OpenVPN on Xen DomU

To: debian-user@lists.debian.org
Subject: OpenVPN on Xen DomU
From: Denis Witt <denis.witt@concepts-and-training.de>
Date: Tue, 21 Oct 2014 14:51:41 +0200
Message-id: <[🔎] 20141021145141.591d6ee3@X200>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hi list,

yay, some non systemd related traffic. ;)

I try to migrate an OpenVPN-Server/Gateway to a Xen DomU (old config is
working fine). Connection to the VPN works fine, routing doesn't.

On the old machine (bare metal) I used:

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

On the DomU this doesn't seem to work anymore, so I tried:

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source
<PUBLIC_VPN_IP>

But it didn't work either.

The DomU network interface is a bridge in Dom0.

Any hints?

TIA!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJURlbdAAoJELB26T3daKAJe+gQAIw25XcHRHb/o69VNOsDtZYD
7BAUBUiSS51wS6tgtdzYRivm+ExqMeB1GkAvgsXLnOKEDbTQb2h8T0Yo+gnl7pmf
7uyw21UeFdPOdI8cm7cCJWpanu0u5YmOfcU4AfDAyMyqk8ed+K+TZs8dRLQSUOXe
VPyaHadlRji/DmKvwGmEXiZh9e66P9Q/pl9sAWMfMFiAWIUEryaC15hCloPL35Xb
8oAhOqv5hnUw/KtktcLnVa6t49hbBdT+GquSAnFrjV/2BBYnkAbkgAfmrCjBcXrb
IzHfv3pGYm7D9jDKvrl9wZIjKL2+mtaH/4q6IA0fxuRRdsvid8u2X0wipRC/8siE
sy8T1EJfKXp9QjVkeM3q4vldB92+xAxcytpjZxyNGg8WvB/hhHFxhKk/mw8KL+K3
8HkKY1JheWSB8qWsfBHtZe/R0zpoa0lw/0aNLfLEe6lQXBV7ruaVc4hohBKCuEXq
QOTEmjICgc6UMZgnLmVJYo14fnxpuncFKV0Q+IkgEmSmSGSq4aChzefHZEgvEynM
vSFuIjlXN/Z2sRUi9Lrzp2NmU6HjD2fjFxvyth6BSNfNHE0OKJQsWUPsQq8ck/lE
V1PdQpwwf7DBBJ28zvbtkp5FeKY30dMyjg24aF8l+8zJmzBrrrXx+9WWWNnN9HgV
83laCecUJmLwQE4xURq8
=mvbn
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: OpenVPN on Xen DomU
  - From: Henning Follmann <hfollmann@itcfollmann.com>

Prev by Date: Re: Debian fork
Next by Date: Re: Debian wheezy libvirt+virt-manager very slow performence.
Previous by thread: Re: To torpedo Debian and leave RHEL as the only stable option.
Next by thread: Re: OpenVPN on Xen DomU
Index(es):
- Date
- Thread