Configuring OpenVPN for Secure Web Browsing?
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
I can connect my client to the VPN (Ubuntu 15.10) and ping other clients but still can not browse the web. I can reach a few sites (youtube.com, example.com) but most give no response including askubuntu.com
UFW is not installed and there is no nat table in iptables:
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
server.conf:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;push "route 192.169.244.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 10.0.0.2"
;push "dhcp-option DNS 10.1.0.2"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
client-to-client
keepalive 1 3
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
netstat -rn:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
192.169.169.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.169.169.254 0.0.0.0 UG 0 0 0 eth0
==============================================================================
client.conf:
client
dev tun
proto udp
remote pyfi.org 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
;remote-cert-tls server
;tls-auth ta.key 1
;cipher AES-256-CBC
comp-lzo
verb 3
netstat -rn:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 enp3s0
10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp3s0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
192.169.169.10 192.168.0.1 255.255.255.255 UGH 0 0 0 enp3s0
Can anyone tell me why I'm not able to reach the internet?
iptables routing openvpn vpn netstat
add a comment |Â
up vote
0
down vote
favorite
I can connect my client to the VPN (Ubuntu 15.10) and ping other clients but still can not browse the web. I can reach a few sites (youtube.com, example.com) but most give no response including askubuntu.com
UFW is not installed and there is no nat table in iptables:
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
server.conf:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;push "route 192.169.244.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 10.0.0.2"
;push "dhcp-option DNS 10.1.0.2"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
client-to-client
keepalive 1 3
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
netstat -rn:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
192.169.169.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.169.169.254 0.0.0.0 UG 0 0 0 eth0
==============================================================================
client.conf:
client
dev tun
proto udp
remote pyfi.org 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
;remote-cert-tls server
;tls-auth ta.key 1
;cipher AES-256-CBC
comp-lzo
verb 3
netstat -rn:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 enp3s0
10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp3s0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
192.169.169.10 192.168.0.1 255.255.255.255 UGH 0 0 0 enp3s0
Can anyone tell me why I'm not able to reach the internet?
iptables routing openvpn vpn netstat
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I can connect my client to the VPN (Ubuntu 15.10) and ping other clients but still can not browse the web. I can reach a few sites (youtube.com, example.com) but most give no response including askubuntu.com
UFW is not installed and there is no nat table in iptables:
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
server.conf:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;push "route 192.169.244.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 10.0.0.2"
;push "dhcp-option DNS 10.1.0.2"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
client-to-client
keepalive 1 3
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
netstat -rn:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
192.169.169.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.169.169.254 0.0.0.0 UG 0 0 0 eth0
==============================================================================
client.conf:
client
dev tun
proto udp
remote pyfi.org 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
;remote-cert-tls server
;tls-auth ta.key 1
;cipher AES-256-CBC
comp-lzo
verb 3
netstat -rn:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 enp3s0
10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp3s0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
192.169.169.10 192.168.0.1 255.255.255.255 UGH 0 0 0 enp3s0
Can anyone tell me why I'm not able to reach the internet?
iptables routing openvpn vpn netstat
I can connect my client to the VPN (Ubuntu 15.10) and ping other clients but still can not browse the web. I can reach a few sites (youtube.com, example.com) but most give no response including askubuntu.com
UFW is not installed and there is no nat table in iptables:
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.
server.conf:
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;push "route 192.169.244.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 10.0.0.2"
;push "dhcp-option DNS 10.1.0.2"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
client-to-client
keepalive 1 3
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
netstat -rn:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
192.169.169.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.169.169.254 0.0.0.0 UG 0 0 0 eth0
==============================================================================
client.conf:
client
dev tun
proto udp
remote pyfi.org 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
;remote-cert-tls server
;tls-auth ta.key 1
;cipher AES-256-CBC
comp-lzo
verb 3
netstat -rn:
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 enp3s0
10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp3s0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
192.169.169.10 192.168.0.1 255.255.255.255 UGH 0 0 0 enp3s0
Can anyone tell me why I'm not able to reach the internet?
iptables routing openvpn vpn netstat
asked Nov 5 '17 at 3:21
physiii
11
11
add a comment |Â
add a comment |Â
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
active
oldest
votes
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f402586%2fconfiguring-openvpn-for-secure-web-browsing%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password