Tweet
Hello guys, I can't paste logs here bcz it is forbidden, lol, thats why i put links(data is the same) on full description with logs, conf and entered commands here https://github.com/angristan/openvpn...mment-10978462 or here https://serverfault.com/questions/11...ic-redirection
Short problem description without logs & etc:
Openvpn server is installed on centos 9 on remote vps.
tun mode is set.
Ovpn server was installed via https://github.com/angristan/openvpn-install
i set firewall rules.
this is entered firewall commands:
semanage port -a -t openvpn_port_t -p tcp 11994;
semanage port -a -t openvpn_port_t -p udp 11994
firewall-cmd --zone=public --add-port=11994/tcp --permanent;
firewall-cmd --zone=public --add-port=11994/udp --permanent;
firewall-cmd --zone=public --add-service openvpn;
firewall-cmd --zone=public --add-service openvpn --permanent;
firewall-cmd --reload;
firewall-cmd --add-masquerade;
firewall-cmd --add-masquerade --permanent;
firewall-cmd --query-masquerade;
VAR=$(ip route get 1.1.1.1 | awk 'NR==1 {print $(NF-2)}')
firewall-cmd --permanent --direct --passthrough ipv4 -t nat -A POSTROUTING -s 10.8.0.0/24 -o $VAR -j MASQUERADE;
firewall-cmd --reload;
networkmanager-openvpn package is ovpn client on my laptop.
user.ovpn file was downloaded and inserted in ovpn client.
i connected to the server, but there were not any traffic redirections.
this is ovpn client logs without any criminal info: https://github.com/angristan/openvpn...mment-10978462
this is ovpn server logs on remote vps with my connection and without any criminal info again: https://github.com/angristan/openvpn...mment-10978462
Maybe problem is in iptables/nftables? I should set some forwarding?
this is iptables rules:
sudo iptables -L -v -n | more
Chain INPUT (policy ACCEPT 33934 packets, 9787K bytes)
pkts bytes target prot opt in out source destination
43 12364 ACCEPT 17 -- ens192 * 0.0.0.0/0 0.0.0.0/0 udp dpt:11994
0 0 ACCEPT 0 -- tun0 * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
17 1088 ACCEPT 0 -- tun0 ens192 0.0.0.0/0 0.0.0.0/0
17 1847 ACCEPT 0 -- ens192 tun0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
this is generated server.conf: https://github.com/angristan/openvpn...mment-10978462
So... What shoud i do? Where should i dig? T_T
Short problem description without logs & etc:
Openvpn server is installed on centos 9 on remote vps.
tun mode is set.
Ovpn server was installed via https://github.com/angristan/openvpn-install
i set firewall rules.
this is entered firewall commands:
semanage port -a -t openvpn_port_t -p tcp 11994;
semanage port -a -t openvpn_port_t -p udp 11994
firewall-cmd --zone=public --add-port=11994/tcp --permanent;
firewall-cmd --zone=public --add-port=11994/udp --permanent;
firewall-cmd --zone=public --add-service openvpn;
firewall-cmd --zone=public --add-service openvpn --permanent;
firewall-cmd --reload;
firewall-cmd --add-masquerade;
firewall-cmd --add-masquerade --permanent;
firewall-cmd --query-masquerade;
VAR=$(ip route get 1.1.1.1 | awk 'NR==1 {print $(NF-2)}')
firewall-cmd --permanent --direct --passthrough ipv4 -t nat -A POSTROUTING -s 10.8.0.0/24 -o $VAR -j MASQUERADE;
firewall-cmd --reload;
networkmanager-openvpn package is ovpn client on my laptop.
user.ovpn file was downloaded and inserted in ovpn client.
i connected to the server, but there were not any traffic redirections.
this is ovpn client logs without any criminal info: https://github.com/angristan/openvpn...mment-10978462
this is ovpn server logs on remote vps with my connection and without any criminal info again: https://github.com/angristan/openvpn...mment-10978462
Maybe problem is in iptables/nftables? I should set some forwarding?
this is iptables rules:
sudo iptables -L -v -n | more
Chain INPUT (policy ACCEPT 33934 packets, 9787K bytes)
pkts bytes target prot opt in out source destination
43 12364 ACCEPT 17 -- ens192 * 0.0.0.0/0 0.0.0.0/0 udp dpt:11994
0 0 ACCEPT 0 -- tun0 * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
17 1088 ACCEPT 0 -- tun0 ens192 0.0.0.0/0 0.0.0.0/0
17 1847 ACCEPT 0 -- ens192 tun0 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
this is generated server.conf: https://github.com/angristan/openvpn...mment-10978462
So... What shoud i do? Where should i dig? T_T
Comment