Answer the question
In order to leave comments, you need to log in
C
C
Chainsaw21002021-09-16 13:12:03
Chainsaw2100, 2021-09-16 13:12:03
OpenVPN / VirtualBox - why is there no internet on the client with redirect-gateway?
Hello.
There are 2 Ubuntu virtual machines, an "internal network" is installed between them, one still has NAT for the Internet from the host.
A VPN is configured that connects and pings.
However, there is no Internet on the client.
net.ipv4.ip_forward = 1
server.conf - https://pastebin.com/5PbfT4b8
client.conf - https://pastebin.com/fjVK3KaV (redirect-gateway has no effect, dhcp-option DNS 8.8.8.8 didn't help)
serv iptables -L
spoiler
[email protected]:/etc/openvpn$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ufw-before-logging-input all -- anywhere anywhere
ufw-before-input all -- anywhere anywhere
ufw-after-input all -- anywhere anywhere
ufw-after-logging-input all -- anywhere anywhere
ufw-reject-input all -- anywhere anywhere
ufw-track-input all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ufw-before-logging-forward all -- anywhere anywhere
ufw-before-forward all -- anywhere anywhere
ufw-after-forward all -- anywhere anywhere
ufw-after-logging-forward all -- anywhere anywhere
ufw-reject-forward all -- anywhere anywhere
ufw-track-forward all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ufw-before-logging-output all -- anywhere anywhere
ufw-before-output all -- anywhere anywhere
ufw-after-output all -- anywhere anywhere
ufw-after-logging-output all -- anywhere anywhere
ufw-reject-output all -- anywhere anywhere
ufw-track-output all -- anywhere anywhere
Chain ufw-after-forward (1 references)
target prot opt source destination
Chain ufw-after-input (1 references)
target prot opt source destination
Chain ufw-after-logging-forward (1 references)
target prot opt source destination
Chain ufw-after-logging-input (1 references)
target prot opt source destination
Chain ufw-after-logging-output (1 references)
target prot opt source destination
Chain ufw-after-output (1 references)
target prot opt source destination
Chain ufw-before-forward (1 references)
target prot opt source destination
Chain ufw-before-input (1 references)
target prot opt source destination
Chain ufw-before-logging-forward (1 references)
target prot opt source destination
Chain ufw-before-logging-input (1 references)
target prot opt source destination
Chain ufw-before-logging-output (1 references)
target prot opt source destination
Chain ufw-before-output (1 references)
target prot opt source destination
Chain ufw-reject-forward (1 references)
target prot opt source destination
Chain ufw-reject-input (1 references)
target prot opt source destination
Chain ufw-reject-output (1 references)
target prot opt source destination
Chain ufw-track-forward (1 references)
target prot opt source destination
Chain ufw-track-input (1 references)
target prot opt source destination
Chain ufw-track-output (1 references)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
ufw-before-logging-input all -- anywhere anywhere
ufw-before-input all -- anywhere anywhere
ufw-after-input all -- anywhere anywhere
ufw-after-logging-input all -- anywhere anywhere
ufw-reject-input all -- anywhere anywhere
ufw-track-input all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ufw-before-logging-forward all -- anywhere anywhere
ufw-before-forward all -- anywhere anywhere
ufw-after-forward all -- anywhere anywhere
ufw-after-logging-forward all -- anywhere anywhere
ufw-reject-forward all -- anywhere anywhere
ufw-track-forward all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ufw-before-logging-output all -- anywhere anywhere
ufw-before-output all -- anywhere anywhere
ufw-after-output all -- anywhere anywhere
ufw-after-logging-output all -- anywhere anywhere
ufw-reject-output all -- anywhere anywhere
ufw-track-output all -- anywhere anywhere
Chain ufw-after-forward (1 references)
target prot opt source destination
Chain ufw-after-input (1 references)
target prot opt source destination
Chain ufw-after-logging-forward (1 references)
target prot opt source destination
Chain ufw-after-logging-input (1 references)
target prot opt source destination
Chain ufw-after-logging-output (1 references)
target prot opt source destination
Chain ufw-after-output (1 references)
target prot opt source destination
Chain ufw-before-forward (1 references)
target prot opt source destination
Chain ufw-before-input (1 references)
target prot opt source destination
Chain ufw-before-logging-forward (1 references)
target prot opt source destination
Chain ufw-before-logging-input (1 references)
target prot opt source destination
Chain ufw-before-logging-output (1 references)
target prot opt source destination
Chain ufw-before-output (1 references)
target prot opt source destination
Chain ufw-reject-forward (1 references)
target prot opt source destination
Chain ufw-reject-input (1 references)
target prot opt source destination
Chain ufw-reject-output (1 references)
target prot opt source destination
Chain ufw-track-forward (1 references)
target prot opt source destination
Chain ufw-track-input (1 references)
target prot opt source destination
Chain ufw-track-output (1 references)
target prot opt source destination
serv ifconfig eth0 - between machines, eth1 - internet
spoiler
eth0: flags=4163 mtu 1500
inet 192.168.1.19 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::39e2:cad3:beb0:9f27 prefixlen 64 scopeid 0x20
ether 08:00:27:6a:90:7a txqueuelen 1000 (Ethernet)
RX packets 2059 bytes 267685 (261.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1989 bytes 255321 (249.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163 mtu 1500
inet 10.0.3.15 netmask 255.255.255.0 broadcast 10.0.3.255
inet6 fe80::344d:bd21:8176:f714 prefixlen 64 scopeid 0x20
ether 08:00:27:00:3e:db txqueuelen 1000 (Ethernet)
RX packets 15252 bytes 12775906 (12.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8752 bytes 1402738 (1.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 169 bytes 17240 (16.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 169 bytes 17240 (16.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305 mtu 1500
inet 10.8.0.1 netmask 255.255.255.255 destination 10.8.0.2
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 200 bytes 12848 (12.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 12 bytes 1674 (1.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
inet 192.168.1.19 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::39e2:cad3:beb0:9f27 prefixlen 64 scopeid 0x20
ether 08:00:27:6a:90:7a txqueuelen 1000 (Ethernet)
RX packets 2059 bytes 267685 (261.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1989 bytes 255321 (249.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163 mtu 1500
inet 10.0.3.15 netmask 255.255.255.0 broadcast 10.0.3.255
inet6 fe80::344d:bd21:8176:f714 prefixlen 64 scopeid 0x20
ether 08:00:27:00:3e:db txqueuelen 1000 (Ethernet)
RX packets 15252 bytes 12775906 (12.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8752 bytes 1402738 (1.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 169 bytes 17240 (16.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 169 bytes 17240 (16.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305 mtu 1500
inet 10.8.0.1 netmask 255.255.255.255 destination 10.8.0.2
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 200 bytes 12848 (12.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 12 bytes 1674 (1.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
serv iptables -nvL -t nat
spoiler
Chain PREROUTING (policy ACCEPT 188 packets, 11290 bytes)
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 3 packets, 190 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 27 packets, 2272 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 2 packets, 276 bytes)
pkts bytes target prot opt in out source destination
190 14064 MASQUERADE all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 3 packets, 190 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 27 packets, 2272 bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 2 packets, 276 bytes)
pkts bytes target prot opt in out source destination
190 14064 MASQUERADE all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
route from the client (sorry, not in text)
ifconfig from the client
tracert from the client
DNS in server.conf seems to be set
Thank you
3 answer(s)
@tuxx
@Sali_cat
T
tuxx, 2014-09-18 @tuxx
Problem solved. As it turned out, some "smart guy" was too clever with the conditions and a 404 error was forcibly set.
S
Sali_cat, 2014-09-17 @Sali_cat
htaccess where? Because of this, it doesn't work. Error 404 means that there is no file at this address. It also means that the file does not exist or the link is not spelled correctly. There are no more options. Well, unless of course you look deeper into the code. But you definitely because of htaccess :D
Similar questions
N
J
R
A
L
lolowin322017-03-01 04:55:33
No ping from OpenVPN server to client, how to solve the problem?
0Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question