Posted: Thu Oct 19, 2017 3:01 Post subject: OpenVPN problem: iptables dropping tun0
Hi all,
I'm trying to set up an OpenVPN server on my router (so I can use my home connection as a secure tunnel if I'm connected to un-trusted coffee shop wifi).
I have the client and server set up, and I can connect to the server from outside.
The problem is that after I connect, I cannot go anywhere, and checking dmesg on the router reveals that it is dropping everything that comes in on tun0:
# Allow TUN interface connections to OpenVPN server
iptables -A INPUT -i tun+ -j ACCEPT
# Allow TUN interface connections to be forwarded through other interfaces
iptables -A FORWARD -i tun+ -j ACCEPT
I'm using this code in the router's OpenVPN config to force all traffic through the vpn:
Code:
# Force all traffic through the VPN
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
Is there any way to verify that those itpables rules are active, and that they are the only ones active?
# Allow TUN interface connections to OpenVPN server
iptables -I INPUT 2 -i tun+ -j ACCEPT
# Allow TUN interface connections to be forwarded through other interfaces
iptables -I FORWARD 1 -i tun+ -j ACCEPT
If I understand correctly, this means the router accepts anything on tun interfaces, so as long as only trustworthy people can establish a VPN connection, I'm ok.