I am unable to arrange web entry through OpenConnect.
From the router the place the openconnect shopper is working, i see solely VPS with OCServ
root@OpenWrt:~# traceroute google.com
traceroute to google.com (74.125.131.113), 30 hops max, 46 byte packets
1 192.168.2.1 (192.168.2.1) 44.188 ms 44.073 ms 43.962 ms
2 192.168.0.1 (192.168.0.1) 46.479 ms 46.353 ms 70.473 ms
3 * * *
However the ping seems good
root@OpenWrt:~# ping google.com
PING google.com (74.125.131.100): 56 information bytes
64 bytes from 74.125.131.100: seq=0 ttl=60 time=75.226 ms
64 bytes from 74.125.131.100: seq=1 ttl=60 time=74.967 ms
On a VPS with OCServ I:
- change /and so forth/ufw/earlier than.guidelines
-A ufw-before-forward -s 192.168.2.0/24 -j ACCEPT
-A ufw-before-forward -d 192.168.2.0/24 -j ACCEPT
-A ufw-before-forward -s 192.168.3.0/24 -j ACCEPT
-A ufw-before-forward -d 192.168.3.0/24 -j ACCEPT
...
*nat
:POSTROUTING ACCEPT [0:0]
-A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE
DEFAULT_OUTPUT_POLICY="ACCEPT"
web.ipv4.ip_forward = 1
web.core.default_qdisc = fq
web.ipv4.tcp_congestion_control = bbr
- Subsequent interfaces exists on VPS
~# ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
...
2: eth0: mtu 1500 qdisc fq_codel state UP group default qlen 1000
hyperlink/ether 54:52:00:51:a6:2f brd ff:ff:ff:ff:ff:ff
altname enp0s3
altname ens3
inet 192.168.0.4/24 metric 100 brd 192.168.0.255 scope world dynamic eth0
valid_lft 68037sec preferred_lft 68037sec
inet6 fe80::5652:ff:fe51:a62f/64 scope hyperlink
valid_lft ceaselessly preferred_lft ceaselessly
3: docker0: mtu 1500 qdisc noqueue state DOWN group default
...
5: vpns0: mtu 1434 qdisc fq state UNKNOWN group default qlen 500
hyperlink/none
inet 192.168.2.1 peer 192.168.2.91/32 scope world vpns0
valid_lft ceaselessly preferred_lft ceaselessly
inet6 fe80::937e:4e59:590c:5bc6/64 scope hyperlink stable-privacy
valid_lft ceaselessly preferred_lft ceaselessly
Typology of my community:
— wifi/twisted_pair —
— Russian ISP Blocking YouTube —