OpenVPN - can connect only to Server

  • Hi,


    I just installed the latest Version of OMV 3.x and I am now trying to get VPN working. The service itself works, I can connect to the VPN Server, but I can only connect to the OMV-Machine and nothing else. I cant ping or browse to any other device in the network, and I also can't connect to the Internet through VPN. But connection to the server itself works pretty fine: I can open the OMV WebGUI, I can ssh into the server and so on. I am pretty much out of ideas where the problem could be located, maybe somebody has a idea what could be the problem.


    I attached a screenshot of my OpenVPN Configuration and the iptables rules. Adding the extra option and allowing client-to-client communication didn't change anything, I am still only able to connect to the server.


    Thank you!!


    Sebastian

    • Offizieller Beitrag

    Looks from the output of iptables you’re missing a masquerade rule for outgoing traffic from the vpn tun to outside of the Omv server. I recall the plugin added this rule but maybe it failed to add it. Forwarding should be enabled by default, but just check that.


    I cannot recall the typical masquerade rule, but you should easily find in google for OpenVPN.

  • I tried it with:


    iptables -t nat -I POSTROUTING -o bond0 \ -s 10.8.0.0/24 -j MASQUERADE


    But still no success - same error / behaviour. I also searched the plugin repository on GITHUB, but i couldn't find any iptables except of the SNAT rule.


    Thank you! :)

  • Do you mean IPv4 Forwarding?


    root@NASty:/# sysctl net.ipv4.ip_forward
    net.ipv4.ip_forward = 1
    root@NASty:/# cat /proc/sys/net/ipv4/ip_forward
    1


    Or should I check the github page for any forwarding rules? :)

  • I have the same problem on my side.


    Here are the iptables rules in place


    strangely I have 3 times the same rule in POSTROUTING (the rules come back to each reboot)



    Code
    7 12 2338 SNAT all - * * 10.8.0.0/24 0.0.0.0/0 to: 192.168.1.250
    
    
    8 0 0 SNAT all - * * 10.8.0.0/24 0.0.0.0/0 to: 192.168.1.250
    
    
    9 0 0 SNAT all - * * 10.8.0.0/24 0.0.0.0/0 to: 192.168.1.250


    but the problem does not seem to come from there


    When my VPN client connects I have the possibility to join all the IP by doing a PING, I contact my router (192.168.1.254) my Openmediavault server (192.168.1.250 and 10.8.0.1 ip OpenVPN server) but I will not further, if I want to access the web interface of my router or my dockers it does not work.


    I tested telnet on port 80 443 and 53 to ip 192.168.1.254 but it ended in timeout


    It's as if the ports were refused.


    Someone would have any idea ?

    AMD Ryzen 5 2400G on Asus TUF B450M-PLUS - 16Gb RAM - 3 * 3To RAID5 on LSI Megaraid SAS 9260-8i and 3 SSD in Fractal Design Node 804 Black
    OS: OMV 6.3.2-1 (Shaitan)

  • Same problem here. Connected to the VPN, able to browse and use my LAN, but nothing outside. I gave up.
    I tried linuxserver's docker Openvpn-as, but I have other issues there (cant login).


    So for the moment I gave up. I have about 18 images all sharing the same container network, reversedproxied, so all I need to forward is port 443. Guess I do not need vpn after all.
    But hopefully somebody post here a solution.

  • Will it work If you turn off "Default Gateway" option in the OpenVPN server setup? Then connected clients should use their own local gateway to access Internet.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!