I am trying to set up an openvpn server and client, with all client traffic being routed through the server. I am currently able to access the server through the client, but when I enable 'push "redirect-gateway def1"' on the server, the client loses all ability to connect to the internet, vpn or otherwise. In addition, it can no longer connect to the server, though lan connectivity is still fine. My server config file is:
local ***.***
port 1194
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh2048.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway local def1"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
and here's the client:
client
dev tun
proto tcp
remote ***.*** 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert laptop.crt
key laptop.key
ns-cert-type server
comp-lzo
verb 3
On the server, I enabled ip forwarding and enabled routing via iptables:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
but the client is still not able to connect to anything on the VPN or the internet.
Best Answer
For reference, the relevant section of the HOWTO is here, though I suspect you've followed that.
The first thing I'd try is to remove the 'local', that is the command should be
and not
The local flag only works if all of your clients are on the same subnet.
A couple of other things to be aware of are that DNS traffic is routed through the vpn so you won't be able to resolve addresses unless you've dealt with that. DHCP can also get forwarded though it doesn't look like that should happen in your case as you're using a routed not a bridged VPN, but might be worth checking anyway.