I am trying to make my raspberry pi an VPN server with openVPN by following this tutorial by readwrite.com: http://readwrite.com/2014/04/10/raspber ... b-browsing. I just finished part one, but when I reboot, it seems to lose wifi (wlan0) internet connection. The same thing happened when I tried install hamachi for VPN as well. I am very sure that the wifi dongle works, and it can auto connect to internet after reboot before I installed VPN. I can still connect to network after VPN is installed by following the steps below.
Code: Select all
#typing this will say wlan0 is not configured
$sudo ifdown wlan0
#so I start wlan0 by doing, however I cannot connect to network
$sudo ifup wlan0
#I will need to perform a wlan scan
$sudo iwlist wlan0 scan
$sudo ifdown wlan0
$sudo ifup wlan0
#now it connects
Thanks,
PS:
Here is my interface file:
Code: Select all
auto lo
iface lo inet loopback
iface eth0 inet dhcp
auto wlan0
allow-hotplug wlan0
iface wlan0 inet manual
wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf
iface default inet static
address 192.168.XXX.XX
netmask 255.255.255.0
network 192.168.0.0
gateway 192.168.0.1
Code: Select all
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1
network={
ssid="myssid"
psk="mypassword"
}
Code: Select all
*filter
# Allow all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0
-A INPUT -i lo -j ACCEPT
-A INPUT -d 127.0.0.0/8 -j REJECT
# Accept all established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow all outbound traffic - you can modify this to only allow certain traffic
-A OUTPUT -j ACCEPT
# Allow HTTP and HTTPS connections from anywhere (the normal ports for websites and SSL).
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT
# Allow SSH connections
#
# The -dport number should be the same port number you set in sshd_config
#
-A INPUT -p tcp -m state --state NEW --dport 22 -j ACCEPT
# Allow git
-A INPUT -p tcp --dport 9418 -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow samba
-A INPUT -p udp -m udp --dport 137 -j ACCEPT
-A INPUT -p udp -m udp --dport 138 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 139 -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 445 -j ACCEPT
#Allow VPN establishment
-A INPUT -p udp --dport 1194 -j ACCEPT
#-A FORWARD -s 192.168.101.0/24 -i wlan0 -o eth0 -m conntrack --ctstate NEW -j REJECT -m comment --comment "Block traffic from clients to eth0"
#-A FORWARD -s 192.168.101.0/24 -i wlan0 -o tun0 -m conntrack --ctstate NEW -j ACCEPT -m comment --comment "Allow only traffic from clients to tun0"
# Allow ping
-A INPUT -p icmp --icmp-type echo-request -j ACCEPT
# Log iptables denied calls
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
# Drop all other inbound - default deny unless explicitly allowed policy
-A INPUT -j DROP
-A FORWARD -j DROP
COMMIT
*nat
-A POSTROUTING -s 10.8.0.0/24 -o wlan0 -j SNAT --to-source 192.168.0.16
#-t nat -A POSTROUTING -o eth0 -j MASQUERADE -m comment --comment "Use VPN IP for eth0"
#-t nat -A POSTROUTING -o tun0 -j MASQUERADE -m comment --comment "Use VPN IP for tun0"
COMMIT
