OpenVPN client not working on a GCE instance

google-cloud-platformopenvpn

I have set up an OpenVPN client config in my GCE instance and it's able to establish the connection correctly and finally creates a tunnel interface.
But I cannot ping anything through that tunnel(using ping -I tun0 8.8.8.8 or curl www.google.com –interface tun0 won't get a respond).
I tried different subnet IP range(10.8.x.x or 192.168.x.x), different protocol(TCP or UDP), different auth method(TLS or static-key) but still no any luck.

If I configure an OpenVPN server config on the instance then it's working correctly, server(the GCE instance) and clients can ping each other.
Is OpenVPN client on GCE not supported or are there anything I've missed to configure?

It seems that operating systems and configs are irrelavent. I've tried multiple instances with different OSes, or change configs(these configs are working on other VPS), but the problem insists.

More detail on Google groups gce-discussion:
https://groups.google.com/forum/#!topic/gce-discussion/0KoMnaojG6E

Update:
I noticed when I ping something through the tunnel the RX and TX counts change(don't know if this means icmp packages actually transfer correctly) but ping still telling me 100% packet loss.
ifconfig before ping:

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:192.168.179.21  P-t-P:192.168.179.22  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:10 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:1661 (1.6 KiB)  TX bytes:0 (0.0 b)

ping:

[root@mario-vps mario]# ping -I tun0 8.8.8.8
PING 8.8.8.8 (8.8.8.8) from 192.168.179.21 tun0: 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
1 packets transmitted, 0 received, 100% packet loss, time 870ms

ifconfig after ping:

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00  
          inet addr:192.168.179.21  P-t-P:192.168.179.22  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:11 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100 
          RX bytes:1745 (1.7 KiB)  TX bytes:84 (84.0 b)

If I write "ping" and "ping-restart" arguments in the config file the connection won't go down. Don't know if this means even openvpn daemon is considering connection is well, but ping and curl-like stuff never work for me through that tunnel.

Best Answer

I have worked on OpenVPN running on GCE instances. It works without any issues. Please post log(snippet) whTunnel interface creates on GCE instance. Based on that logs we can easliy identify what the issue is. Usually log will be appended in syslog(if your GCE instance is Ubuntu). Are you planning to route your GCE instance Internet through Tunnel Interface?

Related Topic