Hi All

I am not a linux expert neither a network guru.
I used to use Unix 10 years ago and since my job directed me to M$ OSs... unfortunately.

Okay, here is the challenge and I am giving up since I tried every single solution I have found and asking for your help, you people knowing 100% about what you are talking about (not my case obviously)

Got a Ubuntu 10.4 running in a VM (VMware Workstation 9.0) having a single eth interface natted.
The host is a Windows 7 connected wirelessly to a router.
The router itself connected to a xDSL modem.

On the host an OpenVPN client is running in addition which creates an additional virtual tunnel interface.
On the host everything works fine(Internet, LAN, Tunneling)
On the guest everything works also fine from a LAN/subnet perspective

On the guest there is a local proxy (socks5) running

The proxy itself is working well and any proxyfied application is passing through it like a charm

Now I need to run on the guest an OpenVPN client while passing also through this proxy

I did all the configuration stuff for the ovpn client and the connection is indeed established

BUT! I just noticed there is no incoming traffic (RX bytes: 0 always) on the tun0 interface created on the fly by the OpenVPN connection process

As a result, the OpenVPN server keeps disconnecting my client when bypassing the configured inactivity timeout

Is there any hint I am missing? I tried many linux FW rules via iptables to accept everything, forward from/to eth0 and tun0 etc. No luck.

Will appreciate your help.
If you estimate that I should go first and read some stuff, I am ready to do so.

Thank you

Sorry that I don't have much to add for the VPN configuration thoughts except to recommend that when you google you can specify "unbuntu" "<release-number>" "OpenVPN", I've done some involved strings when searching, using the normal interface, not advanced and been able to find content that helps.

My main reason for responding is to advise you that this release of Ubuntu you've used, albeit a good one, was end of life just last month. You may wish to install the latest long term support version https://wiki.ubuntu.com/Releases.

1 members found this post helpful.

Thank you for your reply.

Just in case I have no choice and forced to use this environments for now.
I am engaged to validate the migration of a Java application using all this stuff. And as a Lab my customer gave me this (VMware workstation + Win7 + Ubuntu 10.4)
Anyway, regarding my search capabilities they seem to be as limited as you was helpful
Seriously are you saying this issue/case is SOLVED somewhere and I missed it? I am seeking this since last wednesday.

No I have no idea whether or not it's been fixed; just saying that I've typed into the google search bar a lot of words or fragments like:and it sometimes finds stuff. Of course it also tells me where I can find money, love, and happiness too, but that's a side issue.

There are Ubuntu forums, and ultimately when I've searched from google to find something related to Ubuntu, I find some hits take me to their forums. But you can try searching forThe flip side is that 10.04 has been around for a while so there ought to be some good debugging posts about it and openvpn.

1 members found this post helpful.

As I said I am googling since last wednesday. I found many related topics you are right, and for each I gave a try with no luck.
1) Keep alive, MTU, ping-restart
2) different tcp ports for OpenVPN (cannot try UDP because of this f... socks proxy unable to handle this)
3) dumping tcp on host & guest and correlate
4) iptables stuff (wasn't clear for me since Policy was ACCEPT on 3 kinds)
5) restricting VMNAT and placing static routes between the host and guest subnet
6) upgraded client to OpenVPN 2.3.1 (this is not compliant with my customer's pre requisite but he is not aware about the --version argument lol)
etc.
A dude told me to post here since there are experts around.

What is p... me off is that the exact same config with Windows 7 or XP (as guest in replacement of Ubuntu 10.4) worked flawlessly.
I always had the feeling that NIX is more effective than M$ (but for sure less user friendly if you aren't tuned up to date about GUIs of different tools)
Is Ubuntu an exception to this statement? Don't think so as per majority.

But given your opinion about 10.4, I'll give a try and argue that we should upgrade to be more practical and save time.

Anyway, thanks sincerly

This sounds like a routing problem. What networks are you accessing through the tunnel as opposed to the non-tunneled link. In other words, why would a packet traverse the tunnel and not directly via the eth0 interface?

Output from `ifconfig -a` and `route -n` would help (after setting up the tunnel).

Also, the far-end host/router/VPN-concentrator needs to know to route the return packets through the tunnel. OpenVPN should take care of adding the routing table entries, but you should double check.

My guess is that whatever application you are using is taking the most direct route, which is not the tunnel. Have you tried a `ping -I <internal-IP>` ? BTW, it's hard to present an example without knowing what network addresses are assigned to what.

This setup seems pretty complicated; VPN through a proxy through NAT to an unknown endpoint (the xDSL router?, a VPN access point out on the internet?). Knowing a bit more about the physical network topology, and the address spaces from one end to the other would help the troubleshooting process. Of course, we don't need to know the real IP address of your VPN endpoint. 1.2.3.4 will do.

Finally, I wouldn't waste time upgrading your Ubuntu version. That's not the problem.