New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Could not get Openvpn working on KVM :(
The issue is openvpn client is able to connect to the openvpn server(set up on this KVM vps), but Not able to connect to internet(can not ping either). I used the set setup on openvz with tun/tap enabled and it was working.( and of course i changed details to match kvm's interface and ip). I don't see any option to enable tun/tap on control panel. And i already use the POSTROUTING.
Any help please? Is there anything special to setup openvpn on KVM vps?
Problem solved. Thanks for all the replies. Anyway to close the thread?
Comments
Did you enable IPv4 forwrding?
echo 1 > /proc/sys/net/ipv4/conf/all/forwarding
Yes I did. Do I need to enable tun/tap from kernal ?
Yes you do. Or from solus if that's available to you.
Oh thanks. I don't see anything on the panel that are related to it, guess I probably need to do it from kernal.
If you have KVM, yo dn't need to enable it on the panel. Can you ping the host?
try
cat /dev/net/tun
"cat: /dev/net/tun: File descriptor in bad state"
*"File descriptor in bad state" means tun/tap is active, otherwise please ask your provider to activate it
Edit /etc/sysctl.conf
find
net.ipv4.ip_forward = 0
and replace with
net.ipv4.ip_forward = 1
Route iptables
/sbin/iptables -t nat -A POSTROUTING -s 10.10.10.0/24 -j SNAT --to-source IPVPSSERVER
mkdir /etc/iptables
/sbin/iptables-save > /etc/iptables/rules
echo "/sbin/iptables-restore < /etc/iptables/rules" >> /etc/rc.d/rc.local
reboot
all ready!
*10.10.10.0 - block ip like in server.conf
(server 10.10.10.0 255.255.255.0)
I wouldn't do NAT this way. I'd use masquerade:
iptables -t nat -A POSTROUTING -s 10.10.10.0/24 -o eth0 -j MASQUERADE
Thank you, problem solved. I miss configured the subnet. Or maybe forgot to reboot…… or too many iptables rules causing conflicts. Anyway, it is working now
Thank you, i miss configured the subnet. I changed yours to 10.8.0.0/24 and it's working now.