|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| Re: Vps with VPN [message #50881 is a reply to message #50879] |
Tue, 19 November 2013 22:05   |
grep
Messages: 34
Registered: November 2013
|
Member |
|
|
Hello,
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- [b]IP.0/24[/b] anywhere
Is not correct.
You need to input your openvpn IP-Pool. As sayed, example: 10.1.1.0/24
And you have so much different iptables-rules:
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- anywhere anywhere to:IP.40
SNAT all -- IP/24 anywhere to:IP.40
SNAT all -- 10.8.0.0/24 anywhere to:127.0.0.1
SNAT all -- IP.0/24 anywhere to:127.0.0.1
SNAT all -- anywhere anywhere to:IP of VPN
SNAT all -- anywhere anywhere to:123.123.123.123
SNAT all -- anywhere anywhere to:IP.40
SNAT all -- 10.8.0.0/24 anywhere to:123.123.123.12
SNAT all -- 10.8.0.0/24 anywhere to:IP.40
SNAT all -- 10.8.0.0/24 anywhere to:IP.40
SNAT all -- anywhere anywhere to:IP.40
MASQUERADE all -- anywhere anywhere
iptables -t nat --flush; iptables --flush
Please connect to your openvpn server, check which IP address you get from the server (10.x.x.x) and then add the correct rule.
If you get 10.8.0.1 then your rule would be:
iptables -t nat -A POSTROUTING -o venet0 -s 10.8.0.0/24 -j MASQUERADE
I found different rules over google. Its long time ago when i setted up openvpn so i dont remember the correct rule which worked for me. But one of this 3 *must* work for you:
iptables -t nat -A POSTROUTING -o venet0 -s 10.8.0.0/24 (REPLACE WITH YOUR OPENVPN SUBNET) -j MASQUERADE
iptables -t nat -A POSTROUTING -o venet0 -j SNAT -to $YOUR_SERVER_IP (YOUR_SERVER_IP is as example 212.1.1.43. dont use your openvpn private ip here. its the server public ip)
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 (REPLACE WITH YOUR OPENVPN SUBNET) -j SNAT --to-source $YOUR_SERVER_IP (YOUR_SERVER_IP is as example 212.1.1.43. dont use your openvpn private ip here. its the server public ip)
If none of these works, then i only can recommend you to google "openvpn openvz iptables". There are many threads about this on the web and there are a lot of different iptables rules out there. But the 3 rules which i have listed should work for you.
If this too not work on your server then i could offer you to send me your openvpn connect files, your openvz ssh login and i fix it. But please try first these rules.
And when you add a new rule and it dont work, then flush the iptables before you try the next rule (again: iptables -t nat --flush; iptables --flush!!
[Updated on: Tue, 19 November 2013 22:07] Report message to a moderator |
|
|
|
|
|
|
|
| Re: Vps with VPN [message #50885 is a reply to message #50884] |
Wed, 20 November 2013 12:48 |
silence
Messages: 12
Registered: November 2013
Location: Portugal - Lisbon
|
Junior Member |
|
|
grep wrote on Wed, 20 November 2013 12:43Hello,
dont add your internet IP to the rules. I was thinking you use openvpn.
Please make:
iptables -t nat -A POSTROUTING -j SNAT --to-source SERVERIP
Serverip is the IP of your server, not of your internet. Insert the IP of your openvz container.
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
SNAT all -- anywhere anywhere to:IP_of_VPN
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
still not going
[Updated on: Wed, 20 November 2013 12:51] Report message to a moderator |
|
|
|
|
|
|
|
|
|
|
|
OpenVZ Forum
Members
Search
Help
Register
Login
Home
56(84) bytes of data.
