Hi guys
I’ḿ running yunohost on a OVH VPS, Debian 8. I can connect from both my Win 7 work station or my home Ubuntu PC, but once connected, nothing.
I feel like there’s a problem with dns but can’t be 100% sure. Here are some more info
OpenVPN server is running, here’s the status / ps
root@garrigue:~# service openvpn status
● openvpn.service - OpenVPN service
Loaded: loaded (/lib/systemd/system/openvpn.service; enabled)
Active: active (exited) since mer. 2015-09-09 12:19:01 CEST; 4 days ago
Main PID: 21291 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/openvpn.service
sept. 09 12:19:01 garrigue.re systemd[1]: Started OpenVPN service.
root@garrigue:~# ps -ef | grep openvpn
root 14960 14948 0 21:28 pts/1 00:00:00 grep openvpn
openvpn 21310 1 0 sept.09 ? 00:01:18 /usr/sbin/openvpn --daemon ovpn-yunohost --status /run/openvpn/yunohost.status 10 --cd /etc/openvpn --config /etc/openvpn/yunohost.conf
And here is the config
root@garrigue:~# cat /etc/openvpn/yunohost.conf
port 1194
dev tun
proto udp
ca /etc/yunohost/certs/garrigue.re/ca.pem
cert /etc/yunohost/certs/garrigue.re/crt.pem
key /etc/yunohost/certs/garrigue.re/key.pem
dh /etc/yunohost/certs/garrigue.re/dh.pem
server 10.8.0.0 255.255.255.0
route 10.8.0.0 255.255.255.0
keepalive 10 60
inactive 600
user openvpn
group openvpn
persist-tun
persist-key
verb 5
plugin /usr/lib/openvpn/openvpn-auth-ldap.so /etc/openvpn/auth/ldap.conf
client-cert-not-required
status /var/log/openvpn.log
comp-lzo
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
Once the VPN is connected, from my ubuntu here’s the tunnel ifconfig
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet adr:10.8.0.14 P-t-P:10.8.0.13 Masque:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
Packets reçus:0 erreurs:0 :0 overruns:0 frame:0
TX packets:408 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 lg file transmission:100
Octets reçus:0 (0.0 B) Octets transmis:48476 (48.4 KB)
I’m not familiar with VPN, is 0 byte downloaded right ? 255.255.255.255 masq ok ? Here is a dig
remy@remy:~$ dig
; <<>> DiG 9.9.5-9ubuntu0.3-Ubuntu <<>>
;; global options: +cmd
;; connection timed out; no servers could be reached
Of course as soon as disconnect the VPN, from my ubuntu dig is listing the usual a to m.root-servers.net. Here is another one from the server, everything seems ok
root@garrigue:/etc/dnsmasq.d# dig
; <<>> DiG 9.9.5-9+deb8u3-Debian <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 10878
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;. IN NS
;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Sep 13 21:41:26 CEST 2015
;; MSG SIZE rcvd: 17
I can resolv a random website, like xkcd
root@garrigue:/etc/dnsmasq.d# ping xkcd.com
PING xkcd.com (104.156.81.67) 56(84) bytes of data.
64 bytes from 104.156.81.67: icmp_seq=1 ttl=57 time=4.82 ms
I’m at a loss so far… anyone can help, can tell me how to investigate this matter further ?