how to properly configure openvpn to spoof the ip address?

How to customize and extend your OpenVPN installation.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
DGDays
OpenVpn Newbie
Posts: 2
Joined: Fri Jul 09, 2021 10:16 am

how to properly configure openvpn to spoof the ip address?

Post by DGDays » Fri Jul 09, 2021 10:22 am

I was able to start an openvpn server on my PC and connect a client to it, but I just can't configure it to replace the client's ip with the server's ip. I know that

Code: Select all

push "redirect-gateway def1 bypass-dhcp"
does this, but then the Internet on the client disappears and it is impossible even to ping 8.8.8.8. Can you please tell me what to do about it?

Client config:

Code: Select all

remote 178.44.196.105
client
port 12345

proto tcp4-client
dev tun

tls-client
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
remote-cert-tls server

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\ClientVPN.crt"
key "C:\\Program Files\\OpenVPN\\config\\ClientVPN.key"

cipher AES-128-CBC
comp-lzo

persist-key
persist-tun

verb 3
mute 20
Server config:

Code: Select all

dev-node "ServerVPN"
mode server
port 12345 

proto tcp4-server
dev tun

tls-server
tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ta.key" 0

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"

server 10.10.10.0 255.255.255.0

client-to-client
keepalive 10 120
cipher AES-128-CBC
comp-lzo

persist-key
persist-tun

client-config-dir "C:\\Program Files\\OpenVPN\\config"

verb 3

route-delay 5
route-method exe

push "route 192.168.0.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
route 192.168.182.0 255.255.255.0

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: how to properly configure openvpn to spoof the ip address?

Post by TinCanTech » Fri Jul 09, 2021 12:15 pm

You are using Windblows for your server ..

You could run a VBox Linux VM and it is easier than making Windblows be a server ..

You'll need to read Bebop's post here:
viewforum.php?f=7

DGDays
OpenVpn Newbie
Posts: 2
Joined: Fri Jul 09, 2021 10:16 am

Re: how to properly configure openvpn to spoof the ip address?

Post by DGDays » Fri Jul 09, 2021 5:10 pm

I agree, it's easier, but I can't allocate resources on the VBox in any way...

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: how to properly configure openvpn to spoof the ip address?

Post by openvpn_inc » Sat Jul 10, 2021 2:30 pm

Hello,

There's no suggestion that your server is doing NAT for the VPN packets. The NAT is required unless you have a large enough routable netblock (non-RFC-1918) to use for your VPN.

This is much better documented in GNU/Linux and *BSDs, but Windows can do it also IIUC. I think they call the feature "Internet Connection Sharing."

Please see http://pekster.sdf.org/misc/redirect.png for a good flowchart covering everything you need to check, to get this working.

Good luck, rob0
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

300000
OpenVPN Expert
Posts: 685
Joined: Tue May 01, 2012 9:30 pm

Re: how to properly configure openvpn to spoof the ip address?

Post by 300000 » Mon Jul 12, 2021 3:04 pm

If you cant make it work as you like so here is the picture just do follow and it shoud work as you like.

open your server config and add this line to make static ip for your openvpn network card first.


ip-win32 manual

Image

Post Reply