OpenVPN / VirtualBox — почему нет интернета на клиенте с redirect-gateway?

Question

[Chainsaw2100]

Здравствуйте.
Есть 2 виртуальных машины Ubuntu, между ними установлена "внутренняя сеть", у одной еще есть NAT для интернета с хоста.
Настроен VPN, который коннектится и пингуется.
Однако интернета на клиенте нет.
net.ipv4.ip_forward = 1
server.conf - https://pastebin.com/5PbfT4b8
client.conf - https://pastebin.com/fjVK3KaV (redirect-gateway не влияет, dhcp-option DNS 8.8.8.8 не помогло)
serv iptables -L

spoiler

chain2@astra:/etc/openvpn$ sudo iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ufw-before-logging-input all -- anywhere anywhere
ufw-before-input all -- anywhere anywhere
ufw-after-input all -- anywhere anywhere
ufw-after-logging-input all -- anywhere anywhere
ufw-reject-input all -- anywhere anywhere
ufw-track-input all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere
ufw-before-logging-forward all -- anywhere anywhere
ufw-before-forward all -- anywhere anywhere
ufw-after-forward all -- anywhere anywhere
ufw-after-logging-forward all -- anywhere anywhere
ufw-reject-forward all -- anywhere anywhere
ufw-track-forward all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ufw-before-logging-output all -- anywhere anywhere
ufw-before-output all -- anywhere anywhere
ufw-after-output all -- anywhere anywhere
ufw-after-logging-output all -- anywhere anywhere
ufw-reject-output all -- anywhere anywhere
ufw-track-output all -- anywhere anywhere

Chain ufw-after-forward (1 references)
target prot opt source destination

Chain ufw-after-input (1 references)
target prot opt source destination

Chain ufw-after-logging-forward (1 references)
target prot opt source destination

Chain ufw-after-logging-input (1 references)
target prot opt source destination

Chain ufw-after-logging-output (1 references)
target prot opt source destination

Chain ufw-after-output (1 references)
target prot opt source destination

Chain ufw-before-forward (1 references)
target prot opt source destination

Chain ufw-before-input (1 references)
target prot opt source destination

Chain ufw-before-logging-forward (1 references)
target prot opt source destination

Chain ufw-before-logging-input (1 references)
target prot opt source destination

Chain ufw-before-logging-output (1 references)
target prot opt source destination

Chain ufw-before-output (1 references)
target prot opt source destination

Chain ufw-reject-forward (1 references)
target prot opt source destination

Chain ufw-reject-input (1 references)
target prot opt source destination

Chain ufw-reject-output (1 references)
target prot opt source destination

Chain ufw-track-forward (1 references)
target prot opt source destination

Chain ufw-track-input (1 references)
target prot opt source destination

Chain ufw-track-output (1 references)
target prot opt source destination

serv ifconfig eth0 - между машинами, eth1 - интернет

spoiler

eth0: flags=4163 mtu 1500
inet 192.168.1.19 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::39e2:cad3:beb0:9f27 prefixlen 64 scopeid 0x20
ether 08:00:27:6a:90:7a txqueuelen 1000 (Ethernet)
RX packets 2059 bytes 267685 (261.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1989 bytes 255321 (249.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

eth1: flags=4163 mtu 1500
inet 10.0.3.15 netmask 255.255.255.0 broadcast 10.0.3.255
inet6 fe80::344d:bd21:8176:f714 prefixlen 64 scopeid 0x20
ether 08:00:27:00:3e:db txqueuelen 1000 (Ethernet)
RX packets 15252 bytes 12775906 (12.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 8752 bytes 1402738 (1.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
loop txqueuelen 1000 (Local Loopback)
RX packets 169 bytes 17240 (16.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 169 bytes 17240 (16.8 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

tun0: flags=4305 mtu 1500
inet 10.8.0.1 netmask 255.255.255.255 destination 10.8.0.2
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 200 bytes 12848 (12.5 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 12 bytes 1674 (1.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

serv iptables -nvL -t nat

spoiler

Chain PREROUTING (policy ACCEPT 188 packets, 11290 bytes)
pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 3 packets, 190 bytes)
pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 27 packets, 2272 bytes)
pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 2 packets, 276 bytes)
pkts bytes target prot opt in out source destination
190 14064 MASQUERADE all -- * eth1 0.0.0.0/0 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0
0 0 MASQUERADE all -- * eth1 10.8.0.0/24 0.0.0.0/0

route с клиента (извините, что не текстом)

ifconfig с клиента


tracert с клиента


DNS в server.conf вроде выставлен
Спасибо

Answer 1

[Chainsaw2100]

Не был установлен DNS у клиента