Salut,
je rencontre moi aussi des difficultés pour atteindre internet une fois connecte a mon vpn. J'ai essayer plusieurs tutos avant celui-ci et je me retrouve toujours bloque a cette même étape sans comprendre pourquoi.
Je suis débutant avec Linux et encore plus en ce qui concerne la création d'un réseau vpn donc excusez moi si je fournis des informations inutiles mais voici 2-3 retours de commandes qui pourront peut-être aider :
Coté serveurroot@23b045c8fa:/etc/openvpn/easy-rsa# openvpn /etc/openvpn/server.conf
Fri Feb 10 13:59:40 2017 OpenVPN 2.3.4 x86_64-pc-linux-gnu [SSL (OpenSSL)] [LZO] [EPOLL] [PKCS11] [MH] [IPv6] built on Nov 12 2015
Fri Feb 10 13:59:40 2017 library versions: OpenSSL 1.0.1t 3 May 2016, LZO 2.08
Fri Feb 10 13:59:40 2017 Diffie-Hellman initialized with 2048 bit key
Fri Feb 10 13:59:40 2017 Socket Buffers: R=[133120->131072] S=[133120->131072]
Fri Feb 10 13:59:40 2017 ROUTE_GATEWAY ON_LINK IFACE=venet0 HWADDR=00:00:00:00:00:00
Fri Feb 10 13:59:40 2017 TUN/TAP device tun0 opened
Fri Feb 10 13:59:40 2017 TUN/TAP TX queue length set to 100
Fri Feb 10 13:59:40 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Feb 10 13:59:40 2017 /sbin/ip link set dev tun0 up mtu 1500
Fri Feb 10 13:59:40 2017 /sbin/ip addr add dev tun0 local 10.8.0.1 peer 10.8.0.2
Fri Feb 10 13:59:40 2017 /sbin/ip route add 10.8.0.0/24 via 10.8.0.2
Fri Feb 10 13:59:40 2017 GID set to nogroup
Fri Feb 10 13:59:40 2017 UID set to nobody
Fri Feb 10 13:59:40 2017 UDPv4 link local (bound): [undef]
Fri Feb 10 13:59:40 2017 UDPv4 link remote: [undef]
Fri Feb 10 13:59:40 2017 MULTI: multi_init called, r=256 v=256
Fri Feb 10 13:59:40 2017 IFCONFIG POOL: base=10.8.0.4 size=62, ipv6=0
Fri Feb 10 13:59:40 2017 IFCONFIG POOL LIST
Fri Feb 10 13:59:40 2017 Initialization Sequence Completed
[1]+ Running openvpn /etc/openvpn/server.conf &
root@23b045c8fa:/etc/openvpn/easy-rsa# ifconfig tun0
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
root@23b045c8fa:/etc/openvpn/easy-rsa# ping -c5 10.8.0.6
PING 10.8.0.6 (10.8.0.6) 56(84) bytes of data.
64 bytes from 10.8.0.6: icmp_seq=1 ttl=64 time=68.0 ms
64 bytes from 10.8.0.6: icmp_seq=2 ttl=64 time=59.4 ms
64 bytes from 10.8.0.6: icmp_seq=3 ttl=64 time=61.9 ms
64 bytes from 10.8.0.6: icmp_seq=4 ttl=64 time=60.0 ms
64 bytes from 10.8.0.6: icmp_seq=5 ttl=64 time=67.9 ms
--- 10.8.0.6 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4004ms
rtt min/avg/max/mdev = 59.414/63.493/68.036/3.784 ms
root@23b045c8fa:/etc/openvpn/easy-rsa# ping -c5 google.com
PING google.com (172.217.22.174) 56(84) bytes of data.
64 bytes from arn09s11-in-f14.1e100.net (172.217.22.174): icmp_seq=1 ttl=58 time=7.37 ms
64 bytes from arn09s11-in-f14.1e100.net (172.217.22.174): icmp_seq=2 ttl=58 time=7.20 ms
64 bytes from arn09s11-in-f14.1e100.net (172.217.22.174): icmp_seq=3 ttl=58 time=7.19 ms
64 bytes from arn09s11-in-f14.1e100.net (172.217.22.174): icmp_seq=4 ttl=58 time=7.16 ms
64 bytes from arn09s11-in-f14.1e100.net (172.217.22.174): icmp_seq=5 ttl=58 time=7.29 ms
--- google.com ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4004ms
rtt min/avg/max/mdev = 7.168/7.247/7.373/0.120 ms
root@23b045c8fa:/etc/openvpn/easy-rsa# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp dpt:openvpn
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Coté client
root@a20-olimex:~# openvpn /etc/openvpn/client.conf
Fri Feb 10 19:11:24 2017 OpenVPN 2.2.1 arm-linux-gnueabihf [SSL] [LZO2] [EPOLL] [PKCS11] [eurephia] [MH] [PF_INET6] [IPv6 payload 20110424-2 (2.2RC2)] built on Dec 1 2014
Fri Feb 10 19:11:24 2017 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Fri Feb 10 19:11:24 2017 LZO compression initialized
Fri Feb 10 19:11:24 2017 Control Channel MTU parms [ L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Feb 10 19:11:24 2017 Socket Buffers: R=[163840->131072] S=[163840->131072]
Fri Feb 10 19:11:24 2017 Data Channel MTU parms [ L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Feb 10 19:11:24 2017 Local Options hash (VER=V4): '41690919'
Fri Feb 10 19:11:24 2017 Expected Remote Options hash (VER=V4): '530fdded'
Fri Feb 10 19:11:24 2017 UDPv4 link local: [undef]
Fri Feb 10 19:11:24 2017 UDPv4 link remote: [AF_INET]185.86.150.31:1194
Fri Feb 10 19:11:24 2017 TLS: Initial packet from [AF_INET]185.86.150.31:1194, sid=4effcb35 7a3f9c83
Fri Feb 10 19:11:24 2017 VERIFY OK: depth=1, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=MyOrganizationalUnit/CN=Fort-Funston_CA/name=EasyRSA/emailAddress=me@myhost.mydomain
Fri Feb 10 19:11:24 2017 VERIFY OK: nsCertType=SERVER
Fri Feb 10 19:11:24 2017 VERIFY OK: depth=0, /C=US/ST=CA/L=SanFrancisco/O=Fort-Funston/OU=MyOrganizationalUnit/CN=Serveur-VPN/name=EasyRSA/emailAddress=me@myhost.mydomain
Fri Feb 10 19:11:26 2017 Data Channel Encrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Feb 10 19:11:26 2017 Data Channel Encrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Feb 10 19:11:26 2017 Data Channel Decrypt: Cipher 'BF-CBC' initialized with 128 bit key
Fri Feb 10 19:11:26 2017 Data Channel Decrypt: Using 160 bit message hash 'SHA1' for HMAC authentication
Fri Feb 10 19:11:26 2017 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 2048 bit RSA
Fri Feb 10 19:11:26 2017 [Serveur-VPN] Peer Connection Initiated with [AF_INET]185.86.150.31:1194
Fri Feb 10 19:11:28 2017 SENT CONTROL [Serveur-VPN]: 'PUSH_REQUEST' (status=1)
Fri Feb 10 19:11:28 2017 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.0.6 10.8.0.5'
Fri Feb 10 19:11:28 2017 OPTIONS IMPORT: timers and/or timeouts modified
Fri Feb 10 19:11:28 2017 OPTIONS IMPORT: --ifconfig/up options modified
Fri Feb 10 19:11:28 2017 OPTIONS IMPORT: route options modified
Fri Feb 10 19:11:28 2017 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Feb 10 19:11:28 2017 ROUTE default_gateway=192.168.0.1
Fri Feb 10 19:11:28 2017 TUN/TAP device tun0 opened
Fri Feb 10 19:11:28 2017 TUN/TAP TX queue length set to 100
Fri Feb 10 19:11:28 2017 do_ifconfig, tt->ipv6=0, tt->did_ifconfig_ipv6_setup=0
Fri Feb 10 19:11:28 2017 /sbin/ifconfig tun0 10.8.0.6 pointopoint 10.8.0.5 mtu 1500
Fri Feb 10 19:11:28 2017 /sbin/route add -net 185.86.150.31 netmask 255.255.255.255 gw 192.168.0.1
Fri Feb 10 19:11:28 2017 /sbin/route add -net 0.0.0.0 netmask 128.0.0.0 gw 10.8.0.5
Fri Feb 10 19:11:28 2017 /sbin/route add -net 128.0.0.0 netmask 128.0.0.0 gw 10.8.0.5
Fri Feb 10 19:11:28 2017 /sbin/route add -net 10.8.0.1 netmask 255.255.255.255 gw 10.8.0.5
Fri Feb 10 19:11:28 2017 Initialization Sequence Completed
[1]+ Running openvpn /etc/openvpn/client.conf &
root@a20-olimex:~# ifconfig tun0
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.6 P-t-P:10.8.0.5 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 B) TX bytes:608 (608.0 B)
root@a20-olimex:~# ping -c5 10.8.0.1
PING 10.8.0.1 (10.8.0.1) 56(84) bytes of data.
64 bytes from 10.8.0.1: icmp_req=1 ttl=64 time=66.2 ms
64 bytes from 10.8.0.1: icmp_req=2 ttl=64 time=68.2 ms
64 bytes from 10.8.0.1: icmp_req=3 ttl=64 time=67.5 ms
64 bytes from 10.8.0.1: icmp_req=4 ttl=64 time=70.3 ms
64 bytes from 10.8.0.1: icmp_req=5 ttl=64 time=70.2 ms
--- 10.8.0.1 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4009ms
rtt min/avg/max/mdev = 66.247/68.526/70.324/1.576 ms
ping: unknown host google.com
...
Je precise que j'ai active le transfert de ports (1194/both) pour l'ip 192.168.0.25 (addresse locale de mon ordinateur client).
Voila j'espere que vous pourrez m'aider a y voir plus clair, n'hesitez pas a demander plus de details. Merci!