Lan not tunneling through OpenVPN

cryptmod

New Member
Joined
Jan 8, 2021
Messages
1
Reaction score
0
Credits
16
Hello, my effort to to route my LAN traffic via the OpenVPN tunnel is failing, although
curl ifconfig.me from the OpenVPN device shows OpenVPN device is tunneling. However the LAN Traffic is not being forwarded to the Internet VPN Gateway. Please review my routing table below for a fix.


Lan------------------→ VPN-device --→ ISP Router ------Internet Cloud------------→ VPN Gateway
192.168.188.0/24-→192.168.188.48-→ISP Router- 37.120.209.219
---------------------------------------------------

Kernel IP routing table
Code:
Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
0.0.0.0         10.8.3.1        128.0.0.0       UG        0 0          0 tun0
0.0.0.0         192.168.188.1   0.0.0.0         UG        0 0          0 eth0
0.0.0.0         192.168.1.254   0.0.0.0         UG        0 0          0 eth1
10.8.3.0        0.0.0.0         255.255.255.0   U         0 0          0 tun0
37.120.209.219  192.168.188.1   255.255.255.255 UGH       0 0          0 eth0
128.0.0.0       10.8.3.1        128.0.0.0       UG        0 0          0 tun0
192.168.1.0     0.0.0.0         255.255.255.0   U         0 0          0 eth1
192.168.188.0   0.0.0.0         255.255.255.0   U         0 0          0 eth0




LAN
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_ inet [URL='http://192.168.188.48/24']192.168.188.48/24[/URL] brd 192.168.188.255 scope global dynamic noprefixroute eth0

WAN
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_ inet [URL='http://192.168.1.98/24']192.168.1.98/24[/URL] brd 192.168.1.255 scope global dynamic noprefixroute

OpenVPN Device
4: tun0: <POINTOPOINT,MULTICAST,NOARP, inet [URL='http://10.8.3.2/24']10.8.3.2/24[/URL] brd 10.8.3.255 scope global tun0


It appears that I need to route the LAN through the tun0 Interface on the VPN device.


ip forwarding was enabled
sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
-----------------------------------------+
iptables routing via masquerade
/sbin/iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE /sbin/iptables -A FORWARD -i eth0 -o tun0 -m state --state RELATED,ESTABLISHED -j ACCEPT /sbin/iptables -A FORWARD -i tun0 -o eth0 -j ACCEPT
 

Members online


Top