I have a headless home server running Ubuntu Server 12.04. A 3rd party website (to which I'm subscribed) periodically sends commands to a daemon on my home server which in turn responds to the 3rd party website. With static IP addressing, dynamic DNS client and port forwarding on the modem this is working as expected; All is good!

However, I now want to use OpenVPN client on my server to tunnel/route the server traffic through a 3rd party VPN server. I have successfully installed and configured OpenVPN client on my server but had found that while OpenVPN is running, the commands from the 3rd party website are either not being received by my server and/or my server is not acknowledging the command back to the 3rd party website. If I stop OpenVPN on my server it works again.

I suspect the problem is the 3rd party website sends the commands to my server (via the modem and port forwarding) but the reply is being routed over the VPN instead of back through eth0, where it came from.

The following diagram gives a basic overview of my home network.enter image description here

I'm not sure what further information is needed, but hopefully the following is enough to solve the problem.

Output of ifconfig with VPN active

$ ifconfigeth0 Link encap:Ethernet HWaddr 00:07:e9:08:02:17inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0inet6 addr: fe80::207:e9ff:fe08:217/64 Scope:LinkUP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1RX packets:155309 errors:0 dropped:0 overruns:0 frame:0TX packets:141790 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:211724221 (211.7 MB) TX bytes:20656517 (20.6 MB)lo Link encap:Local Loopbackinet addr:127.0.0.1 Mask:255.0.0.0inet6 addr: ::1/128 Scope:HostUP LOOPBACK RUNNING MTU:16436 Metric:1RX packets:43 errors:0 dropped:0 overruns:0 frame:0TX packets:43 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:2368 (2.3 KB) TX bytes:2368 (2.3 KB)tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00- 00-00-00inet addr:10.167.1.6 P-t-P:10.167.1.5 Mask:255.255.255.255UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:2 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:100RX bytes:0 (0.0 B) TX bytes:264 (264.0 B)

Output of route without OpenVPN running

$ routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Ifacedefault modem 0.0.0.0 UG 100 0 0 eth0192.168.1.0 * 255.255.255.0 U 0 0 0 eth0

Output of route with OpenVPN running

$ routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Ifacedefault 10.111.1.5 128.0.0.0 UG 0 0 0 tun0default modem 0.0.0.0 UG 100 0 0 eth010.111.1.1 10.111.1.5 255.255.255.255 UGH 0 0 0 tun010.111.1.5 * 255.255.255.255 UH 0 0 0 tun0us-west.private modem 255.255.255.255 UGH 0 0 0 eth0128.0.0.0 10.111.1.5 128.0.0.0 UG 0 0 0 tun0192.168.1.0 * 255.255.255.0 U 0 0 0 eth0

I've found some other forums with similar sounding problems but have been unable to apply the information within to solve my specific problem.

http://www.overclock.net/t/1043127/solved-openvpn-client-blocks-inbound-ports
https://forum.linode.com/viewtopic.php?t=8737

Update: I've been told to investigate policy based routing which has led me to a similar question (Remote SSH access doesn't work when OpenVPN client is enabled on DD-WRT) but so far no answer there either.

    After the VPN connects run the following

    ip rule add from 192.168.1.1 table 10ip route add default via 192.168.1.254 table 10

      Your Answer

       
      discard

      By posting your answer, you agree to the privacy policy and terms of service.

      Not the answer you're looking for? Browse other questions tagged or ask your own question.