All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Once again, can't get OpenVPN to work
Right. Again I'm trying to install OpenVPN on my VPS.
I've followed several tutorials, but none have worked yet so far for me.
I've now followed this tutorial:
http://tipupdate.com/how-to-install-openvpn-on-ubuntu-vps/
However, at step 11 (when configuring the IP tables), the following command gives an error:
root@bravo:~# iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT -.to-source MyVPSIP
iptables v1.4.4: option SNAT' requires an argument Try
iptables -h' or 'iptables --help' for more information.
I already added the two dashes as suggested in the comments, but still I get the above error. I get the feeling this is causing my problem. I can connect, but cannot browse the internet.
Thanks in advance.
Comments
--to-source
Double hyphen
Edit: read your last paragraph :S
But...
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source MyVPSIP
Sure?
iptables -t nat -A POSTROUTING -o venet0 -j SNAT --to-source VPSIP
that works for me
Thanks for the ultra quick replies guys
@yomero No idea, just following the tutorial. Seems like it should be like that, from his screenshot.
@vedran That did the trick! Hello from 'France'
Thanks for helping me out here, @yomero and @vedran. Appreciate it
What exactly is the difference between just using 'push “dhcp-option DNS 10.8.0.1' in your server.conf file and using dnsmasq as suggested by Linode? (https://library.linode.com/networking/openvpn/ubuntu-10.04-lucid#sph_tunnel-all-connections-through-the-vpn)
There is no difference, you are supposed to do both
You install dnsmasq on your server as a DNS resolver and then use 'dhcp-option DNS 10.8.0.1' to tell the clients to use that dnsmasq
OR push any public DNS :P
dunno if this works on you,but recently i experienced some trouble with openvpn installation (not the access,just normal one) on free trial i got
after searching and asking my friends,its reach a conclusion ; the problem is iptables somehow is locked by the provider,and the only solution is ask them manually
AFAIK
Openvpn setup should be easy and short,install,build conf,foward,run,copy conf and you are safe CMIIW
Thanks for the reply guys.
@gsrdgrdghd Alright. I tried installing dnsmasq according to the Linode tutorial, but I can't start it:
* Restarting DNS forwarder and DHCP server dnsmasq
dnsmasq: failed to bind listening socket for 10.8.0.1: Address already in use
Here's the output of netstat -ap: http://pastebin.com/5bV4a87B
I don't see anything running on 10.8.0.1....
@yomero that's also possible :P (PS. Why are you getting thanked for every post by netomx?)
@MeMyselfandLinux It's working already, thanks for the help though. I was just wondering what the difference in both tutorials was caused by
Because he loves me...
And, then I decided to modify my signature to show that
lololol
Bump. I just reinstalled my VPS again and started from scratch, but still the same issue:
'* Restarting DNS forwarder and DHCP server dnsmasq
dnsmasq: failed to bind listening socket for 10.8.0.1: Address already in use'
Output netstat-ap: pastebin.com/5bV4a87B
MAn! Use another DNS! Is just the DNS getting pushed via DHCP to your clients u_u
Alright then
But I still find it strange :P
Dunno, sounds like the daemon isn't getting killed and then is started again, so can't start... lol
From the netstat output it looks like you have setup OpenVPN to listen on the DNS port.
Why that?
LOL, true
I have it running on port 53 indeed, because you can use it to bypass some payment terminals on airports and in hotels. Doesn't always work though
But that's the same port as the DNS port?
Yes, is the same, and if you wanted to combine that with dnsmasq, you can't bind to both ports.
I suggest you to use another port, like 443 or even 80.
Otherwise, I suggest you a more complex solution
http://www.rutschle.net/tech/sslh.shtml
But that's the same port as the DNS port?
I had tried to bypass a firewall on my Uni, but I didn't succeed, I even put 443
Thanks guys for figuring that out Mystery solved
@netomx Firewalls are something else than Payment terminals. I mean those terminals that popup after you connect to an 'open' WiFi network, which force you to pay for internet access. Those terminals usually communicate on port 53 and until you pay, every port is blocked except for port 53. So in theory, if your VPS runs on port 53, you should be able to browse the internet via your VPN
Neat solution
In other hands, I have seen some "Dango" or something like that, wifi services that have their own iphone app... if you initiate the payment, even if you don't make it, they will open the internet