Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How do I route my internet connection from my pc through my VPS using OpenVPN
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How do I route my internet connection from my pc through my VPS using OpenVPN

gowtham101gowtham101 Member
edited August 2012 in Help

I am using BuyVM's VPS.

I set up OpenVPN in both the client and my server, but my internet connection is not routed through my VPN, why ?

My Linux routing table

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
default * 0.0.0.0 U 0 0 0 venet0

Windows OpenVPN config

client
remote **************
port 1194
proto tcp
dev tun
dev-type tun
ns-cert-type server
reneg-sec 86400

auth-retry interact
comp-lzo
verb 3
ca ca.crt
cert client1.crt
key cert.key
auth-retry interact

My server config

http://pastebin.com/Ts0shmD0

Comments

  • TheHackBoxTheHackBox Member
    edited August 2012

    add

    redirect-gateway def1

    to the windows openvpn config :)

    Thanked by 1gowtham101
  • Also check if tun/tap has been enabled in SolusVM.

    Oh and follow what @TheHackBox said.

    Thanked by 1gowtham101
  • @TheHackBox LIFESAVER !! OMG THANK YOU !!!

    Thanked by 1TheHackBox
  • Haha yeah my bad. Should of paid more attention. Stallion I think has tun/tap already enabled

  • BoGsBoGs Member

    Do not forget the following in your rc.local

    Accept connections on 1194 for vpn access from clients

    Take note that the rule says "UDP", and ensure that your OpenVPN server.conf says UDP too

    #
    iptables -A INPUT -p udp --dport 1194 -j ACCEPT

    >

    #

    Apply forwarding for OpenVPN Tunneling

    #
    iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
    iptables -A FORWARD -j REJECT
    iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

    >

    #

    Enable forwarding

    echo 1 > /proc/sys/net/ipv4/ip_forward

  • Let me share my openvpn.conf / server :

    local xxx.xxx.xxx.xxx
    port 1194
    proto udp
    dev tun
    tun-mtu 1500
    tun-mtu-extra 32
    mssfix 1450
    ca ca.crt
    cert server.crt
    key server.key
    dh dh1024.pem
    plugin /etc/openvpn/openvpn-auth-pam.so /etc/pam.d/login
    client-cert-not-required
    username-as-common-name
    server 10.8.0.0 255.255.255.0
    push "redirect-gateway def1"
    push "dhcp-option DNS 208.67.222.222"
    push "dhcp-option DNS 4.2.2.1"
    keepalive 5 30
    comp-lzo
    persist-key
    persist-tun
    status 1194.log
    verb 3

    And the VPNConfig.ovpn / client :

    client
    dev tun
    proto udp #- protocol
    remote xxx.xxx.xxx.xxx 1194
    resolv-retry infinite
    nobind
    tun-mtu 1500
    tun-mtu-extra 32
    mssfix 1450
    persist-key
    persist-tun
    ca ca.crt
    auth-user-pass
    comp-lzo
    verb 3
    

    Create the user and password for loging into the vpn server

    # useradd username -s /bin/false
    
  • Could also use squid through vpn and set it in chrome browser as the web proxy.

  • Yes, and use Squid 3 if the server is having working IPv6 to surf the IPv6 website

  • @BoGs

    o.O Too much iptables rules, you just need... two of them

    And btw, ages ago that I haven't seen a distro with the ip_forward disabled.

Sign In or Register to comment.