OpenVPN Access Server Connectivity Test Passes, still no internet connectivity on clients.

Freek

I just installed OpenVPN Access Server to play around with, but I am having issues connecting to the internet using the OpenVPN client. I can connect and I get an IP assigned, but I cannot ping websites nor IPs.
My OpenVPN Access Server passes it's internal "Connectivity Test" and I've enabled "Should client Internet traffic be routed through the VPN". Also, the VPN server is listening on all interfaces. I can see the client connect in the web interface as well.
This is on a OpenVZ VPS running Ubuntu Server 12.04 32 bit. TUN/TAP is enabled, and I've followed this procedure to get the server actually to start, as it was complaining the device could not be found:
http://wiki.vpslink.com/TUN/TAP_device_with_OpenVPN_or_Hamachi

Has anyone experienced this before?

Thanks!

MrAndroid

I remember having the same issue as you once, I can't remember what you had to do to fix it.

have you checked the firewall?

Freek

Thanks for the reply @MrAndroid

I checked the firewall and it seems OpenVPN AS has made a lot of entries. I'm not sure wheter they are right or wrong, but just to be sure I tried to add this rule as well:
iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to-source VPSIP
This fixed internet connectivity for me in the past on OpenVZ VPSes. However, the rule doesn't seem to get added to iptables....

I also made sure to enabled IPv4 forwarding (net.ipv4.ip_forward=1)

prae5

What happens when you ping / traceroute a remote ip? Where does it fail / what route does it take?

Is it failing to route traffic or resolve addresses?

Freek

@prae5 said: What happens when you ping / traceroute a remote ip? Where does it fail / what route does it take?

C:\Users\Freek>tracert 8.8.8.8

Traceren van de route naar google-public-dns-a.google.com [8.8.8.8]
via maximaal 30 hops:

  1    33 ms    32 ms    32 ms  5.5.0.1
  2     *        *        *     Time-out bij opdracht.
  3     *        *        *     Time-out bij opdracht.
  4     *        *     ^C

@prae5 said: Is it failing to route traffic or resolve addresses?

It fails to route traffic. Addresses are resolved fine

Thanks in advance!

Ben1002

Are you running the latest version straight from their website, seen issues with some older versions on OpenVZ

taronyu

What client are you using? I'm using the portable VPN version and because of that I need to run it as administrator.

Freek

@BenND said: Are you running the latest version straight from their website, seen issues with some older versions on OpenVZ

Winner winner, chicken dinner! Yup, I was running an older version indeed. Upgraded to the latest version and all runs fine now.
Strange that the address resolving works but actual browsing doesn't.
Thanks guys

@taronyu said: What client are you using

I'm using the latest OpenVPN Community Client, 2.4 I believe. But it's solved, my server version was too old

taronyu

worth trying. good luck!

Ben1002

If you want to run an older version. I have an IPtables rule that fixes the connectivity.

lpn

@BenND said: If you want to run an older version. I have an IPtables rule that fixes the connectivity.

Do you care to share that rule?

Freek

@BenND said: If you want to run an older version. I have an IPtables rule that fixes the connectivity.

I personally do not need it at the moment, but feel free to share it for those who stumble on this topic with the same problem and do need to run an older version