Edit: This is now fixed. I had to change the DNS from my ISP's to the VPN provider's to make it work. Hi, I have installed debian lenny and ispconfig 3 using the perfect setup. Now I've got a vpn account but I have some issues making it work on Linux. However, I did make it work using openvpn for Windows XP with GUI (exact same configuration settings). Then I was able to surf around with the IP of the vpn server. So, this is what I've done. Downloaded and installed openvpn using apt-get install openvpn Made a /etc/openvpn/openvpn.conf file with the following contents: Code: dev tap remote 88.80.xx.xx float 88.80.xx.xx dhcp-option DNS 88.80.xx.xx port 5122 comp-lzo ifconfig 88.80.xx.xx 255.255.255.128 route-gateway 88.80.xx.xx redirect-gateway def1 secret key.txt cipher AES-128-CBC My box is behind a router, so I've forwarded port 5122 (both UDP/TCP) to the internal IP of the machine running openvpn. Furthermore I've included the key in key.txt and restarted openvpn using /etc/init.d/openvpn restart When I try to ping google.com, there is about 1 minute wait and I get Code: ping: unknown host google.com When I run route, there is a 2-3 minute wait until all results are displayed and I get Code: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 88.80.xx.xx 192.168.0.1 255.255.255.255 UGH 0 0 0 eth0 88.80.xx.xx * 255.255.255.128 U 0 0 0 tap0 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0 default 88.80.xx.xx 128.0.0.0 UG 0 0 0 tap0 128.0.0.0 88.80.xx.xx 128.0.0.0 UG 0 0 0 tap0 default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0 If I try to run nslookup google.com there is a long halt, and then Code: ;; connection timed out; no servers could be reached I can ping internal IPs, and I'm connected to the box from behind the router using SSH. This is what my /etc/network/interfaces looks like Code: # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface #allow-hotplug eth0 #iface eth0 inet dhcp # The primary network interface auto eth0 iface eth0 inet static address 192.168.0.102 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1
So what basically happens is in your case all VPN traffic (no matter of the target) is sent to your openvpn server. But as your tunnel IPs are not routed as they are private, your vpn server needs to NAT these stuff. And this you need to set up. Maybe this points you a bit more in the right direction: http://serverfault.com/questions/9022/openvpn-iptables-nat-routing
