Hi Guys,
Configured OpenVPN and a group to route traffic through but for some strange reason I am not seeing an IP address in the table or able to route traffic through the interface. Any ideas why?
firewall {
all-ping enable
broadcast-ping disable
group {
address-group ovpn_toronto {
description ""
}
address-group vlan_internet {
address 192.168.1.1
description "VLAN network internet"
}
address-group vpn_usa {
address 192.168.0.197
address 192.168.0.13
address 192.168.0.30
address 192.168.0.11
}
network-group vlan_fw {
description "VLAN network firewall"
network 192.168.1.0/24
}
}
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable
modify detour {
rule 10 {
action modify
description "Detour route to US VPN pptpc0"
modify {
table 1
}
source {
group {
address-group vpn_usa
}
}
}
}
name VLAN {
default-action accept
rule 10 {
action accept
description "allow vlan access to internet"
destination {
group {
address-group vlan_internet
}
}
}
rule 20 {
action drop
description "block vlan from accessing network"
destination {
group {
network-group vlan_fw
}
}
}
}
name WAN_IN {
default-action drop
description "WAN to internal"
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action drop
state {
invalid enable
}
}
}
name WAN_LOCAL {
default-action drop
description "WAN to router"
rule 10 {
action accept
state {
established enable
related enable
}
}
rule 20 {
action drop
state {
invalid enable
}
}
}
receive-redirects disable
send-redirects enable
source-validation disable
syn-cookies enable
}
interfaces {
ethernet eth0 {
address 192.168.0.1/24
description Local
duplex auto
firewall {
in {
modify detour
}
}
speed auto
vif 10 {
address 192.168.1.1/24
description IoT
firewall {
in {
name VLAN
}
local {
}
}
}
}
ethernet eth1 {
address dhcp
description Internet
duplex auto
firewall {
in {
name WAN_IN
}
local {
name WAN_LOCAL
}
}
speed auto
}
ethernet eth2 {
description Spare
duplex auto
speed auto
}
loopback lo {
}
openvpn vtun0 {
config-file /config/auth/ca_toronto.ovpn
description "Private Internet Access VPN"
}
pptp-client pptpc0 {
default-route none
description US1
mtu 1500
name-server auto
password
require-mppe
server-ip us-east.privateinternetaccess.com
user-id
}
}
port-forward {
auto-firewall enable
hairpin-nat enable
lan-interface eth0
lan-interface eth0.10
rule 1 {
description Plex
forward-to {
address 192.168.0.3
}
original-port
protocol tcp_udp
}
rule 2 {
description "DS Backup"
forward-to {
address 192.168.0.3
}
original-port
protocol tcp
}
wan-interface eth1
}
protocols {
static {
table 1 {
interface-route 0.0.0.0/0 {
next-hop-interface pptpc0 {
}
}
}
}
}
service {
dhcp-server {
disabled false
hostfile-update disable
shared-network-name IoT {
authoritative disable
subnet 192.168.1.0/24 {
default-router 192.168.1.1
dns-server 192.168.1.1
lease 86400
start 192.168.1.2 {
stop 192.168.1.100
}
}
}
shared-network-name LAN1 {
authoritative disable
subnet 192.168.0.0/24 {
default-router 192.168.0.1
dns-server 192.168.0.1
lease 86400
start 192.168.0.100 {
stop 192.168.0.200
}
}
}
}
dns {
forwarding {
cache-size 150
listen-on eth0
listen-on eth0.10
}
}
gui {
http-port 80
https-port 443
older-ciphers enable
}
nat {
rule 5000 {
log disable
outbound-interface eth1
protocol all
type masquerade
}
rule 5001 {
description "Masquerade for pptpc0"
outbound-interface pptpc0
type masquerade
}
rule 5002 {
description "Masquerade for vtun0"
log disable
outbound-interface vtun0
protocol all
type masquerade
}
}
ssh {
port 22
protocol-version v2
}
}
system {
config-management {
commit-revisions 20
}
conntrack {
expect-table-size 2048
hash-size 32768
table-size 262144
}
host-name ubnt
login {
user admin {
authentication {
encrypted-password
plaintext-password ""
}
level admin
}
}
ntp {
}
offload {
hwnat disable
ipsec enable
ipv4 {
forwarding enable
}
ipv6 {
forwarding disable
}
}
time-zone UTC
traffic-analysis {
dpi enable
export enable
}
}
/* Warning: Do not remove the following line. */
/* === vyatta-config-version: "config-management@1:conntrack@1:cron@1:dhcp-relay@1:dhcp-server@4:firewall@5:ipsec@5:nat@3:qos@1:quagga@2:system@4:ubnt-pptp@1:ubnt-util@1:vrrp@1:webgui@1:webproxy@1:zone-policy@1" === */
/* Release version: v1.8.5.4884695.160608.1057 */