I have set up an OpenVPN server to which I can succesfully connect from Android and iOS devices.
I am having troubling setting up my Ubuntu 18.04 machine as a client. I installed the gnome OpenVPN client so I could connect via the Network Manager. Having done so with the openvpn file and password provided by the server, I get the message that I succesfully connected to the VPN server.
However, I cannot actually reach the VPN network; in fact, I do not even get a response when I ping the VPN server on my client machine.
What could be causing this? There is no firewall enabled on the client side.
Edit: just tried connecting with
sudo openvpn --config [ovpn file name]
instead. Worked flawlessly. So the problem is with the network manager. Does it somehow not import the right settings from the *.ovpn file?
Edit 2 on request: When connected to VPN through CLI command: I can ping 8.8.8.8 and any machine on the local network. When supposedly "connected" to the VPN through network manager GUI I can ping neither 8.8.8.8, nor any machine on the local network, nor the server itself.
You said you can connect i.e. from a phone. Well it says connected...ok. Does the VPN Server side knows what to do with your traffic? Same goes for your Linux machine. Its connected meaning you got authenticated. Does the server knows what to do with your network traffic?
Here's an example...
000 #1287: "ciscoxxxxx" STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 1845s; newest IPSEC; eroute owner 000 #1287: "ciscoxxxxx" [email protected] (0 bytes) [email protected] (0 bytes); tunnel 000 #1286: "ciscoxxxx2" STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 1503s; newest IPSEC; eroute owner 000 #1286: "ciscoxxxx2" [email protected] (3496 bytes, 35s ago) [email protected] (0 bytes); tunnel 000 #1281: "ciscoxxxx2" STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 78757s; newest ISAKMPFrom the above we can see my VPN Server has established connections.root#iptables -L Chain INPUT (policy ACCEPT) target prot opt source destinationChain FORWARD (policy ACCEPT) target prot opt source destination ACCEPT all -- x.x.x.x(an ip here) xxx.xxx.xxx.0/24 policy match dir in pol ipsec reqid 16392 proto esp ACCEPT all -- xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx policy match dir out pol ipsec reqid 16392 proto espthe above is rules to my VPN Server tell him what to do with the traffic received from which source and where to route it. so ...on and on and on depending on your rules/needs.ofc its not the same software maybe but the set up its pretty much the same
It's a bit late, but I had this same issue and the difference I saw between NetworkManager and using the CLI is the device type.
NetworkManager uses by default a Tun device and openvpn a Tap device. Changing the option "Set virtual device type" to "TAP" in Advanced OpenVPN properties allowed me to reach the remote LAN.