I have a headless home server running Ubuntu Server 12.04. A 3rd party website (to which I'm subscribed) periodically sends commands to a daemon on my home server which in turn responds to the 3rd party website. With static IP addressing, dynamic DNS client and port forwarding on the modem this is working as expected; All is good!

However, I now want to use OpenVPN client on my server to tunnel/route the server traffic through a 3rd party VPN server. I have successfully installed and configured OpenVPN client on my server but had found that while OpenVPN is running, the commands from the 3rd party website are either not being received by my server and/or my server is not acknowledging the command back to the 3rd party website. If I stop OpenVPN on my server it works again.

I suspect the problem is the 3rd party website sends the commands to my server (via the modem and port forwarding) but the reply is being routed over the VPN instead of back through eth0, where it came from.

The following diagram gives a basic overview of my home network.enter image description here

I'm not sure what further information is needed, but hopefully the following is enough to solve the problem.

Output of ifconfig with VPN active

$ ifconfigeth0 Link encap:Ethernet HWaddr 00:07:e9:08:02:17inet addr: Bcast: Mask: addr: fe80::207:e9ff:fe08:217/64 Scope:LinkUP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1RX packets:155309 errors:0 dropped:0 overruns:0 frame:0TX packets:141790 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:1000RX bytes:211724221 (211.7 MB) TX bytes:20656517 (20.6 MB)lo Link encap:Local Loopbackinet addr: Mask: addr: ::1/128 Scope:HostUP LOOPBACK RUNNING MTU:16436 Metric:1RX packets:43 errors:0 dropped:0 overruns:0 frame:0TX packets:43 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:0RX bytes:2368 (2.3 KB) TX bytes:2368 (2.3 KB)tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00- 00-00-00inet addr: P-t-P: Mask: POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1RX packets:0 errors:0 dropped:0 overruns:0 frame:0TX packets:2 errors:0 dropped:0 overruns:0 carrier:0collisions:0 txqueuelen:100RX bytes:0 (0.0 B) TX bytes:264 (264.0 B)

Output of route without OpenVPN running

$ routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Ifacedefault modem UG 100 0 0 eth0192.168.1.0 * U 0 0 0 eth0

Output of route with OpenVPN running

$ routeKernel IP routing tableDestination Gateway Genmask Flags Metric Ref Use Ifacedefault UG 0 0 0 tun0default modem UG 100 0 0 eth010.111.1.1 UGH 0 0 0 tun010.111.1.5 * UH 0 0 0 tun0us-west.private modem UGH 0 0 0 eth0128.0.0.0 UG 0 0 0 tun0192.168.1.0 * U 0 0 0 eth0

I've found some other forums with similar sounding problems but have been unable to apply the information within to solve my specific problem.


Update: I've been told to investigate policy based routing which has led me to a similar question (Remote SSH access doesn't work when OpenVPN client is enabled on DD-WRT) but so far no answer there either.

    After the VPN connects run the following

    ip rule add from table 10ip route add default via table 10

      Your Answer


      By clicking "Post Your Answer", you acknowledge that you have read our updated terms of service, privacy policy and cookie policy, and that your continued use of the website is subject to these policies.

      Not the answer you're looking for? Browse other questions tagged or ask your own question.