1
2
Here is my brief setup:
- Xbox360
- Raspberry PI 2 running ArchLinuxARM (alarm)
- The raspberry pi's main ethernet port has a cable connecting directly to my main router
- The xbox has a cross-over cable connected to a ethernet-to-usb on the raspberry pi
- I am using the openvpn systemd service (which creates the
tun0
device)
I have purchased a VPN account, and wanted to route my xbox 360 traffic through it. After doing research, I was able to get my xbox using my raspberry pi as a router. My raspberry pi connects to the network/internet via eth0
, and has a cross-over cable connected to my xbox via eth1
.
eth0
has a static ip to 10.0.0.31
, eth1
has a static ip of 10.0.1.100
, and the xbox has a static ip of 10.0.1.101
.
Here is my iptables config:
# Generated by iptables-save v1.4.21 on Mon Apr 6 00:37:36 2015
*filter
:INPUT ACCEPT [91:6512]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [45:4220]
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth1 -o eth0 -j ACCEPT
-A FORWARD -d 10.0.1.101/32 -i eth0 -p tcp -m tcp --dport 3074 -j ACCEPT
-A FORWARD -d 10.0.1.101/32 -i eth0 -p udp -m multiport --dports 88,3074 -j ACCEPT
COMMIT
# Completed on Mon Apr 6 00:37:36 2015
# Generated by iptables-save v1.4.21 on Mon Apr 6 00:37:36 2015
*nat
:PREROUTING ACCEPT [8:3607]
:INPUT ACCEPT [2:144]
:OUTPUT ACCEPT [1:86]
:POSTROUTING ACCEPT [2:146]
-A PREROUTING -i eth0 -p tcp -m tcp --dport 3074 -j DNAT --to-destination 10.0.1.101
-A PREROUTING -i eth0 -p udp -m multiport --ports 88,3074 -j DNAT --to-destination 10.0.1.101
-A POSTROUTING -o eth0 -j MASQUERADE
COMMIT
# Completed on Mon Apr 6 00:37:36 2015
My xbox configuration is (using google dns, by the way):
- IP Settings: Manual
- IP Address:
10.0.1.101
- Subnet Mask:
255.255.255.0
- Gateway:
10.0.1.100
- DNS Settings: Manual
- Primary:
8.8.8.8
- Secondary:
8.8.4.4
This works perfectly fine when my VPN connection is off.
When I turn my openvpn service on, the xbox will no longer connect to the internet (stating a DNS error), however, the raspberry pi is still able to surf the internet, and I can confirm that I am being successfully routed through my VPN.
When the VPN is off, the xbox connects fine to the internet and works as expected.
I'm not familiar enough with ip tables and this general routing set up to know if logs are being generated, if the issue is my iptables config, the xbox, or something else.
Any ideas how to resolve this?
Update:
I have connected another linux laptop (which is using NetworkManager, if that matters) to eth1
, with the following configuration:
- IPv4 Method: Manual
- DNS Servers:
10.0.0.1
- IP Address:
10.0.1.101
- Netmask:
255.255.255.0
- Gateway:
10.0.1.100
When the vpn connection is off, I am able to use the internet fine. When the vpn is turned on, I can access the LAN fine (and can even ssh into the raspberry pi using it's 10.0.0.31
ip address), however, DNS is not working, and I also can't ping external addresses.
Is there any set of logs I should be setting a tail on to see exactly what's happening?
Update #2:
I am using this arch linux package for OpenVPN profiles, and have a file configured for automatic login. I noticed that it fires a script that modifies resolv.conf in some way, which might be doing something.
You could try to replace the xbox with another computer. You'll hopefully get the same error but it's probably easier to get debugging info out of a computer than the xbox. – Nifle – 2015-04-06T06:52:49.773
Hey, I tried your suggestion, is there any sort of log file I should be watching? – OzBarry – 2015-04-06T15:25:22.680
Do you have to use a raspberry pi? This would be a lot easier if using something like ddwrt on a router. You wouldn't need a crossover cable either. – spuder – 2015-04-11T16:36:52.847
If I had a spare router that could run ddwrt, I wouldn't have asked the question to begin with. – OzBarry – 2015-04-12T18:08:45.930