cannot route internet through OpenVPN(UltraVPN)

English Network/Internet
1

Hi

I am new to linux. Using Opensuse 11.1 KDE.

I am trying to setup OpenVPN to use UltraVPN. I am able to establish VPN connection, but internet is not routed through VPN tunnel.

My client.ovpn & server.ovpn files look like this.

client.ovpn:

client
dev tun
proto udp
hand-window 15
remote-random
remote servers443.ultravpn.fr 443
remote servers24.ultravpn.fr 24
remote servers21.ultravpn.fr 21
remote servers54.ultravpn.fr 54
remote servers24.ultravpn.net 24
remote servers443.ultravpn.net 443
resolv-retry infinite
nobind
#redirect-gateway

Try to preserve some state across restarts.

persist-key
persist-tun
ca ca.crt

Enable compression on the VPN link.

Don’t enable this unless it is also

enabled in the server config file.

comp-lzo

Set log file verbosity.

verb 3
auth-user-pass

server.ovpn:

local aaa.aaa.aaa.aaa
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp-aaa.txt
push “route 192.168.10.0 255.255.255.0”
push “route 192.168.20.0 255.255.255.0”
push “redirect-gateway local def1”
keepalive 10 120
route 192.168.10.0 255.255.255.0
push “dhcp-option DNS 208.67.222.222”
push “dhcp-option DNS 208.67.220.220”
client-to-client
keepalive 10 120
max-clients 100
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status-aaa.log
verb 3

Terminal output for OpenVPN connection:

linux-e2me:/etc/openvpn # openvpn --config client.ovpn --ca ca.crt
Fri Jul 24 15:46:03 2009 OpenVPN 2.0.9 i586-suse-linux [SSL] [LZO] [EPOLL] built on Dec 3 2008
Enter Auth Username:hideipuser
Enter Auth Password:
Fri Jul 24 15:46:15 2009 IMPORTANT: OpenVPN’s default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Jul 24 15:46:15 2009 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Jul 24 15:46:15 2009 LZO compression initialized
Fri Jul 24 15:46:15 2009 Control Channel MTU parms L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Jul 24 15:46:16 2009 Data Channel MTU parms L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Jul 24 15:46:16 2009 Local Options hash (VER=V4): ‘41690919’
Fri Jul 24 15:46:16 2009 Expected Remote Options hash (VER=V4): ‘530fdded’
Fri Jul 24 15:46:16 2009 UDPv4 link local: [undef]
Fri Jul 24 15:46:16 2009 UDPv4 link remote: 208.67.217.132:21
Fri Jul 24 15:46:31 2009 TLS Error: TLS key negotiation failed to occur within 15 seconds (check your network connectivity)
Fri Jul 24 15:46:31 2009 TLS Error: TLS handshake failed
Fri Jul 24 15:46:31 2009 TCP/UDP: Closing socket
Fri Jul 24 15:46:31 2009 SIGUSR1[soft,tls-error] received, process restarting
Fri Jul 24 15:46:31 2009 Restart pause, 2 second(s)
Fri Jul 24 15:46:33 2009 IMPORTANT: OpenVPN’s default port number is now 1194, based on an official port number assignment by IANA. OpenVPN 2.0-beta16 and earlier used 5000 as the default port.
Fri Jul 24 15:46:33 2009 WARNING: No server certificate verification method has been enabled. See http://openvpn.net/howto.html#mitm for more info.
Fri Jul 24 15:46:33 2009 Re-using SSL/TLS context
Fri Jul 24 15:46:33 2009 LZO compression initialized
Fri Jul 24 15:46:33 2009 Control Channel MTU parms L:1542 D:138 EF:38 EB:0 ET:0 EL:0 ]
Fri Jul 24 15:46:34 2009 RESOLVE: NOTE: servers24.ultravpn.fr resolves to 2 addresses, choosing one by random
Fri Jul 24 15:46:34 2009 Data Channel MTU parms L:1542 D:1450 EF:42 EB:135 ET:0 EL:0 AF:3/1 ]
Fri Jul 24 15:46:34 2009 Local Options hash (VER=V4): ‘41690919’
Fri Jul 24 15:46:34 2009 Expected Remote Options hash (VER=V4): ‘530fdded’
Fri Jul 24 15:46:34 2009 UDPv4 link local: [undef]
Fri Jul 24 15:46:34 2009 UDPv4 link remote: 87.98.181.223:24
Fri Jul 24 15:46:34 2009 TLS: Initial packet from 87.98.181.223:24, sid=51d7b0cd c1f213a6
Fri Jul 24 15:46:38 2009 VERIFY OK: depth=1, /C=FR/ST=NA/L=BISHKEK/O=OpenVPN-TEST/CN=ludwig/emailAddress=me@myhost.mydomain
Fri Jul 24 15:46:38 2009 VERIFY OK: depth=0, /C=FR/ST=NA/O=OpenVPN-TEST/CN=ludwig/emailAddress=me@myhost.mydomain
Fri Jul 24 15:46:41 2009 Data Channel Encrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
Fri Jul 24 15:46:41 2009 Data Channel Encrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Fri Jul 24 15:46:41 2009 Data Channel Decrypt: Cipher ‘BF-CBC’ initialized with 128 bit key
Fri Jul 24 15:46:41 2009 Data Channel Decrypt: Using 160 bit message hash ‘SHA1’ for HMAC authentication
Fri Jul 24 15:46:41 2009 Control Channel: TLSv1, cipher TLSv1/SSLv3 DHE-RSA-AES256-SHA, 1024 bit RSA
Fri Jul 24 15:46:41 2009 [ludwig] Peer Connection Initiated with 87.98.181.223:24
Fri Jul 24 15:46:42 2009 SENT CONTROL [ludwig]: ‘PUSH_REQUEST’ (status=1)
Fri Jul 24 15:46:42 2009 PUSH: Received control message: ‘PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 94.23.39.201,dhcp-option DNS 213.251.133.164,route 10.8.0.1,topology net30,ping 10,ping-restart 120,ifconfig 10.8.157.122 10.8.157.121’
Fri Jul 24 15:46:42 2009 Options error: unknown --redirect-gateway flag: bypass-dhcp
Fri Jul 24 15:46:42 2009 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:5: topology (2.0.9)
Fri Jul 24 15:46:42 2009 OPTIONS IMPORT: timers and/or timeouts modified
Fri Jul 24 15:46:42 2009 OPTIONS IMPORT: --ifconfig/up options modified
Fri Jul 24 15:46:42 2009 OPTIONS IMPORT: route options modified
Fri Jul 24 15:46:42 2009 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Fri Jul 24 15:46:42 2009 TUN/TAP device tun0 opened
Fri Jul 24 15:46:42 2009 /bin/ip link set dev tun0 up mtu 1500
Fri Jul 24 15:46:42 2009 /bin/ip addr add dev tun0 local 10.8.157.122 peer 10.8.157.121
Fri Jul 24 15:46:42 2009 /bin/ip route add 10.8.0.1/32 via 10.8.157.121
Fri Jul 24 15:46:42 2009 Initialization Sequence Completed

I could not trace where am I going wrong?

Has anyone established UltraVPN connection successfully in Opensuse 11.1?

Please help. Thanks in advance.