Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Home LAN (Private IP)-> Gateway (Both LAN IP, WAN IP) -> Internet.
Your VPN server is sitting,
Home LAN (Private IP)-> VPN server (Private IP) -> Gateway (Both LAN IP, WAN IP) -> Internet.
You are on the same LAN? In that case I don't think OpenVPN will work. Anyway I am not sure what is blocking the traffic. Can you do an ssh to outside server?
Home LAN (Private IP)-> Gateway (Both LAN IP, WAN IP) -> Internet.
Your VPN server is sitting,
Home LAN (Private IP)-> VPN server (Private IP) -> Gateway (Both LAN IP, WAN IP) -> Internet.
You are on the same LAN? In that case I don't think OpenVPN will work. Anyway I am not sure what is blocking the traffic. Can you do an ssh to outside server?
Regards,
--
Prasanta
No, the server is on another site, completely different network.
Home PC connected to ISP gateway with WAN IP 86.xxx.xxx.xxx
I then start the VPN to connect to my server
It connects and I am given the IP 10.8.0.6
I can ping 10.8.0.1
My server has it's own WAN IP of 88.xxx.xxx.xxx
However, when I open up a client browser and go the site www.whatsmyip.org it still gives me 86.xxx.xxx.xxx
The VPN connection means that that site should be showing my IP as 88.xxx.xxx.xxx but it is not doing this.
Yes, that true. The outgoing IP address should be 88.x.x.x. Something is meesy in the client side I assume, not sure but. Could you check the default gateway on the client machine. It should be in 10.8.x.x.
Yes, that true. The outgoing IP address should be 88.x.x.x. Something is meesy in the client side I assume, not sure but. Could you check the default gateway on the client machine. It should be in 10.8.x.x.
I don't think that is going to help. Anyway please do try. Since the process is already running you are getting this error.
ps aux| grep openvpn
Kill the process using `kill` command. And start the server again.
Regards,
--
Prasanta
Is it the client configuration that I need to change?
I tried adding --redirect-gateway but when I did that, the client connected but I could not view any websites at all - they all returned a host not found error.
I don't think that is going to help. Anyway please do try. Since the process is already running you are getting this error.
ps aux| grep openvpn
Kill the process using `kill` command. And start the server again.
Regards,
--
Prasanta
When I add those 2 server configurations and connect via VPN, all websites are now blocked. Does this mean the connection is now going via VPN but perhaps something on the server firewall is blocking access to 10.8.0.6 ?
If the connection was still direct I would be able to see websites but now I get nothing until I disconnect from VPN - then I can browse websites successfully again.
I cannot browse any website on the client.
I cannot browse any 10.8.x.x website.
However, if I connect to http://88.xxx.xxx.xxx/sarg/ then I get a response. This is possibly because my iptables only allows a port 80 connection on that IP address and apache is only listening on that port and that IP address.
What should I add to my iptables to try this, do I need to add 10.x addresses?
I also see this on the server:
Code:
Mon Sep 21 18:09:12 2009 myfirst.cert/86.xxx.xxx.xx:4277 SENT CONTROL [myfirst.cert]: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 10.8.0.1,route 10.8.0.1,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5' (status=1)
Mon Sep 21 18:09:24 2009 myfirst.cert/86.xxx.xxx.xx:4277 MULTI: bad source address from client [192.168.0.2], packet dropped
Mon Sep 21 18:09:24 2009 myfirst.cert/86.xxx.xxx.xx:4277 MULTI: bad source address from client [192.168.0.2], packet dropped
Mon Sep 21 18:09:24 2009 myfirst.cert/86.xxx.xxx.xx:4277 MULTI: bad source address from client [192.168.0.2], packet dropped
Mon Sep 21 18:09:24 2009 myfirst.cert/86.xxx.xxx.xx:4277 MULTI: bad source address from client [192.168.0.2], packet dropped
Mon Sep 21 18:09:24 2009 myfirst.cert/86.xxx.xxx.xx:4277 MULTI: bad source address from client [192.168.0.2], packet dropped
Mon Sep 21 18:09:24 2009 myfirst.cert/86.xxx.xxx.xx:4277 MULTI: bad source address from client [192.168.0.2], packet dropped
Mon Sep 21 18:09:24 2009 myfirst.cert/86.xxx.xxx.xx:4277 MULTI: bad source address from client [192.168.0.2], packet dropped
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.