I can connect to my new VPN with my Android phone, but I don't have an internet connection (I cannot browse, ping machines on the internet - even if i try to connect with a direct IP address it doesn't work - so DNS is not at fault here). I can ping/browse devices on my local network without a problem.
I have forwarded the correct port on my router and even set the raspberry PI on the DMZ but, it didn't make a difference.
Does anyone know what could be an issue ? I am attaching my server configuration and logs.
Log with Android device connected:
Code: Select all
local 192.168.0.30 dev tun proto udp port 1194 ca /etc/openvpn/easy-rsa/keys/NAME.crt cert /etc/openvpn/easy-rsa/keys/NAME.crt key /etc/openvpn/easy-rsa/keys/NAME.key dh /etc/openvpn/easy-rsa/keys/NAME.pem server 10.8.0.0 255.255.255.0 # server and remote endpoints ifconfig 10.8.0.1 10.8.0.2 # Add route to Client routing table for the OpenVPN Server push "route 10.8.0.1 255.255.255.255" # Add route to Client routing table for the OpenVPN Subnet push "route 10.8.0.0 255.255.255.0" # your local subnet push "route 192.168.0.0 255.255.255.0" # Set primary domain name server address to the SOHO Router # If your router does not do DNS, you can use Google DNS 188.8.131.52 push "dhcp-option DNS 192.168.0.1" # Override the Client default gateway by using 0.0.0.0/1 and # 184.108.40.206/1 rather than 0.0.0.0/0. This has the benefit of # overriding but not wiping out the original default gateway. push "redirect-gateway def1" client-to-client duplicate-cn keepalive 10 120 tls-auth /etc/openvpn/easy-rsa/keys/ta.key 0 cipher AES-128-CBC comp-lzo user nobody group nogroup persist-key persist-tun status /var/log/openvpn-status.log 20 log /var/log/openvpn.log verb 1 script-security 2 up /etc/openvpn/update-resolv-conf down /etc/openvpn/update-resolv-conf
Code: Select all
Sat Mar 25 16:48:15 2017 OpenVPN 2.3.4 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Jan 23 2016 Sat Mar 25 16:48:15 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08 Sat Mar 25 16:48:15 2017 NOTE: your local LAN uses the extremely common subnet address 192.168.0.x or 192.168.1.x. Be aware that this might create routing conflicts if you connect to the VPN server from public locations such as internet cafes that use the same subnet. Sat Mar 25 16:48:15 2017 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts Sat Mar 25 16:48:15 2017 Control Channel Authentication: using '/etc/openvpn/easy-rsa/keys/ta.key' as a OpenVPN static key file Sat Mar 25 16:48:15 2017 TUN/TAP device tun0 opened Sat Mar 25 16:48:15 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0 Sat Mar 25 16:48:15 2017 /sbin/ip link set dev tun0 up mtu 1500 Sat Mar 25 16:48:15 2017 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2 Sat Mar 25 16:48:15 2017 /etc/openvpn/update-resolv-conf tun0 1500 1558 10.8.0.1 10.8.0.2 init Sat Mar 25 16:48:15 2017 GID set to nogroup Sat Mar 25 16:48:15 2017 UID set to nobody Sat Mar 25 16:48:15 2017 UDPv4 link local (bound): [AF_INET]192.168.0.30:1194 Sat Mar 25 16:48:15 2017 UDPv4 link remote: [undef] Sat Mar 25 16:48:15 2017 Initialization Sequence Completed Sat Mar 25 17:03:42 2017 220.127.116.11:50074 [Client1] Peer Connection Initiated with [AF_INET]18.104.22.168:50074 Sat Mar 25 17:03:42 2017 Client1/22.214.171.124:50074 MULTI_sva: pool returned IPv4=10.8.0.6, IPv6=(Not enabled) Sat Mar 25 17:03:42 2017 Client1/126.96.36.199:50074 send_push_reply(): safe_cap=940