OpenVPN connecting but nothing works

Have you set:

echo 1 > /proc/sys/net/ipv4/ip_forward

Regards

Yep.

I know this is not terribly helpful, but OpenVPN has a turnkey solution called "OpenVPN Access Server" that handles all the setup for you and gives you a nice web UI for managing it all. Unfortunately, the free license is only good for two simultaneous connections. You can still override client and server settings through the web UI (which I use, for example, to bypass the VPN for certain subnets). Some client settings are pulled automatically from the server on connect, although some require you to re-import the config file.

It also auto-generates client installers with the config files baked in.

Follow this guide, it has always worked for me:

http://www.webhostingtalk.com/showthread.php?t=595436

Recommend that you review your syslog file and look for error Openvpn messages. If the messages were generated by Iptables, you will know where to add or modify rules.

@Trido:

I setup OpenVPN on a VPS runing Debian (Lenny). I have manage to set it up seemingly correctly, got the client running on Windows 7 Pro x64, even got it connected successfully, but I can't do anything. I can't ping the VPN server or access the internet through it. Is anyone able to help me? I pretty much followed the directions of the Linode Library guide. One thing I am wondering about is that I am using my work network at the moment which employs firewalls, etc. If 1194 isn't allowed through, is it possible that this is why I can connect to the server, but can't browse or ping anything?

My conf is below:

CLIENT

client

;dev tap

dev tun

;dev-node MyTap

;proto tcp

proto udp

remote server.name 1194

;remote-random

resolv-retry infinite

nobind

;user nobody

;group nobody

persist-key

persist-tun

;http-proxy-retry # retry on connection failures

;http-proxy [proxy server] [proxy port #]

;mute-replay-warnings

ca ca.crt

cert client.crt

key client.key

;ns-cert-type server

;tls-auth ta.key 1

;cipher x

comp-lzo

verb 3

;mute 20

SERVER

;local a.b.c.d

port 1194

;proto tcp

proto udp

;dev tap

dev tun

;dev-node MyTap

ca ca.crt

cert server.crt

key server.key # This file should be kept secret

dh dh1024.pem

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100

;server-bridge

;push "route 192.168.10.0 255.255.255.0"

;push "route 192.168.20.0 255.255.255.0"

push "redirect-gateway def1"

;client-config-dir ccd

;route 192.168.40.128 255.255.255.248

;client-config-dir ccd

;route 10.9.0.0 255.255.255.252

;learn-address ./script

;push "redirect-gateway def1 bypass-dhcp"

;push "dhcp-option DNS 208.67.222.222"

;push "dhcp-option DNS 208.67.220.220"

push "dhcp-option DNS 10.8.0.1"

;client-to-client

;duplicate-cn

keepalive 10 120

;tls-auth ta.key 0 # This file is secret

;cipher BF-CBC # Blowfish (default)

;cipher AES-128-CBC # AES

;cipher DES-EDE3-CBC # Triple-DES

comp-lzo

max-clients 3

;user nobody

;group nogroup

persist-key

persist-tun

status openvpn-status.log

;log openvpn.log

;log-append openvpn.log

verb 3

;mute 20

I installed dnsmasq and ran the following commands to add stuff to the iptables.

iptables -A FORWARD -m state –state RELATED,ESTABLISHED -j ACCEPT

iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT

iptables -A FORWARD -j REJECT

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

Everything seems right, and as I said, I can connect to to the server. I just can't do anything once connected. Any help would be appreciated.