[Not Solved]
Apr 07, 2020, 03:29 AM
(This post was last modified: Apr 07, 2020, 04:36 AM by kmccmk9.)
Hello,
I've searched on the forums and comments of the original article but haven't found a clear solution to this yet. I followed the instructions substituting Debian 10 names where needed. Everything is installed successfully and runs automatically at boot. When running the command
it results in curl: (6) Could not resolve host: ipinfo.io. Which indicates that the iptables may not have been flushed once the OpenVPN service was established?
I've listed my iptables output if it is of any help. Also note, my normal user account can curl just fine.
iptables -S
This seems to be the biggest indicator to me that something isn't right?
iptables -L
Please let me know what else you may need. I've confirmed I have a static IP at the router and on the interface itself. I also tried disabling ipv6 but I get the same result.
Also, I forgot to add the openvpn config:
I've searched on the forums and comments of the original article but haven't found a clear solution to this yet. I followed the instructions substituting Debian 10 names where needed. Everything is installed successfully and runs automatically at boot. When running the command
Code:
sudo -u vpn -i -- curl ipinfo.io
I've listed my iptables output if it is of any help. Also note, my normal user account can curl just fine.
iptables -S
Code:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-A OUTPUT ! -o lo -m owner --uid-owner 1001 -j DROP
iptables -L
Code:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere anywhere owner UID match vpn
Also, I forgot to add the openvpn config:
Code:
dev tun
fast-io
persist-key
persist-tun
nobind
remote switzerland-ca-version-2.expressnetw.com 1195
remote-random
pull
comp-lzo no
tls-client
verify-x509-name Server name-prefix
ns-cert-type server
key-direction 1
route-method exe
route-delay 2
tun-mtu 1500
fragment 1300
mssfix 1200
verb 3
cipher AES-256-CBC
keysize 256
auth SHA512
sndbuf 524288
rcvbuf 524288
auth-user-pass
route-noexec
auth-nocache
script-security 2
auth-user-pass /etc/openvpn/login.txt
up /etc/openvpn/iptables.sh
down /etc/openvpn/update-resolv-conf