I am trying to set up OpenVPN for the first time between two different cloud networks but getting issues. I have 2 linux machines, one is openvpn Server and another is client.
OpenVpn SSL Gateway (Open VPN Server in AWS Amazon Linux)
Private IP: 172.30.xx.8 (Network Interface- eth0) Virtual IP : 10.90.x.1 (Network Interface - tun0)
Vpn Client Machine (OpenVpn Client in another Cloud Network)
Private IP: 10.0.xx.11 (Network interface- eth0) Virtual IP : 10.90.x.2 (Network Interface- tun0)
I have allowed forward requests in both my server and client
net.ipv4.ip_forward=1 when I try to ping SSL gateway private ip from Vpn client Machine, I get a successful response.
i.e ping 172.30.xx.8 ( from 10.0.xx.11) - successful
When I try to ping other way round
i.e ping 10.0.xx.11 ( from 172.30.xx.8) - doesnt work
I have allowed everything in filters in my iptables on both servers for time being.
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A PREROUTING -j LOG
-A POSTROUTING -j LOG
-A POSTROUTING -o tun0 -j MASQUERADE
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -i etho -j ACCEPT
-A INPUT -i tun0 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A FORWARD -j LOG
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -p icmp -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -i eth0 -j ACCEPT
-A FORWARD -i tun0 -j ACCEPT
COMMIT
I haven't worked much on routing and Iptables so not sure what I am missing here. Appreciate any help on this.Here is my openvpn requirement for vpn access