Hello, I changed my server configuration and my OpenVPN server and my client each one have a NIC:
OpenVPN Server: 10.0.2.15 Client: 10.0.2.16 The OpenVPN server network configuration is as below and has access to the Internet: # ifconfig enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255 inet6 fe80::a00:27ff:feed:b47c prefixlen 64 scopeid 0x20<link> ether 08:00:27:ed:b4:7c txqueuelen 1000 (Ethernet) RX packets 7353 bytes 1384926 (1.3 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 6012 bytes 993559 (970.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 # # ping google.com PING google.com (216.239.38.120) 56(84) bytes of data. 64 bytes from any-in-2678.1e100.net (216.239.38.120): icmp_seq=1 ttl=48 time=49.5 ms 64 bytes from any-in-2678.1e100.net (216.239.38.120): icmp_seq=2 ttl=48 time=41.8 ms 64 bytes from any-in-2678.1e100.net (216.239.38.120): icmp_seq=3 ttl=48 time=48.5 ms ^C --- google.com ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2011ms rtt min/avg/max/mdev = 41.776/46.577/49.490/3.420 ms The client does not have access to the Internet. Both Server and client see each other: # ping 10.0.2.16 PING 10.0.2.16 (10.0.2.16) 56(84) bytes of data. 64 bytes from 10.0.2.16: icmp_seq=1 ttl=128 time=0.856 ms 64 bytes from 10.0.2.16: icmp_seq=2 ttl=128 time=0.827 ms 64 bytes from 10.0.2.16: icmp_seq=3 ttl=128 time=0.884 ms ^C --- 10.0.2.16 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 0.827/0.855/0.884/0.023 ms # C:\>ping 10.0.2.15 Pinging 10.0.2.15 with 32 bytes of data: Reply from 10.0.2.15: bytes=32 time<1ms TTL=64 Reply from 10.0.2.15: bytes=32 time<1ms TTL=64 Reply from 10.0.2.15: bytes=32 time<1ms TTL=64 Reply from 10.0.2.15: bytes=32 time<1ms TTL=64 Ping statistics for 10.0.2.15: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms C:\> The server.conf is as below: port 3000 proto udp dev tun30 ca ca.crt cert server.crt key server.key dh dh.pem server 20.1.0.0 255.255.255.0 push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 1.1.1.1" push "dhcp-option DNS 8.8.8.8" keepalive 10 120 tls-auth ta.key 0 data-ciphers AES-256-CBC user nobody group nogroup persist-key persist-tun I strated the OpenVPN server: tun30: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 20.1.0.1 netmask 255.255.255.255 destination 20.1.0.2 inet6 fe80::8a00:a85f:217:6609 prefixlen 64 scopeid 0x20<link> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 9 bytes 432 (432.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 It is worked. After it, I executed the following iptables rules: # IF_MAIN=enp0s3 # IF_TUNNEL=tun30 # YOUR_OPENVPN_SUBNET=20.1.0.0/16 # iptables -I INPUT -p tcp --dport 3000 -j ACCEPT # iptables -A FORWARD -i $IF_MAIN -o $IF_TUNNEL -m state --state ESTABLISHED,RELATED -j ACCEPT # iptables -A FORWARD -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j ACCEPT # iptables -t nat -A POSTROUTING -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j MASQUERADE # iptables-save My client.ovpn file is as below: client dev tun30 proto udp remote 10.0.2.15 3000 resolv-retry infinite nobind persist-key persist-tun ca ca.crt cert client.crt key client.key remote-cert-tls server tls-auth ta.key 1 data-ciphers AES-256-CBC verb 3 I want to connect to my OpenVPN server. Client connected, but: 1- It showed me the following errors: Sat Aug 19 18:23:53 2023 NOTE: unable to redirect IPv4 default gateway -- Cannot read current default gateway from system Sat Aug 19 18:23:53 2023 MANAGEMENT: >STATE:1692453233,ADD_ROUTES,,,,,, Sat Aug 19 18:23:53 2023 C:\Windows\system32\route.exe ADD 20.1.0.1 MASK 255.255.255.255 20.1.0.5 Sat Aug 19 18:23:53 2023 Route addition via service succeeded Sat Aug 19 18:23:53 2023 Initialization Sequence Completed Sat Aug 19 18:23:53 2023 MANAGEMENT: >STATE:1692453233,CONNECTED,ROUTE_ERROR,20.1.0.6,10.0.2.15,3000,, Sat Aug 19 18:23:52 2023 ERROR: Some routes were not successfully added. The connection may not function correctly 2- The client does not have access to the Internet: C:\>ping google.com Ping request could not find host google.com. Please check the name and try again. C:\> C:\>ping 8.8.8.8 Pinging 8.8.8.8 with 32 bytes of data: PING: transmit failed. General failure. PING: transmit failed. General failure. PING: transmit failed. General failure. PING: transmit failed. General failure. Ping statistics for 8.8.8.8: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), C:\> What is my problem? Thank you. _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
