Page 1 of 1

Can't be missing a lot....

Posted: 2018/02/12 19:52:34
by wp.rauchholz
Running a CENTOS 7 server that is a modem/router of the home network. It runs a PPPoE and DDNS client (dynamic IP), LAMP server, etc...
All clients are WIFI connect to the server
The box has two NICs:
* enp3S0 for private network, Network:
* ppp0 (enp6s0) is the internet access.

I configured the openvpn server and it works fine. I configured a client (CENTOS 7 too) and was able to connect via WAN to the openvpn server.
But from the client I have no access to internet.

The VPN submet on tun0 is

Packet forwarding is set: net.ipv4.ip_forward = 1

I added these lines to the server conf file:
push "route"
push "redirect-gateway def1"
push "dhcp-option DNS"

I added this to the firewall script:
iptables -A INPUT -p udp --dport 1194 -j ACCEPT
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
iptables -t nat -A POSTROUTING -o $EXT_DEV -s $INT_NET -j MASQUERADE ($EXT_DEV=ppp0, $INT_NET=

What am I missing?
Thanks for your help.


Re: Can't be missing a lot....

Posted: 2018/02/13 13:15:37
by fdisk
Is routing/nat working? Try traceroute (without dns) from client i.e.: traceroute -n

Is dns working on client? Note: openvpn for Linux requires update-resolv-conf script

Re: Can't be missing a lot....

Posted: 2018/02/14 07:39:56
by wp.rauchholz
Hi fdisk.

this is exactly the problem, buty I don't know how to fix it.
I read this in /var/log/messages:
Feb 8 12:04:28 home named[1340]: error (host unreachable) resolving '':

I did not know that openvpn required an update-resolv-conf script
L:et me google and find out.

Thank for the tip.


Re: Can't be missing a lot....

Posted: 2018/02/14 22:17:51
by wp.rauchholz
fdisk, thanks for the tip. That made it work. Thanks.

I used these link to set it up / read background info ... /