Pozdrav svima,

instalirao sam openvpn na desktopu (server) i laptopu (client), kada sam restartoravo vpn prijavio je da je vpn OK:

root@laptop:/home/tedi# /etc/init.d/openvpn restart
Stopping virtual private network daemon: openvpn.
Starting virtual private network daemon: openvpn(OK).

na samom kraju instalacije OpenVPN-a na serveru izvrsio sam NAT-ovanje

echo 1 > /proc/sys/net/ipv4/ip_forward

sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

sudo iptables -L -t nat

i od tog trenutka kada sam restartovao VPN jedan drugog ne mogu pingovati ni server clienta, a ne moze ni obrnuto:)

na komandu

root@laptop:/home/tedi# route -n

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.1.3 192.168.1.1 255.255.255.255 UGH 0 0 0 eth0
10.8.0.0 10.8.0.5 255.255.255.0 UG 0 0 0 tun0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
0.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
128.0.0.0 10.8.0.5 128.0.0.0 UG 0 0 0 tun0
0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 eth0

root@laptop:/home/tedi# ping 10.8.0.1

PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
ping: sendmsg: Operation not permitted
ping: sendmsg: Operation not permitted

— 10.8.0.1 ping statistics —
2 packets transmitted, 0 received, 100% packet loss, time 1008ms

root@laptop:/home/tedi# ping 192.168.1.3

PING 192.168.1.3 (192.168.1.3) 56(84) bytes of data.
From 192.168.1.1 icmp_seq=1 Destination Net Unreachable
From 192.168.1.1 icmp_seq=2 Destination Net Unreachable

— 192.168.1.3 ping statistics —
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1000ms

na laptopu sam odmah izgubio konekciju sa internetom inace imam adsl, sta treba da uradim da VPN mreza proradi bez problema ???

POZDRAV I HVALA UNAPRED !!!

daj nam sadrzaj komande ifconfig
na serveru

sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

probaj ovdje umjesto eth0 staviti interface ppp0 (ili kako ti se vec zove dsl interface)

ifconfig

eth0 Link encap:Ethernet HWaddr 00:18:E6:D7:F3:ED
inet addr:192.168.1.3 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe70::216:e4ff:fed3:f8ed/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:59 errors:0 dropped:0 overruns:0 frame:0
TX packets:73 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6287 (6.1 KB) TX bytes:8152 (7.9 KB)
Interrupt:16

lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)

route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
0.0.0.0 192.168.1.1 0.0.0.0 UG 100 0 0 eth0

ja mislim da bi bolje pomogli logovi od vpn server-a i client-a , pastiraj njih ako mozes

ovo su logovi od servera:

tail -f /var/log/syslog

Mar 30 08:37:17 server ovpn-openvpn[4430]: Re-using SSL/TLS context
Mar 30 08:37:17 server ovpn-openvpn[4430]: LZO compression initialized
Mar 30 08:37:17 server ovpn-openvpn[4430]: TCP connection established with 192.168.1.5:55031
Mar 30 08:37:17 server ovpn-openvpn[4430]: TCPv4_SERVER link local: [undef]
Mar 30 08:37:17 server ovpn-openvpn[4430]: TCPv4_SERVER link remote: 192.168.1.5:55031
Mar 30 08:37:17 server ovpn-openvpn[4430]: 192.168.1.5:55031 [server] Peer Connection Initiated with 192.168.1.5:55031
Mar 30 08:52:36 server – MARK –
Mar 30 08:53:06 server ovpn-openvpn[4430]: server/192.168.1.5:55031 read TCPv4_SERVER [NO-INFO]: Connection timed out (code=110)
Mar 30 08:53:06 server ovpn-openvpn[4430]: server/192.168.1.5:55031 Connection reset, restarting [0]
Mar 30 09:12:36 server – MARK –
Mar 30 09:17:01 server /USR/SBIN/CRON[4657]: (root) CMD ( cd / && run-parts --report /etc/cron.hourly)

a ovo od client-a

Mar 30 15:42:05 laptop ovpn-openvpn[5340]: TCP: connect to 192.168.1.3:1194 failed, will try again in 5 seconds: Network is unreachable (errno=101)
Mar 30 15:42:10 laptop ovpn-openvpn[5340]: TCP: connect to 192.168.1.3:1194 failed, will try again in 5 seconds: Network is unreachable (errno=101)
Mar 30 15:42:11 laptop kernel: [ 993.100000] Unknown OutputIN= OUT=tun0 SRC=10.8.0.6 DST=69.72.142.98 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=20525 DF PROTO=TCP SPT=45854 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Mar 30 15:42:14 laptop kernel: [ 996.100000] Unknown OutputIN= OUT=tun0 SRC=10.8.0.6 DST=69.72.142.98 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=20526 DF PROTO=TCP SPT=45854 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Mar 30 15:42:15 laptop ovpn-openvpn[5340]: TCP: connect to 192.168.1.3:1194 failed, will try again in 5 seconds: Network is unreachable (errno=101)
Mar 30 15:42:20 laptop ovpn-openvpn[5340]: TCP: connect to 192.168.1.3:1194 failed, will try again in 5 seconds: Network is unreachable (errno=101)
Mar 30 15:42:20 laptop kernel: [ 1002.100000] Unknown OutputIN= OUT=tun0 SRC=10.8.0.6 DST=69.72.142.98 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=20527 DF PROTO=TCP SPT=45854 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Mar 30 15:42:25 laptop ovpn-openvpn[5340]: TCP: connect to 192.168.1.3:1194 failed, will try again in 5 seconds: Network is unreachable (errno=101)
Mar 30 15:42:30 laptop ovpn-openvpn[5340]: TCP: connect to 192.168.1.3:1194 failed, will try again in 5 seconds: Network is unreachable (errno=101)
Mar 30 15:42:32 laptop kernel: [ 1014.100000] Unknown OutputIN= OUT=tun0 SRC=10.8.0.6 DST=69.72.142.98 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=20528 DF PROTO=TCP SPT=45854 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
Mar 30 15:42:35 laptop ovpn-openvpn[5340]: TCP: connect to 192.168.1.3:1194 failed, will try again in 5 seconds: Network is unreachable (errno=101)

njih sam dobio u trenutku kada sam pokrenuo neki link u browseru tako da su potpuno taze

a ovo su logovi sa servera kada sam umesto eth0 stavio ppp0 medjutim i dalje se ne vide medjusobno client i server

sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

Mar 30 09:50:41 server ovpn-openvpn[4800]: WARNING: --keepalive option is missing from server config
Mar 30 09:50:41 server kernel: [ 5912.474252] tun0: Disabled Privacy Extensions
Mar 30 09:50:41 server ovpn-openvpn[4800]: TUN/TAP device tun0 opened
Mar 30 09:50:41 server ovpn-openvpn[4800]: ifconfig tun0 10.8.0.1 pointopoint 10.8.0.2 mtu 1500
Mar 30 09:50:41 server ovpn-openvpn[4806]: GID set to nogroup
Mar 30 09:50:41 server ovpn-openvpn[4806]: UID set to nobody
Mar 30 09:50:41 server ovpn-openvpn[4806]: Listening for incoming TCP connection on [undef]:1194
Mar 30 09:50:41 server ovpn-openvpn[4806]: TCPv4_SERVER link local (bound): [undef]:1194
Mar 30 09:50:41 server ovpn-openvpn[4806]: TCPv4_SERVER link remote: [undef]
Mar 30 09:50:41 server ovpn-openvpn[4806]: Initialization Sequence Completed

Da mozda ne treba izvrsiti neke izmene u /etc/ppp/options nesto sam gledao po google-u i ima kao nekih predloga, mada nisam bas siguran i ubedjen da je u tome stos?