Adding --float to client.ovpn solved the problem.
I'm trying to connect to OpenVPN for days now and i keep getting this error
Code:
TCP/UDP: Incoming packet rejected from 192.168.18.254:1194[2], expected peer address: 79.112.107.146:1194 (allow this incoming source address/port by removing --remote or adding --float)
.
I would really appreciate if someone could help me out.
post-firewall looks like this
Code:
#!/bin/sh
# this opens the ssh port to internet! Be sure to have strong passwords!
iptables -I INPUT -m tcp -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p udp --sport 1194 --dport 1194 -j ACCEPT
iptables -A OUTPUT -p udp --sport 1194 --dport 1194 -j ACCEPT
#OpenVPN access from WAN
iptables -D INPUT -j DROP
iptables -A INPUT -p udp --dport 1194 -j ACCEPT
iptables -t nat -I PREROUTING -i eth1 -p udp --dport 1194 -j DNAT
--to-destination 192.168.18.254:1194
iptables -A INPUT -j DROP
iptables -I INPUT -i tun0 -j ACCEPT
iptables -I FORWARD -i tun0 -j ACCEPT
iptables -I FORWARD -o tun0 -j ACCEPT
iptables -I OUTPUT -o tun0 -j ACCEPT
ifconfig
Code:
ifconfig
br0 Link encap:Ethernet HWaddr 00:1D:60:9F:1D:3C
inet addr:192.168.18.254 Bcast:192.168.18.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2431 errors:0 dropped:0 overruns:0 frame:0
TX packets:1883 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:582528 (568.8 KiB) TX bytes:826719 (807.3 KiB)
eth0 Link encap:Ethernet HWaddr 00:1D:60:9F:1D:3C
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:1112 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:306676 (299.4 KiB)
Interrupt:4 Base address:0x1000
eth1 Link encap:Ethernet HWaddr 00:1D:60:9F:1D:3C
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1824 errors:0 dropped:0 overruns:0 frame:0
TX packets:1263 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:680250 (664.3 KiB) TX bytes:368687 (360.0 KiB)
Interrupt:5 Base address:0x2000
eth2 Link encap:Ethernet HWaddr 00:1D:60:9F:1D:3C
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2424 errors:0 dropped:0 overruns:0 frame:112907
TX packets:2577 errors:31 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:615892 (601.4 KiB) TX bytes:1004952 (981.3 KiB)
Interrupt:12 Base address:0x4000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MULTICAST MTU:16436 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
ppp0 Link encap:Point-to-Point Protocol
inet addr:xxx.xxx.107.146 P-t-P:10.0.0.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING MULTICAST MTU:1492 Metric:1
RX packets:1529 errors:0 dropped:0 overruns:0 frame:0
TX packets:1163 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:600547 (586.4 KiB) TX bytes:340013 (332.0 KiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
server.conf
Code:
dev tun
proto udp
ifconfig 10.8.0.1 10.8.0.2
secret /opt/etc/openvpn/static.key
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
comp-lzo
keepalive 10 60
daemon
client.ovpn
Code:
remote xxx.xxx.xxx.xxx ;server IP address
dev tun
ifconfig 10.8.0.2 10.8.0.1
secret static.key
comp-lzo
keepalive 10 60
redirect-gateway def1
route-method exe
route-delay 2
dhcp-option DNS 10.8.0.1
Works great connecting from LAN , but i can't connect from WAN.