All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Can anyone explain why traffic is blocked as soon as I run openvpn on contabo server?
In the past I had openvpn issues on new servers but these were usually due to the tun/tap thing but when that was the case openvpn won't start at all but openvpn initiates fine but once it starts no traffic will go through. Tun also shows active on ip addr show
I thought some firewall issue but I disabled ufw and it still doesn't work.
Openvpn is showing successful initialization in the terminal output.
I tried both opening a webpage and wget webpage and neither will work until I turn off the vpn and then it immediately works again.
So what can be causing the blockage?
I often see debugging networking to use traceroute/tracepath but these don't even work for me when the internet is working fine- either on my desktop or the server- it just hangs no reply even though the internet connection is working perfectly well (when openvpn isn't running of course); so I don't find that a good diagnostic when it won't even work reliably when the internet is fine.
Comments
Have you enabled ip forwarding?
Sounds like a routing issue.
Assuming you're running OpenVPN as a client on the server, it will probably change the default route, and thus appears unreachable from its "real" IP address.
No.
Are these both the same issue? And so how to go about solving? Never remember doing these extra steps with other servers, just saying since I have no experience with that thus far. And yest talking about running as client; forgot about that distinction.
Ah I see there is documentation on openvpn website on ip forwarding, I will read that now.
EDIT: I just did
and it was disabled
and then
as per advised in the arch wiki (I am using arch) but still didn't work. I presume you don't need a reboot for that? since the article didn't say so. I am rushing things now anyway as I have to go out in a sec. I will take more time on this a little later.
Did you setup iptables, particularly the MASQUERADE?
or the SNAT
No I didn't so far I have only set a systemd unit saved to allow ssh over openvpn
That is all I have set so far. I seem to remember some settings I set on other servers in the past about masquerade but would have no idea how to set them again and I haven't found them saved on my computer.
EDIT: ah I see this seems to have all I want. I will work through it properly tommorow.
But the vps IP address changes every time so how does that work? The address will change every time you use another config file won't it so surely you don't have to edit that every single time you run openvpn?
So I am not sure what you mean by '
I am using ufw so I added that line like so (going by what other postrouting rules I saw in there) and it reloaded without errors but didn't seem to have any effect.
I also followed the recommendations in the archwiki I linked above the part about allowing it in ufw I thought would be just the ticket though it still isn't working.
Please help I am desperate for some loving kindness
You should install from a script on github. Like https://github.com/StreisandEffect/streisand
If you have used https://github.com/Angristan/OpenVPN-install , which DNS Servers did you select. Selecting "Use system/local DNS" sometimes (with various providers) resulted for me in my traffic not going through even though that appears to be odd. Re-install and select Cloudflare/Google DNS and it should work like a charm.
you can use softether, it support multi protocol and easy to use.
https://github.com/icoexist/softether-autoinstall