How do I route my internet connection from my pc through my VPS using OpenVPN

gowtham101

I am using BuyVM's VPS.

I set up OpenVPN in both the client and my server, but my internet connection is not routed through my VPN, why ?

My Linux routing table

Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0 10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0 default * 0.0.0.0 U 0 0 0 venet0

Windows OpenVPN config

client remote ************** port 1194 proto tcp dev tun dev-type tun ns-cert-type server reneg-sec 86400

auth-retry interact comp-lzo verb 3 ca ca.crt cert client1.crt key cert.key auth-retry interact

My server config

http://pastebin.com/Ts0shmD0

TheHackBox

add

redirect-gateway def1

to the windows openvpn config :)

HalfEatenPie

Also check if tun/tap has been enabled in SolusVM.

Oh and follow what @TheHackBox said.

gowtham101

@TheHackBox LIFESAVER !! OMG THANK YOU !!!

Jack

@gowtham101 said: I am using BuyVM's VPS.

@HalfEatenPie said: SolusVM

...

HalfEatenPie

Haha yeah my bad. Should of paid more attention. Stallion I think has tun/tap already enabled

BoGs

Do not forget the following in your rc.local

Accept connections on 1194 for vpn access from clients

Take note that the rule says "UDP", and ensure that your OpenVPN server.conf says UDP too

# iptables -A INPUT -p udp --dport 1194 -j ACCEPT

#

Apply forwarding for OpenVPN Tunneling

# iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT iptables -A FORWARD -j REJECT iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

#

Enable forwarding

echo 1 > /proc/sys/net/ipv4/ip_forward

ErawanArifNugroho

Let me share my openvpn.conf / server :

local xxx.xxx.xxx.xxx
port 1194
proto udp
dev tun
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
ca ca.crt
cert server.crt
key server.key
dh dh1024.pem
plugin /etc/openvpn/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 10.8.0.0 255.255.255.0
push "redirect-gateway def1"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 4.2.2.1"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status 1194.log
verb 3

And the VPNConfig.ovpn / client :

client
dev tun
proto udp #- protocol
remote xxx.xxx.xxx.xxx 1194
resolv-retry infinite
nobind
tun-mtu 1500
tun-mtu-extra 32
mssfix 1450
persist-key
persist-tun
ca ca.crt
auth-user-pass
comp-lzo
verb 3

Create the user and password for loging into the vpn server

# useradd username -s /bin/false

bdtech

Could also use squid through vpn and set it in chrome browser as the web proxy.

ErawanArifNugroho

Yes, and use Squid 3 if the server is having working IPv6 to surf the IPv6 website

yomero

@BoGs

o.O Too much iptables rules, you just need... two of them

And btw, ages ago that I haven't seen a distro with the ip_forward disabled.