TOCICI

What is OpenVPN

OpenVPN is a free and open source virtual private network (VPN) program designed for creating point-to-point and/or server-to-multiclient encrypted tunnels between computers of varying platforms; Linux, Mac OS & Windows.

More details regarding our support of OpenVPN can be found on the TUN/TAP devices page.

MASQUERADE vs SNAT

Many internet resources will instruct you to use the masquerade feature for routing OpenVPN traffic. However, the iptables MASQUERADE function isn't virtualized under the OpenVZ kernel. Using SNAT will achieve the same results.

Typically, you would use following:

iptables -t nat -A POSTROUTING -o venet0 -j MASQUERADE
iptables -A FORWARD -i venet0 -o tun0 -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i tun0 -o venet0 -j ACCEPT

The SNAT (or DNAT) method:

iptables -t nat -A POSTROUTING -o venet0 -j SNAT –to $VPS_STATIC_IP
iptables -A FORWARD -i venet0 -o tun0 -m state –state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i tun0 -o venet0 -j ACCEPT

Change $VPS_STATIC_IP to your REAL VPS Internet IP.