This issue has nothing to do with scripts. I run no scripts and I still have that problem. Its purely an iptables/config. I'm having working ovpn configs both for server and for clients but I cant find a way to use them since the server always reloads its own config even when I'm using service stop_vpnserver1 and service start_vpnserver1.
Atm, my bet is with the iptables rules. There are just many rules already setup on the router and I'm not that sure which is causing our trouble.
I think so! iptables -L -n says:
As sample, <LOCAL IP>/24 = 192.168.1.0/24.
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- 0.0.0.0/0 <LOCAL IP>/24
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1866
DROP all -- 0.0.0.0/0 <LOCAL IP>/24
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
logdrop all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
PTCSRVWAN all -- 0.0.0.0/0 0.0.0.0/0
PTCSRVLAN all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state NEW
OVPN all -- 0.0.0.0/0 0.0.0.0/0 state NEW
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0
logdrop all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP)
target prot opt source destination
DROP all -- 0.0.0.0/0 <LOCAL IP>/24
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
DROP all -- 0.0.0.0/0 <LOCAL IP>/24
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
logdrop all -- 0.0.0.0/0 0.0.0.0/0
logdrop all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
SECURITY all -- 0.0.0.0/0 0.0.0.0/0
NSFW all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate DNAT
OVPN all -- 0.0.0.0/0 0.0.0.0/0 state NEW
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain ACCESS_RESTRICTION (0 references)
target prot opt source destination
Chain FUPNP (0 references)
target prot opt source destination
Chain INPUT_ICMP (0 references)
target prot opt source destination
Chain NSFW (1 references)
target prot opt source destination
Chain OVPN (2 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain PControls (0 references)
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain PTCSRVLAN (1 references)
target prot opt source destination
Chain PTCSRVWAN (1 references)
target prot opt source destination
Chain SECURITY (1 references)
target prot opt source destination
RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x02 limit: avg 1/sec burst 5
logdrop tcp -- 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x02
RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x04 limit: avg 1/sec burst 5
logdrop tcp -- 0.0.0.0/0 0.0.0.0/0 tcpflags: 0x17/0x04
RETURN icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8 limit: avg 1/sec burst 5
logdrop icmp -- 0.0.0.0/0 0.0.0.0/0 icmptype 8
RETURN all -- 0.0.0.0/0 0.0.0.0/0
Chain default_block (0 references)
target prot opt source destination
Chain logaccept (0 references)
target prot opt source destination
LOG all -- 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix "ACCEPT "
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
Chain logdrop (7 references)
target prot opt source destination
LOG all -- 0.0.0.0/0 0.0.0.0/0 state NEW LOG flags 7 level 4 prefix "DROP "
DROP all -- 0.0.0.0/0 0.0.0.0/0