Lan not tunneling through OpenVPN

cryptmod

New Member
Credits
16
Hello, my effort to to route my LAN traffic via the OpenVPN tunnel is failing, although
curl ifconfig.me from the OpenVPN device shows OpenVPN device is tunneling. However the LAN Traffic is not being forwarded to the Internet VPN Gateway. Please review my routing table below for a fix.


Lan------------------→ VPN-device --→ ISP Router ------Internet Cloud------------→ VPN Gateway
192.168.188.0/24-→192.168.188.48-→ISP Router- 37.120.209.219
---------------------------------------------------

Kernel IP routing table
Code:
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.8.3.1        128.0.0.0       UG        0 0          0 tun0
0.0.0.0         192.168.188.1   0.0.0.0         UG        0 0          0 eth0
0.0.0.0         192.168.1.254   0.0.0.0         UG        0 0          0 eth1
10.8.3.0        0.0.0.0         255.255.255.0   U         0 0          0 tun0
37.120.209.219  192.168.188.1   255.255.255.255 UGH       0 0          0 eth0
128.0.0.0       10.8.3.1        128.0.0.0       UG        0 0          0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
192.168.188.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0



LAN
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_
inet [URL='http://192.168.188.48/24']192.168.188.48/24[/URL] brd 192.168.188.255 scope global dynamic noprefixroute eth0


WAN

3: eth1: <BROADCAST,MULTICAST,UP,LOWER_
inet [URL='http://192.168.1.98/24']192.168.1.98/24[/URL] brd 192.168.1.255 scope global dynamic noprefixroute


OpenVPN Device

4: tun0: <POINTOPOINT,MULTICAST,NOARP,
inet [URL='http://10.8.3.2/24']10.8.3.2/24[/URL] brd 10.8.3.255 scope global tun0



It appears that I need to route the LAN through the tun0 Interface on the VPN device.


ip forwarding was enabled
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
-----------------------------------------+
iptables routing via masquerade

/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
/sbin/iptables -A FORWARD -i eth0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT
/sbin/iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT
 
$100 Digital Ocean Credit
Get a free VM to test out Linux!

Members online


Latest posts

Top