Score:0

Openvpn client can't reach lan devices or internet

in flag
Cas

Recently, my Ubuntu vm got corrupted and so I thought it was time to start fresh (was needed anyway). Started a new vm, reinstalled everything and it was great, everything was working again. However, one thing that isn't working anymore is my vpn setup.

The great part though, is that I still have the old vm (just not turned on), so if I need to, I can start that vm and look at the old setup.

I can't find the guide anymore that I followed but it uses this script. It basically just says "download it and run it and done!" I still remember when I was setting it up on the old vm, that I also had problems with accessing the internet (though no problems with accessing other lan devices then). I fixed it somehow and I can't seem to figure out how I did it then. I still remember though, that I never changed/added a setting in my router. The fix was purely done on the vm.

Some info about the current setup and test results:

  • Lan: 192.168.2.0/24
  • Router: 192.168.2.1
  • VM (on which the vpn server runs): 192.168.2.15
  • Port used for vpn: 443
  • DNS server I want my clients to use: pi-hole running on 192.168.2.15
  • SMB file share available: 192.168.2.16
  • When connected through vpn, access to: 10.8.0.1, 192.168.2.15 (localhost), 192.168.2.1
  • When connected through vnp, NO access to: 192.168.2.16, www.google.com

Content of /etc/openvpn/server/server.conf:

local 192.168.2.15
port 443
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 192.168.2.15"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
verb 3
crl-verify crl.pem
explicit-exit-notify
log /var/log/openvpn.log
verb 3

The trick is to find out what is different between the setup on the old vm and the new vm. I've already looked at the config files on both vm's but they're the same. I, ofcourse, googled and found that the most common solution was to add a route to the config but that didn't work and it also wasn't present in the config of the old vm so it must've been something else.

Any help would be appreciated!

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.