I have an OpenVPN server and a client, and I want to use this tunnel to access not only 10.0.8.0/24 but the whole internet. So far, pinging the server from the client through the tun0 interface works, and vice versa.

However, pinging www.google.com from the client through tun0 doesn’t work (all packets are lost).

I figured that I should configure the server so that any packet coming from tun0 in destination of the internet be forwarded, so I came up with this iptables config line:

interface_connecting_to_the_internet='eth0'
interface_openvpn='tun0'
internet_ip_address=`ifconfig "$interface_connecting_to_the_internet" | sed -n s'/.*inet \([0-9.]*\).*/\1/p'`

iptables -t nat -A POSTROUTING -o "${interface_connecting_to_the_internet}" -j SNAT --to-source "${internet_ip_address}"
echo '1' > /proc/sys/net/ipv4/ip_forward

Yet, this doesn’t work, the packets are still lost and I am wondering what could possibly be wrong with my setup.

Some details:

ip route gives on the server:

default via 176.31.127.254 dev eth0  metric 3 
10.8.0.0/24 via 10.8.0.2 dev tun0 
10.8.0.2 dev tun0  proto kernel  scope link  src 10.8.0.1 
127.0.0.0/8 via 127.0.0.1 dev lo 
176.31.127.0/24 dev eth0  proto kernel  scope link  src 176.31.127.109 

ip route gives on the client:

default via 192.168.1.1 dev wlan0  proto static 
10.8.0.1 via 10.8.0.5 dev tun0 
10.8.0.5 dev tun0  proto kernel  scope link  src 10.8.0.6 
127.0.0.0/8 via 127.0.0.1 dev lo  scope link 
192.168.1.0/24 dev wlan0  proto kernel  scope link  src 192.168.1.109 

• client uses wifi adapter wlan0 and TUN adapter tun0.
• server uses ethernet adapter eth0 and TUN adapter tun0.

• the VPN spans on 10.0.8.0/24

• both client and linux are using Linux 3.6.1.