Home / server / Questions / 1165189
Accepted
David Rojo
Asked: 2024-09-13 17:18:24 +0800 CST

Openvpn can access VPC but internet traffic is lost

  • 772

I am creating a VPN to access a VPC, but I want the rest of the traffic to not pass through the vpn.

I've been able to access the VPC throught the VPN, but when connected to it, I loss access to internet.

This is my server configuration:

port 1194
proto udp
dev tun
ca /etc/openvpn/server/ca.crt
cert /etc/openvpn/server/vpn.crt
key /etc/openvpn/server/vpn.key 
dh /etc/openvpn/server/dh.pem
topology subnet
server 172.16.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "route 10.0.0.0 255.255.0.0"
keepalive 10 120
tls-auth /etc/openvpn/server/ta.key 0
cipher AES-256-GCM
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
log-append  /var/log/openvpn/openvpn.log
verb 3
explicit-exit-notify 1
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305

I've added this iptable to the server to access the VPC:

sudo iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -d 10.0.0.0/8 -j MASQUERADE

And this is my .ovpn file for the client:

client
dev tun
proto udp
remote XXXXXXXXXXXXX 1194
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-256-GCM
data-ciphers AES-256-GCM:AES-128-GCM:CHACHA20-POLY1305
verb 3
ca [inline]
cert [inline]
key [inline]
tls-auth [inline] 1
pull
<ca>....

When connected to the VPN, a route is added in the client with destination 0.0.0.0 and gateway the vpn server, I think this is the problem, but I don't know how to avoid this to happen.

~ route -n
Tabla de rutas IP del núcleo
Destino         Pasarela        Genmask         Indic Métric Ref    Uso Interfaz
0.0.0.0         172.16.0.1      0.0.0.0         UG    50     0        0 tun0
0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 eno1
10.0.0.0        172.16.0.1      255.255.0.0     UG    50     0        0 tun0
[**VPN IP**]    192.168.1.1     255.255.255.255 UGH   50     0        0 eno1
172.16.0.0      0.0.0.0         255.255.255.0   U     50     0        0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U     100    0        0 eno1
192.168.1.1     0.0.0.0         255.255.255.255 UH    50     0        0 eno1

I am using the default ubuntu network manager to import the .ovpn file and connect to the vpn.

vpn

1 Answers

  1. Best Answer

    Ok, seems to be an issue with ubuntu network manager.

    I've used OpenVPN Connect, and with this app in windows and mac works fine, and also with linux using the command line:

    sudo openvpn --config settings.ovpn
    • 0