openVPN on Raspberry Pi

fritz44 · 10-11-2015, 03:46 PM

Hi all,

I'm fairly new to the whole Linux world and I hope you can help me out. My current project is a Raspberry Pi that acts as a VPN client for all devices connected to it over WiFi.

This is the planned setup:
- Eth0 - connected to the broadband router, establishes link to internet
- Wlan0 - established WiFi network for other devices to connect to
- openVPN client to establish VPN link; I want ALL traffic coming from Wlan0 to go through the VPN tunnel

This is my config setup:

Code:

client
remote MYVPN.com 1194 udp
remote MYVPN.com 443 tcp-client
pull
auth-user-pass auth.config
comp-lzo adaptive
ca ca.crt
dev tun
proto udp
tls-client
script-security 2
cipher AES-256-CBC
mute 10

route-delay 5
push "redirect-gateway def1"
resolv-retry infinite
# dhcp-renew
# dhcp-release
# persist-key
# persist-tun
remote-cert-tls server
mssfix
verb 3

log-append /var/log/openvpn-client.log

It establishes the VPN link, but somehow the routing is messed up. Connected devices are not able to access the net.

Here is the IP table:

Code:

Kernel IP routing table
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.132.21.1     128.0.0.0       UG        0 0          0 tun0
0.0.0.0         10.0.1.1        0.0.0.0         UG        0 0          0 eth0
10.0.0.0        0.0.0.0         255.0.0.0       U         0 0          0 eth0
10.0.1.0        0.0.0.0         255.255.255.0   U         0 0          0 eth0
10.132.21.0     0.0.0.0         255.255.255.0   U         0 0          0 tun0
128.0.0.0       10.132.21.1     128.0.0.0       UG        0 0          0 tun0
162.220.220.26  10.0.1.1        255.255.255.255 UGH       0 0          0 eth0
192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0 wlan0

Where am I'm going wrong here? Any ideas?

Thank you for suggestions!!

fritz44 · 10-11-2015, 05:01 PM

Oh and this is my ifconfig:

[CODE]
eth0 Link encap:Ethernet HWaddr b8:27:eb:e5:b5:b5
inet addr:10.0.1.200 Bcast:10.255.255.255 Mask:255.0.0.0
inet6 addr: 2002:c393:e1ce:0:ba27:ebff:fee5:b5b5/64 Scope:Global
inet6 addr: 2002:c393:e1ce:0:8ab5:68fd:da13:ce89/64 Scope:Global
inet6 addr: fe80::ba27:ebff:fee5:b5b5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:593 errors:0 dropped:0 overruns:0 frame:0
TX packets:704 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:196732 (192.1 KiB) TX bytes:106278 (103.7 KiB)

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:6 errors:0 dropped:0 overruns:0 frame:0
TX packets:6 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:480 (480.0 B) TX bytes:480 (480.0 B)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.132.21.39 P-t-P:10.132.21.39 Mask:255.255.255.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:256 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:18819 (18.3 KiB)

wlan0 Link encap:Ethernet HWaddr 00:e0:4c:81:76:6d
inet addr:192.168.0.1 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::59df:48ac:e811:2de1/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1471 errors:0 dropped:840 overruns:0 frame:0
TX packets:190 errors:0 dropped:6 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:58882 (57.5 KiB) TX bytes:132525 (129.4 KiB)
[/CODE|