how to make pppoe and openvpn connection working in one host?

linuxsir · 2014-05-19 09:25:02

hi!
I have a x86 based gateway running archlinux ,it's working fine for several years. And recently I need to access

subnet behind the gateway useing openvpn. This gateway has two network interface eth0 eth1.Eth0 connect to subnet

through switch, eth1 connect to internet through a pppoe connection. Here is a problem, when i active

openvpn app which is installed in gateway. The host in subnet can not access internet through gateway . When i

shutdown openvpn app ,the internet connection of the host is automaticly recovered.I have on idea why. does

anyone have any suggestion will be appreciated.

Sorry for bad english ,it's not my first language. Sometimes just feel difficult to express yourself in language you are not familiar with! sp I living in china.

Last edited by linuxsir (2014-05-20 04:09:01)

linuxsir · 2014-05-19 09:33:57

by the way i will post openvpn configuration later

linuxsir · 2014-05-20 00:45:55

;local 192.168.9.234
port 1194
proto tcp
;proto udp
;dev tap0
dev tun1
ca /etc/openvpn/easy-rsa/keys/ca.crt
cert /etc/openvpn/easy-rsa/keys/server.crt
key /etc/openvpn/easy-rsa/keys/server.key  # This file should be kept secret
dh /etc/openvpn/easy-rsa/keys/dh1024.pem
server 192.168.22.0 255.255.255.0
;mode server
;tls-server
;ifconfig 192.168.22.39
;ifconfig 192.168.22.40 192.168.22.41
push "route-getway 192.168.22.253"
;ifconfig-pool-persist ipp.txt
;ifconfig 129.168.22.39 255.255.255.0
;ifconfig-pool 192.168.22.40 192.168.22.251 255.255.255.0
;server-bridge 192.168.68.1 255.255.255.0 192.168.68.50 192.168.68.70
;server-bridge
push "route 192.168.22.0 255.255.255.0"
push "route 0.0.0.0 0.0.0.0"
push "dhcp-option DNS 202.100.128.68"
push "dhcp-option DNS 202.100.138.68"
push "redirect-getway def1 bypass-dhcp"
;client-config-dir ccd
;route 192.168.40.128 255.255.255.248
;learn-address ./script
;push "redirect-gateway def1 bypass-dhcp"
;push "dhcp-option DNS 208.67.222.222"
;push "dhcp-option DNS 208.67.220.220"
client-to-client
;duplicate-cn
keepalive 10 120
;tls-auth ta.key 0 # This file is secret
;cipher BF-CBC        # Blowfish (default)
;cipher AES-128-CBC   # AES
;cipher DES-EDE3-CBC  # Triple-DES
comp-lzo
;max-clients 100
;user nobody
;group nobody
persist-key
persist-tun
status openvpn-status.log
;log         openvpn.log
;log-append  openvpn.log
verb 3
;mute 20

Last edited by linuxsir (2014-05-20 03:50:36)

linuxsir · 2014-05-20 01:12:35

and here is firewall configuration

iptables -F
#iptables -A FORWARD -s 192.168.22.0/24 -j ACCEPT
iptables -A FORWARD -s 192.168.22.0/24 -m mac --mac-source 00:21:97:85:39:20 -j ACCEPT
#monitor
iptables -A FORWARD -s 192.168.22.0/24 -m mac --mac-source D8:D3:85:FB:31:A6 -j ACCEPT
#erp

iptables -A FORWARD -s 192.168.22.0/24 -m mac --mac-source D8:D3:85:FD:B0:56 -j ACCEPT
#cl-by
iptables -A FORWARD -s 192.168.22.0/24 -m mac --mac-source 14:CF:92:4F:81:DD -j ACCEPT
#route


iptables -A FORWARD -s 192.168.22.0/24 -j DROP
iptables -t nat -A POSTROUTING -s 192.168.22.0/24 -o ppp0 -j MASQUERADE

Last edited by linuxsir (2014-05-20 03:51:27)

ewaller · 2014-05-20 02:13:13

Linuxsir,
A couple things. Please use BBCode code tags when posting program output or file dumps. Your reader's will appreciate it. They also appreciate proper English punctuation and capitalization. Also, please use the edit function rather than repeatably responding to your own posts.

Thanks

Arch Linux

#1 2014-05-19 09:25:02

how to make pppoe and openvpn connection working in one host?

#2 2014-05-19 09:33:57

Re: how to make pppoe and openvpn connection working in one host?

#3 2014-05-20 00:45:55

Re: how to make pppoe and openvpn connection working in one host?

#4 2014-05-20 01:12:35

Re: how to make pppoe and openvpn connection working in one host?

#5 2014-05-20 02:13:13

Re: how to make pppoe and openvpn connection working in one host?

Board footer