You can't connect to a VPN on your Pi if your firewall blocks access. Your Pi came with a built-in firewall. We need to open the necessary ports on your Pi.
Create a script named /etc/openvpn/firewall-rules.sh. Make it contain this:
#!/bin/sh iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE iptables -t nat -A POSTROUTING -s 10.16.0.0/24 -o eth0 -j MASQUERADE echo "firewall-rules.sh executed" > /tmp/firewall-rules.sh.log
You don't really need that echo statement, but if your VPN doesn't work, you'll want to check the timestamp on /tmp/firewall-rules.sh.log to see if the script got executed.
Set proper permissions:
sudo chmod 744 /etc/openvpn/firewall-rules.sh sudo chown root /etc/openvpn/firewall-rules.sh
As root, edit /etc/network/interfaces and put this line BEFORE "iface eth0...". Do not indent it.
As root, edit /etc/network/interfaces, and append this line after the "iface eth0..." line, indented 4 spaces:
Allow packet forwarding by editing /etc/sysctl.conf and un-commenting this line:
Commit the packet forwarding changes by running:
sudo sysctl -p
Start your server with the command below. I think this also causes it to auto-start at boot. Note that "server1" must match up with the "server1.conf" file in /etc/openvpn:
sudo systemctl start email@example.com
Reboot your Pi.