Linode Forum
https://forum.linode.com/

Setup OpenVPN server
https://forum.linode.com/viewtopic.php?f=19&t=11779		 Page 3 of 3
Author:  Webkungen [ Sat May 02, 2015 7:14 pm ]
Post subject:  Re: Setup OpenVPN server
eth0 is the public ip but it's also configured (eth0:0) with private ip as well.

My goal is masquerade my IP and make it look Im in London, this is becuase my ISP gives me dirty ip addresses all the time which are blacklisted, so I cannot connect to certain hosting providers, or do my job in a good way.
Author:  kangaby [ Sun May 03, 2015 1:13 am ]
Post subject:  Re: Setup OpenVPN server
Well my last suggestion would be to remove the private IP address off eth0. Not even sure why you would want that. You must be doing something special.
It's possible that iptables is sending your VPN traffic (assuming my config) from 172.16.1.1 out your private IP address on eth0, instead of you public IP address on eth0, and upstream is dropping it. I have no idea how you would even test for that.

I'm assuming you have actually done the following, and the kernel you are using will actually forward traffic.
My Debian kernel does, does the Linode one? Don't know.

Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 172.16.1.0/24 -o eth0 -j MASQUERADE


If this doesn't work, I don't know what to suggest next.
Author:  Webkungen [ Sun May 03, 2015 2:32 am ]
Post subject:  Re: Setup OpenVPN server
The reason why I have private LAN setup is that there are 3 other debian boxes in the same local network, two app boxes and one dedicated MySQL. The one hosting the VPN is the smtp and backup server in the cloud.

I have issued the commands above for up_forward. Running Debian 6.
Author:  Webkungen [ Sun May 10, 2015 8:32 pm ]
Post subject:  Re: Setup OpenVPN server
Still no progress in this matter..

Would it be possible to use my local LAN config IP's for the VPN as well? I.e. my eth0 is configured for both WAN and LAN, and can I use the same ip range (192.168.172.0) for the VPN?

Have downloaded a software (SoftEther VPN Client) for Windows and I'm able to connect to the public VPN servers in that program, and get their resp. public ips, so this MUST be a matter of debian/serverconfig and has nothing to do with my modem/pocket wifi I thought before.

Only difference is that software is using TCP instead of UDP. Have tried to change OpenVPN config to TCP but now I cannot connect at all (yes I have opened TCP 1194 in CSF).

Any advise?
Author:  Webkungen [ Sun May 10, 2015 8:33 pm ]
Post subject:  Re: Setup OpenVPN server
Here's my LAN ip config
Code:
# ifconfig eth0:0
eth0:0    Link encap:Ethernet  HWaddr f2:3c:91:df:58:af
          inet addr:192.168.192.172  Bcast:192.168.255.255  Mask:255.255.128.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1


How should the server config for OpenVPN look like? Thanks!
Author:  kangaby [ Sun May 10, 2015 10:56 pm ]
Post subject:  Re: Setup OpenVPN server
This article may allude to what's going on: http://www.embedded-bits.co.uk/2008/mul ... rk-gotcha/
I think this is more a Linux networking / IP forwarding thing than an OpenVPN thing. But this is just a guess, it's above my pay grade.
I would temporarily take down your private IP's, so eth0 only has the primary public IP and test if that works.
If it does, you can then try and find out why it doesn't with private IP's.
Author:  Webkungen [ Sun May 10, 2015 11:07 pm ]
Post subject:  Re: Setup OpenVPN server
To take the local LAN down temporarily, it's just to write "ifconfig eth0:0" or is there anothre way, without taking down the whole interface (i.e. loose connection to the server).

Thanks,
Page 3 of 3 All times are UTC-04:00
Powered by phpBB® Forum Software © phpBB Group
http://www.phpbb.com/