Hello, My Server has two NICs: enp0s8 (LAN) enp0s3 (NAT)
I created a virtual interface like the below: # touch /etc/network/interfaces.d/ifcfg-enp0s3:0 # nano /etc/network/interfaces.d/ifcfg-enp0s3:0 auto enp0s3:0 iface enp0s3:0 inet static address 10.0.5.20 netmask 255.255.255.0 Then: # systemctl restart networking # # ifconfig enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255 inet6 fe80::a00:27ff:feed:b47c prefixlen 64 scopeid 0x20<link> ether 08:00:27:ed:b4:7c txqueuelen 1000 (Ethernet) RX packets 3411 bytes 253798 (247.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2156 bytes 418396 (408.5 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 enp0s3:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.5.20 netmask 255.255.255.0 broadcast 10.0.5.255 ether 08:00:27:ed:b4:7c txqueuelen 1000 (Ethernet) enp0s8: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.1.20 netmask 255.255.255.0 broadcast 192.168.1.255 inet6 fe80::a00:27ff:fe74:6397 prefixlen 64 scopeid 0x20<link> ether 08:00:27:74:63:97 txqueuelen 1000 (Ethernet) RX packets 14183 bytes 2522768 (2.4 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 22038 bytes 27950125 (26.6 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 My OpenVPN configuration file is like the below: # cat server.conf port 1196 proto udp dev tun2 topology "subnet" push "topology subnet" ca /etc/openvpn//ca.crt cert /etc/openvpn/server.crt key /etc/openvpn/server.key dh /etc/openvpn/dh.pem server 10.10.0.0 255.255.255.0 push "redirect-gateway def1 bypass-dhcp" push "dhcp-option DNS 1.1.1.1" push "dhcp-option DNS 192.168.1.20" keepalive 10 120 tls-auth /etc/openvpn/ta.key 0 data-ciphers AES-256-CBC user nobody group nogroup persist-key persist-tun status /var/log/openvpn/openvpn-status.log log /var/log/openvpn/openvpn.log log-append /var/log/openvpn/openvpn.log verb 3 explicit-exit-notify 1 I added these iptables rules: # IF_MAIN=enp0s3:0 # IF_TUNNEL=tun2 # YOUR_OPENVPN_SUBNET=10.10.0.0/16 # iptables -I INPUT -p udp --dport 1196 -j ACCEPT # iptables -A FORWARD -i $IF_MAIN -o $IF_TUNNEL -m state --state ESTABLISHED,RELATED -j ACCEPT # iptables -A FORWARD -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j ACCEPT # iptables -t nat -A POSTROUTING -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j MASQUERADE # iptables -A FORWARD -i enp0s8 -o enp0s3:0 -m state --state ESTABLISHED,RELATED -j ACCEPT # iptables -A FORWARD -i enp0s3:0 -o enp0s8 -j ACCEPT # iptables -A FORWARD -j LOG # iptables -t nat -A POSTROUTING -o enp0s8 -j MASQUERADE Then, I saved the iptables rules: # iptables-save > /etc/sysconfig/iptables I started the OpenVPN server: # systemctl start openvpn@server # # ifconfig ... tun2: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 10.10.0.1 netmask 255.255.255.0 destination 10.10.0.1 inet6 fe80::533c:23f3:70c1:1186 prefixlen 64 scopeid 0x20<link> unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 500 (UNSPEC) RX packets 37 bytes 1844 (1.8 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 7 bytes 336 (336.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 I connected the Windows client to the OpenVPN server, but my Windows client can't access to the Internet: C:\>ping 8.8.8.8 Pinging 8.8.8.8 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 8.8.8.8: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), C:\> What is the problem? Is it because of the Virtual NIC? Thank you. _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
