On Sun, May 10, 2020 at 07:43:32AM -0000, Geoff Jankowski wrote:
I have two servers, both set up (bar names) identically. Both are on
VPS, one uses the host dhcp setting for interfaces and dns, the other
uses its own dns server and network interface settings.
I have duplicated iptables.up.rules on both server so I am reasonably
confident that is not the issue. From my client Mac I can connect to
both VPN servers. One works perfectly, the other does not as it stops
all internet traffic with the occasional message (on whatsmyip for
example) cannot resolve host.
I think my OpenVPN setup is fine and it is an underlying network issue
causing the problem but I am not experienced enough to find or even
understand it! So I am posting the problematic details to see if
anyone can offer some guidance.
TO be clear, I did not generate these iptables. They were generated
by firewalld or the server or both will some intervention by me, i.e.,
masquerading and I am not a firewall expert! I am happy to simplify
them if it can be done but the most important item is to understand
why it works on one server but not the other.
It's unclear to me where you suspect the issue is, but since you're
emailing a firewalld list I'm going to presume firewalld. :)
The first thing you should do in enable --set-log-denied to where or if
firewalld is dropping packets.
# firewall-cmd --set-log-denied=all
Then check dmesg after you start experiencing issues.
E.