[Clug-tech] Still Looking for OpenVPN Help

[Jon]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jamie Furtner wrote:
> Ok, that's great - it sounds like the VPN itself works. OpenVPN itself 
> doesn't route traffic - it just dumps it in your network stack which 
> decides what to do with it. You'll need to set up iptables to NAT the 
> traffic coming through your tunnel using the command I gave earlier 
> (again, from memory):
> iptables -t nat -A POSTROUTING -j MASQUERADE -o eth0 -s 10.8.0.0/24
> which tells iptables to NAT traffic sourced from your VPN network and 
> destined for your external interface. If you have ip forwarding enabled, 
> then the traffic is already being sent out on your external interface, 
> but it's source IP address is your VPN address (10.8.0.6) - which 
> nothing outside of your openvpn server knows how to get to. You could 
> confirm this by using tcpdump or wireshark on the openvpn server.

Ah, it's starting to come together now. I do remember that iptables
command, but there's something not right with my VPS because when I try
it, I get

homeless:/home/jdw# iptables -t NAT -A POSTROUTING -j MASQUERADE -o
venet0 -s 10.8.0.0/24
modprobe: Can't open dependencies file
/lib/modules/2.6.9-023stab033.7-enterprise/modules.dep (No such file or
directory)
iptables v1.2.11: can't initialize iptables table `NAT': Table does not
exist (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded.

Sigh...so off I go to figure that one out now. This "little" project is
turning into my life's work.

J

- --
Key fingerprint: BDE0 DE52 B8C0 0CDF 7653 E5A2 D861 7877 0D3B 813E
http://www.jonwatson.ca
+1.403.875.6048
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFb7Xo2GF4dw07gT4RApuqAJ9ayHEfrJyge9h+j1hy38INwypyFgCfX7eH
w/APhFWDRB8yx1mrPNAF5DY=
=1Gon
-----END PGP SIGNATURE-----