Join Log in
Score:0
Huzaifa khan avatar Ubuntu

Disable all traffic through OpenVpn

bt flag
Huzaifa khan

I have installed the OpenVpn server in my Ubuntu 22.04. The issue is while i connect to the openvpn server my all traffic going to the server which causing the internet connectivity issue. I need only required traffic go to the openvpn server. I have followed multiple solutions which available on internet but nothing works. One of them is: https://serverfault.com/questions/826541/windows-10-openvpn-client-connects-but-cant-access-anything

My server.conf is following:

;local a.b.c.d
port 1194
;proto tcp
proto udp
;dev tap
dev tun
;dev-node MyTap
ca ca.crt
cert server.crt
key server.key  # This file should be kept secret
;dh dh2048.pem
dh none
;topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100
;server-bridge
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;client-config-dir ccd
route 10.9.0.0 255.255.255.252
;learn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
push "redirect-gateway autolocal def1"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
push "dhcp-option DNS 10.164.0.7"
push "dhcp-option DNS 10.165.0.8"
push "dhcp-option DOMAIN pk.folio3.com"
;client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
tls-crypt ta.key
;cipher AES-256-CBC
cipher AES-256-GCM
auth SHA256
;compress lz4-v2
;push "compress lz4-v2"
;comp-lzo
;max-clients 100
;user nobody
;group nobody
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log         /var/log/openvpn/openvpn.log
;log-append  /var/log/openvpn/openvpn.log
verb 3
;mute 20
explicit-exit-notify 1

My client.ovpn is:

client
;dev tap
dev tun
;dev-node MyTap
;proto tcp
proto udp
remote demo5.xyz.com 1194
;remote my-server-2 1194
;remote-random
resolv-retry infinite
nobind
;user nobody
;group nobody
user nobody
group nogroup
persist-key
persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
;mute-replay-warnings
;ca ca.crt
;cert client.crt
;key client.key
remote-cert-tls server
;tls-auth ta.key 1
;cipher AES-256-CBC
cipher AES-256-GCM
auth SHA256
key-direction 1
verb 3
;mute 20
; script-security 2
; up /etc/openvpn/update-resolv-conf
; down /etc/openvpn/update-resolv-conf
; script-security 2
; up /etc/openvpn/update-systemd-resolved
; down /etc/openvpn/update-systemd-resolved
; down-pre
; dhcp-option DOMAIN-ROUTE .
<ca>
-----BEGIN CERTIFICATE-----
MIIDSzCCAjOgAwIBAgIURtcUeqVZ8UUk+F6BCir1f9J2S1cwDQYJKoZIhvcNAQEL
BQAwFjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIxMDI3MTEzMDAwWhcNMzIx
MDI0MTEzMDAwWjAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQTCCASIwDQYJKoZIhvcN
AQEBBQADggEPADCCAQoCggEBALtIfI5zXeBuojW/1ivpgZf1W8PhkDTasClHVqKj
K1COnrYsAP4ANylAYeAyabkuH8eH4QC+01ssEFHj695G2fuh49Gbhiz05UpEXNzt
yAzZvVWr88fn30peyqYoFULfxZ1rIC84Hf7k9k8Tld17tdv9CNTnAnzIgLZ3QLl4
W/MgVm1ap0Cu0L6VZvyUwaimxepeW4KhqKS4AxJhE4T7nDOj8Td/HGt/fpyZugZg
bTUxIr4Lp0FnibHDXe2SgD3c0WzCZmzWOpvecnOfu6igFJcoGOeK9NitCCe4LJkd
qhH2FJ6oPTw7GYYuO27MIIruEforvg5VCqBwpmoeiYb5k/UCAwEAAaOBkDCBjTAd
BgNVHQ4EFgQU45DtJnmWa8UtJ1mcZrK5IKCRRGowUQYDVR0jBEowSIAU45DtJnmW
a8UtJ1mcZrK5IKCRRGqhGqQYMBYxFDASBgNVBAMMC0Vhc3ktUlNBIENBghRG1xR6
pVnxRST4XoEKKvV/0nZLVzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjANBgkq
hkiG9w0BAQsFAAOCAQEAHnZvmbeVwOcB1j5qIILuA7RWLv4C2JNGp7WVk+s6nyvJ
rWWg7YGv/NmZrI777VU29GS6SKIl0eev2+vR0LzH5uBL+oWdTM/GemOPuuZ+oMNS
0f93qSgFq17Zm7S8ruxUDcNDByjI2PMc3qoMMEvbshRZyPzEDiLDCW0ZZ1HEDRzh
Z1DbzYd1iP0vYxP72j4Ichy/KJOaRlrsakiuHDb7tMJTKLcOr2j3/6ReiJGXViKz
D9pQYSVjdCRUfVbW7YTrShyg03mgFvuqJgMg1oySKoxzUxAeSZ9Nteda7H5QPUF0
6SWSOiser/ibFuTTjF7ABaK2nHjli+cxGOk4YTdg2Q==
-----END CERTIFICATE-----
</ca>
<cert>
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b0:02:15:34:f0:8b:d0:1c:a3:a4:93:a1:0b:12:c1:30
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=Easy-RSA CA
        Validity
            Not Before: Oct 27 11:39:27 2022 GMT
            Not After : Jan 29 11:39:27 2025 GMT
        Subject: CN=client1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c3:33:89:1e:e1:e3:cf:f2:c1:21:34:83:be:33:
                    34:e5:f1:0f:48:e7:2b:97:c4:7d:f0:ef:77:01:d2:
                    10:54:c6:17:da:6e:f1:65:41:d5:32:4a:03:06:1f:
                    ed:71:33:71:1b:05:b1:ca:2f:64:06:e7:b2:11:3b:
                    9a:66:6c:8e:02:32:42:a4:8c:1b:54:8b:a3:b8:3a:
                    c1:4d:f6:f7:66:1b:07:dd:af:b3:71:ae:c3:64:3e:
                    88:86:35:81:0e:35:20:6d:53:c9:ec:ac:b4:84:d3:
                    b0:0f:5a:e0:82:a0:cc:33:98:40:4d:69:a8:c3:44:
                    f2:95:aa:19:81:ed:2c:2e:c7:c3:e6:27:39:31:5b:
                    da:f0:88:6a:d2:25:60:7e:7b:2e:f2:16:f5:dc:74:
                    b3:a8:98:f4:78:ea:b7:a4:00:91:9a:20:85:48:3c:
                    ed:e9:a8:ed:b9:b8:f2:93:ac:90:32:d5:2e:d1:4e:
                    2c:2f:46:68:8d:57:d0:92:7e:d0:d2:e3:f4:97:fc:
                    fe:be:53:bf:86:1c:d3:36:be:c2:38:64:f5:fe:14:
                    f8:b2:f3:2a:13:21:02:68:74:d9:7a:f0:bf:da:86:
                    7c:97:9a:29:09:13:85:01:59:a6:6d:26:9f:5a:24:
                    bc:57:fb:ea:ec:3c:bc:5b:8c:0b:0e:47:4c:42:37:
                    ec:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints:
                CA:FALSE
            X509v3 Subject Key Identifier:
                6C:AB:2B:C9:B5:E7:34:36:9F:92:DB:3A:F9:DD:B0:2A:AA:D2:FD:61
            X509v3 Authority Key Identifier:
                keyid:E3:90:ED:26:79:96:6B:C5:2D:27:59:9C:66:B2:B9:20:A0:91:44:6A
                DirName:/CN=Easy-RSA CA
                serial:46:D7:14:7A:A5:59:F1:45:24:F8:5E:81:0A:2A:F5:7F:D2:76:4B:57
            X509v3 Extended Key Usage:
                TLS Web Client Authentication
            X509v3 Key Usage:
                Digital Signature
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        75:2b:4b:ee:ca:a3:b3:92:79:3a:73:93:a0:a9:10:23:8b:c2:
        5f:68:78:1f:f3:88:48:15:d0:9a:d7:74:80:fc:b3:54:1d:f3:
        93:41:22:f7:cb:93:7b:d7:03:64:ee:4a:78:ad:aa:50:0e:b2:
        57:90:de:d5:56:9f:53:05:1e:bd:0b:90:0e:44:c0:b8:ed:6c:
        bb:96:1f:65:aa:19:1e:f2:b1:c2:b6:63:8f:55:9d:dd:8c:70:
        b4:a1:27:77:ea:27:94:2e:d8:af:f8:dd:72:6d:8e:76:5b:4e:
        5c:dc:33:40:bc:aa:da:7b:70:6b:6d:08:04:46:22:25:62:25:
        2c:51:16:53:80:de:a4:7a:a0:2a:a1:e9:3c:54:b5:e3:1b:e4:
        16:0b:66:cc:1f:14:81:ec:c2:e3:fb:c6:e9:af:f9:d6:8c:66:
        e2:fa:58:e4:99:3e:76:6e:7b:63:b6:92:ba:fb:29:c8:8f:7d:
        ab:1a:33:c8:2d:1b:31:96:ad:26:46:0e:d5:22:2e:dd:c0:d0:
        7a:f2:f3:d9:44:76:52:a5:96:31:24:49:f4:42:a4:26:1f:65:
        8b:eb:ca:b1:e1:2d:8f:a2:67:e7:3d:b6:a8:3b:13:40:14:a3:
        61:33:30:ed:ee:bd:3e:c9:71:5d:d7:48:6f:18:31:fa:0e:6a:
        4f:4f:7b:20
-----BEGIN CERTIFICATE-----
MIIDVjCCAj6gAwIBAgIRALACFTTwi9Aco6SToQsSwTAwDQYJKoZIhvcNAQELBQAw
FjEUMBIGA1UEAwwLRWFzeS1SU0EgQ0EwHhcNMjIxMDI3MTEzOTI3WhcNMjUwMTI5
MTEzOTI3WjASMRAwDgYDVQQDDAdjbGllbnQxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAwzOJHuHjz/LBITSDvjM05fEPSOcrl8R98O93AdIQVMYX2m7x
ZUHVMkoDBh/tcTNxGwWxyi9kBueyETuaZmyOAjJCpIwbVIujuDrBTfb3ZhsH3a+z
ca7DZD6IhjWBDjUgbVPJ7Ky0hNOwD1rggqDMM5hATWmow0TylaoZge0sLsfD5ic5
MVva8Ihq0iVgfnsu8hb13HSzqJj0eOq3pACRmiCFSDzt6ajtubjyk6yQMtUu0U4s
L0ZojVfQkn7Q0uP0l/z+vlO/hhzTNr7COGT1/hT4svMqEyECaHTZevC/2oZ8l5op
CROFAVmmbSafWiS8V/vq7Dy8W4wLDkdMQjfskQIDAQABo4GiMIGfMAkGA1UdEwQC
MAAwHQYDVR0OBBYEFGyrK8m15zQ2n5LbOvndsCqq0v1hMFEGA1UdIwRKMEiAFOOQ
7SZ5lmvFLSdZnGayuSCgkURqoRqkGDAWMRQwEgYDVQQDDAtFYXN5LVJTQSBDQYIU
RtcUeqVZ8UUk+F6BCir1f9J2S1cwEwYDVR0lBAwwCgYIKwYBBQUHAwIwCwYDVR0P
BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4IBAQB1K0vuyqOzknk6c5OgqRAji8JfaHgf
84hIFdCa13SA/LNUHfOTQSL3y5N71wNk7kp4rapQDrJXkN7VVp9TBR69C5AORMC4
7Wy7lh9lqhke8rHCtmOPVZ3djHC0oSd36ieULtiv+N1ybY52W05c3DNAvKrae3Br
bQgERiIlYiUsURZTgN6keqAqoek8VLXjG+QWC2bMHxSB7MLj+8bpr/nWjGbi+ljk
mT52bntjtpK6+ynIj32rGjPILRsxlq0mRg7VIi7dwNB68vPZRHZSpZYxJEn0QqQm
H2WL68qx4S2PomfnPbaoOxNAFKNhMzDt7r0+yXFd10hvGDH6DmpPT3sg
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQDDM4ke4ePP8sEh
NIO+MzTl8Q9I5yuXxH3w73cB0hBUxhfabvFlQdUySgMGH+1xM3EbBbHKL2QG57IR
O5pmbI4CMkKkjBtUi6O4OsFN9vdmGwfdr7NxrsNkPoiGNYEONSBtU8nsrLSE07AP
WuCCoMwzmEBNaajDRPKVqhmB7Swux8PmJzkxW9rwiGrSJWB+ey7yFvXcdLOomPR4
6rekAJGaIIVIPO3pqO25uPKTrJAy1S7RTiwvRmiNV9CSftDS4/SX/P6+U7+GHNM2
vsI4ZPX+FPiy8yoTIQJodNl68L/ahnyXmikJE4UBWaZtJp9aJLxX++rsPLxbjAsO
R0xCN+yRAgMBAAECggEAJdhu0CI/IzDfYWL3XO+8JI27ZyjMsqDZwxYGdn+mA22h
r8u9OSLNpTGkyvHzPPSajADrYrYT+GPBCibKbWvED6hzc8gnP1nQfPZFRqqodi8s
8/3t9k9KGjwmh5DFi/3gYtnxJxYn7K3HL37w0tq+pI0zAF9JJUzPlJVVWzOi0pG5
N0aHGztZTOWoHl1vhIPXFggh6U5IuQxZ9fc/OOn2mtV0MsIlmGr35t982rhb8k4G
VmFwBUTAyTJDot76lwVq3jGed5f1NivSS0KQafGM5h0C2cXSYsrFXYMttZZ1RgOs
lGH52/tUqRFlJodGqTgwyi8PjKHhIZOivT2cvYguPQKBgQDshvFQ1ce/RD9GMHsp
Mh6DDzVUxQuKbAzNpRyZ3W4ZZru5e0WYA595PI3gPdmgQL4y4kkbpALe/LhIucyl
5rHDJm/r87zoFQ3Km3cpxWf09gVMQPGt//LfYoZ1/ibGnIW2WHO3oWzb7rJda70j
x3AJIvBNDv6b0ABpw8zm4KMn5QKBgQDTRZuyDggOgv02Lfn7iqar4PaDa50Urea1
sorYR0f373R4Yqz+dPPQrWTHnSMTbqr0fbWZfjAEsA6xdBjLjJIOt4yL29y7e/pg
xpRjtS3GPh0pwzO5dladeW+yPnQ9ChBL1DStak6Bxu7I1Af4Pw0WU2AhiOV2Y8TN
boPYee0PPQKBgB6bw+TDFYtR6KJLqdSF8N7i+/LRYRHzs6B1KoNa3WGaItb49eOb
LGsDBBUty9jqJ/Lrx6w1CE4VBEAdEzew5/YqJjexnhOmjddXUQ9txWs03zCkAuKS
ibqQxHfGgPwYy1Dyl17/G9hGRnzCcYKMz5nPFKvUMey1+Se2t/B0x4hlAoGARW3N
obDswuAXGFP5n8lLxpYyTLPzthUECVf4OuUJ6JeffeRnl2OVsFEbGmIwYbVvptMc
96k5XIEDAxv0/gdfBEkbfeat3kr62AzKPQ4QUeKdsNi+Scdy5WM/6qKNjnWdL144
RXj2/b0DQao0SEdoJJsXr02Oot5ckWotF9nRpr0CgYEAlVDQWtS10SqaMT8hcPBo
YDReBq8HZRW7YTJXv+gZ2ROFDERlkDJ2E6awV1tKIIFR24Ewow5cjNPLyGiBooaa
FmGB88cB59HQPAYe6+ZQqp00NKZDZJgx0N92BozYRSC+H3i7KQwKKdiWGvKpK4QW
nPB6MrRn5X3LPutZroWFb94=
-----END PRIVATE KEY-----
</key>
<tls-crypt>
-----BEGIN OpenVPN Static key V1-----
c3a02cc1eb4416a60046ac54c8a2e720
9f75e35afe138c9633d443535af82c9d
0d795769a49de558b863d59e0c9b7e5f
de443bfc44bde5de0278fd74911be3f3
cb11f699c25e2e9fddba30e74846bc21
43b987834bc233e1074ee178dcc85bdb
6017e44d9065ba3ed29c16ea32313649
868dadee07e2e6b66e8f204971918eaf
a1497b45ed28a4a4a58a4b74860f1c01
273f003284baaa17c0cc51e9cb03fe33
9bca6f24e7b29671b390cd87c5ef97e8
1749b30e497bb7fa4e8b75b4a5cb9f16
1e6cc9ea998dc82080063184c1bce1c1
4e12962211ba209d87edb331b699e591
e6024915bdfee12bc1cb9cfdbad53c06
8edcda68af9213e8e7d387eeb5f1ffbe
-----END OpenVPN Static key V1-----
</tls-crypt>
277
0 + 2
vpn
user535733 avatar
cn flag
user535733
"*I have followed multiple solutions which available on internet but nothing works.*" Your question should include links or descriptions to those solutions that you tried, lest we unknowingly send you right back there. Also, we need to know if you correctly cleaned up all those attempts; maybe it's some leftover causing your problem now. The more clear and complete your question, the more likely we can help.
0
Reply
David avatar
cn flag
David
That first paragraph is not making much sense. You may want to read it and try to clean it up. I know I do not understand it.
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.