Configuring OpenVPN for Secure Web Browsing?

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite












I can connect my client to the VPN (Ubuntu 15.10) and ping other clients but still can not browse the web. I can reach a few sites (youtube.com, example.com) but most give no response including askubuntu.com



UFW is not installed and there is no nat table in iptables:



sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.


server.conf:



port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
;push "route 192.169.244.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 10.0.0.2"
;push "dhcp-option DNS 10.1.0.2"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
client-to-client
keepalive 1 3
comp-lzo
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3


netstat -rn:



Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
192.169.169.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 192.169.169.254 0.0.0.0 UG 0 0 0 eth0

==============================================================================


client.conf:



client
dev tun
proto udp
remote pyfi.org 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
;remote-cert-tls server
;tls-auth ta.key 1
;cipher AES-256-CBC
comp-lzo
verb 3


netstat -rn:



Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 enp3s0
10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp3s0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
192.169.169.10 192.168.0.1 255.255.255.255 UGH 0 0 0 enp3s0


Can anyone tell me why I'm not able to reach the internet?







share|improve this question
























    up vote
    0
    down vote

    favorite












    I can connect my client to the VPN (Ubuntu 15.10) and ping other clients but still can not browse the web. I can reach a few sites (youtube.com, example.com) but most give no response including askubuntu.com



    UFW is not installed and there is no nat table in iptables:



    sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
    iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
    Perhaps iptables or your kernel needs to be upgraded.


    server.conf:



    port 1194
    proto udp
    dev tun
    ca ca.crt
    cert server.crt
    key server.key
    dh dh2048.pem
    server 10.8.0.0 255.255.255.0
    ifconfig-pool-persist ipp.txt
    ;push "route 192.169.244.0 255.255.255.0"
    push "redirect-gateway def1 bypass-dhcp"
    ;push "dhcp-option DNS 10.0.0.2"
    ;push "dhcp-option DNS 10.1.0.2"
    push "dhcp-option DNS 208.67.222.222"
    push "dhcp-option DNS 208.67.220.220"
    client-to-client
    keepalive 1 3
    comp-lzo
    user nobody
    group nogroup
    persist-key
    persist-tun
    status openvpn-status.log
    verb 3


    netstat -rn:



    Kernel IP routing table
    Destination Gateway Genmask Flags MSS Window irtt Iface
    10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
    10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
    192.169.169.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
    0.0.0.0 192.169.169.254 0.0.0.0 UG 0 0 0 eth0

    ==============================================================================


    client.conf:



    client
    dev tun
    proto udp
    remote pyfi.org 1194
    resolv-retry infinite
    nobind
    user nobody
    group nogroup
    persist-key
    persist-tun
    ca ca.crt
    cert client.crt
    key client.key
    ;remote-cert-tls server
    ;tls-auth ta.key 1
    ;cipher AES-256-CBC
    comp-lzo
    verb 3


    netstat -rn:



    Kernel IP routing table
    Destination Gateway Genmask Flags MSS Window irtt Iface
    0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
    0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 enp3s0
    10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
    10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
    128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
    169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp3s0
    192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
    192.169.169.10 192.168.0.1 255.255.255.255 UGH 0 0 0 enp3s0


    Can anyone tell me why I'm not able to reach the internet?







    share|improve this question






















      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I can connect my client to the VPN (Ubuntu 15.10) and ping other clients but still can not browse the web. I can reach a few sites (youtube.com, example.com) but most give no response including askubuntu.com



      UFW is not installed and there is no nat table in iptables:



      sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
      iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
      Perhaps iptables or your kernel needs to be upgraded.


      server.conf:



      port 1194
      proto udp
      dev tun
      ca ca.crt
      cert server.crt
      key server.key
      dh dh2048.pem
      server 10.8.0.0 255.255.255.0
      ifconfig-pool-persist ipp.txt
      ;push "route 192.169.244.0 255.255.255.0"
      push "redirect-gateway def1 bypass-dhcp"
      ;push "dhcp-option DNS 10.0.0.2"
      ;push "dhcp-option DNS 10.1.0.2"
      push "dhcp-option DNS 208.67.222.222"
      push "dhcp-option DNS 208.67.220.220"
      client-to-client
      keepalive 1 3
      comp-lzo
      user nobody
      group nogroup
      persist-key
      persist-tun
      status openvpn-status.log
      verb 3


      netstat -rn:



      Kernel IP routing table
      Destination Gateway Genmask Flags MSS Window irtt Iface
      10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
      10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
      192.169.169.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
      0.0.0.0 192.169.169.254 0.0.0.0 UG 0 0 0 eth0

      ==============================================================================


      client.conf:



      client
      dev tun
      proto udp
      remote pyfi.org 1194
      resolv-retry infinite
      nobind
      user nobody
      group nogroup
      persist-key
      persist-tun
      ca ca.crt
      cert client.crt
      key client.key
      ;remote-cert-tls server
      ;tls-auth ta.key 1
      ;cipher AES-256-CBC
      comp-lzo
      verb 3


      netstat -rn:



      Kernel IP routing table
      Destination Gateway Genmask Flags MSS Window irtt Iface
      0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
      0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 enp3s0
      10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
      10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
      128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
      169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp3s0
      192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
      192.169.169.10 192.168.0.1 255.255.255.255 UGH 0 0 0 enp3s0


      Can anyone tell me why I'm not able to reach the internet?







      share|improve this question












      I can connect my client to the VPN (Ubuntu 15.10) and ping other clients but still can not browse the web. I can reach a few sites (youtube.com, example.com) but most give no response including askubuntu.com



      UFW is not installed and there is no nat table in iptables:



      sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
      iptables v1.4.21: can't initialize iptables table `nat': Table does not exist (do you need to insmod?)
      Perhaps iptables or your kernel needs to be upgraded.


      server.conf:



      port 1194
      proto udp
      dev tun
      ca ca.crt
      cert server.crt
      key server.key
      dh dh2048.pem
      server 10.8.0.0 255.255.255.0
      ifconfig-pool-persist ipp.txt
      ;push "route 192.169.244.0 255.255.255.0"
      push "redirect-gateway def1 bypass-dhcp"
      ;push "dhcp-option DNS 10.0.0.2"
      ;push "dhcp-option DNS 10.1.0.2"
      push "dhcp-option DNS 208.67.222.222"
      push "dhcp-option DNS 208.67.220.220"
      client-to-client
      keepalive 1 3
      comp-lzo
      user nobody
      group nogroup
      persist-key
      persist-tun
      status openvpn-status.log
      verb 3


      netstat -rn:



      Kernel IP routing table
      Destination Gateway Genmask Flags MSS Window irtt Iface
      10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
      10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
      192.169.169.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
      0.0.0.0 192.169.169.254 0.0.0.0 UG 0 0 0 eth0

      ==============================================================================


      client.conf:



      client
      dev tun
      proto udp
      remote pyfi.org 1194
      resolv-retry infinite
      nobind
      user nobody
      group nogroup
      persist-key
      persist-tun
      ca ca.crt
      cert client.crt
      key client.key
      ;remote-cert-tls server
      ;tls-auth ta.key 1
      ;cipher AES-256-CBC
      comp-lzo
      verb 3


      netstat -rn:



      Kernel IP routing table
      Destination Gateway Genmask Flags MSS Window irtt Iface
      0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
      0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 enp3s0
      10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
      10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
      128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
      169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 enp3s0
      192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 enp3s0
      192.169.169.10 192.168.0.1 255.255.255.255 UGH 0 0 0 enp3s0


      Can anyone tell me why I'm not able to reach the internet?









      share|improve this question











      share|improve this question




      share|improve this question










      asked Nov 5 '17 at 3:21









      physiii

      11




      11

























          active

          oldest

          votes











          Your Answer







          StackExchange.ready(function()
          var channelOptions =
          tags: "".split(" "),
          id: "106"
          ;
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function()
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled)
          StackExchange.using("snippets", function()
          createEditor();
          );

          else
          createEditor();

          );

          function createEditor()
          StackExchange.prepareEditor(
          heartbeatType: 'answer',
          convertImagesToLinks: false,
          noModals: false,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          );



          );













           

          draft saved


          draft discarded


















          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f402586%2fconfiguring-openvpn-for-secure-web-browsing%23new-answer', 'question_page');

          );

          Post as a guest



































          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes















           

          draft saved


          draft discarded















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function ()
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f402586%2fconfiguring-openvpn-for-secure-web-browsing%23new-answer', 'question_page');

          );

          Post as a guest













































































          Popular posts from this blog

          How to check contact read email or not when send email to Individual?

          Displaying single band from multi-band raster using QGIS

          How many registers does an x86_64 CPU actually have?