I have set up OpenVPN once before, but I'm very new at networking Linux. I had successfully done this on Ubuntu 8.10, now I'm trying to do the same thing on Ubuntu 10.04. I think the general setup is correct because when I connect the client to the server I can successfully SSH and FTP to the server.
What I want to do is force all client traffic [including web] through the VPN server. I tried to NAT [correct term?] it with this:
sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
But no go. The above command accomplished what I wanted on my old server. Any ideas? I'll post both config files below.
All suggestions appreciated,
port X proto udp dev tun ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key # This file should be kept secret dh /etc/openvpn/keys/dh1024.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist ipp.txt client-config-dir ccd push "redirect-gateway def1" push "dhcp-option DNS 10.8.0.1" keepalive 10 120 cipher AES-128-CBC # AES max-clients 5 user nobody group nogroup persist-key persist-tun status openvpn-status.log log openvpn.log verb 4 mute 10
client dev tun proto udp remote A.B.C.D X resolv-retry infinite nobind persist-key persist-tun mute-replay-warnings ca Lease-ca.crt cert thejestre.crt key thejestre.key ns-cert-type server cipher AES-128-CBC verb 4