I can't set up internet access via OpenConnect.From the router where the openconnect client is running, i see only VPS with OCServ
root@OpenWrt:~# traceroute google.comtraceroute to google.com (74.125.131.113), 30 hops max, 46 byte packets 1 192.168.2.1 (192.168.2.1) 44.188 ms 44.073 ms 43.962 ms 2 192.168.0.1 (192.168.0.1) 46.479 ms 46.353 ms 70.473 ms 3 * * *But the ping looks good
root@OpenWrt:~# ping google.comPING google.com (74.125.131.100): 56 data bytes64 bytes from 74.125.131.100: seq=0 ttl=60 time=75.226 ms64 bytes from 74.125.131.100: seq=1 ttl=60 time=74.967 msOn a VPS with OCServ I:
- change /etc/ufw/before.rules
-A ufw-before-forward -s 192.168.2.0/24 -j ACCEPT-A ufw-before-forward -d 192.168.2.0/24 -j ACCEPT-A ufw-before-forward -s 192.168.3.0/24 -j ACCEPT-A ufw-before-forward -d 192.168.3.0/24 -j ACCEPT...*nat:POSTROUTING ACCEPT [0:0]-A POSTROUTING -s 192.168.2.0/24 -o eth0 -j MASQUERADE- change /etc/default/ufw
DEFAULT_OUTPUT_POLICY="ACCEPT"- change /etc/sysctl.conf
net.ipv4.ip_forward = 1net.core.default_qdisc = fqnet.ipv4.tcp_congestion_control = bbr- Next interfaces exists on VPS
~# ip a1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000...2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 54:52:00:51:a6:2f brd ff:ff:ff:ff:ff:ff altname enp0s3 altname ens3 inet 192.168.0.4/24 metric 100 brd 192.168.0.255 scope global dynamic eth0 valid_lft 68037sec preferred_lft 68037sec inet6 fe80::5652:ff:fe51:a62f/64 scope link valid_lft forever preferred_lft forever3: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default ...5: vpns0: <POINTOPOINT,UP,LOWER_UP> mtu 1434 qdisc fq state UNKNOWN group default qlen 500 link/none inet 192.168.2.1 peer 192.168.2.91/32 scope global vpns0 valid_lft forever preferred_lft forever inet6 fe80::937e:4e59:590c:5bc6/64 scope link stable-privacy valid_lft forever preferred_lft foreverTypology of my network:
- home (192.168.3.0/24)
--- wifi/twisted_pair ---
OpenWRT (asus rt-ax53u) (192.168.3.0/24)
OpenConnect Client (192.168.2.0/24)
--- Russian ISP Blocking YouTube ---
OCServ 1.3.0 (192.168.2.0/24)
VPS (192.168.0.4/24)