Sharing openvpn connection over Ethernet..

This forum is for admins who are looking to build or expand their OpenVPN setup.
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
apn3a
OpenVpn Newbie
Posts: 4
Joined: Fri Jan 07, 2011 9:53 pm
Location: Athens-Greece, NY, Boston

Sharing openvpn connection over Ethernet..

Post by apn3a » Sun Apr 10, 2011 8:49 pm

Hi,

so i have successfully setup an openvpn server on my Linux Vps server. i am able to connect trough my computer (win 7 64) to the vpn, and browse everywhere.

My problem is the following: if i connect my tv or any other ethernet device (e.g. my laptop,) and share my internet connection (either via Internet Connection sharing or Network Bridging Wi-Fi and the LAN device connected,) my tv or the laptop won't connect to the internet. My main pc works totally fine, showing the ip of my Linux server.

If i disconnect the vpn, both the tv and my laptop get a connection.

I assume this has to do with iptables and nat on my Linux server. But i can't figure this out.. Is anyone willing to help me?

All i am trying to do is this: any device that connects to my pc via ethernet, i want to be able to use the VPN connection; that is, my main internet connection must route through vpn for all connections and devices that go through my pc.

I would appreciate any guidance here..

User avatar
maikcat
Forum Team
Posts: 4202
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: Sharing openvpn connection over Ethernet..

Post by maikcat » Mon Apr 11, 2011 7:50 am

hi there,

please post configs,ip tables output for start...

Michael.
Amiga 500 , Zx +2 owner
Long live Dino Dini (Kick off 2 Creator)

Inflammable means flammable? (Dr Nick Riviera,Simsons Season13)

"objects in mirror are losing"

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: Sharing openvpn connection over Ethernet..

Post by janjust » Mon Apr 11, 2011 12:04 pm

on which host are you sharing/bridging the internet connection? on the win7 box? then which adapters are bridged/shared?
ICS on Win7 effectively causes Win7 to become a local DHCP server with masquerading - your TV or laptop needs to be assigned an address from the Win7 PC as otherwise this won't work. With bridging you'll run into similar (yet subtly different) issues.

apn3a
OpenVpn Newbie
Posts: 4
Joined: Fri Jan 07, 2011 9:53 pm
Location: Athens-Greece, NY, Boston

Re: Sharing openvpn connection over Ethernet..

Post by apn3a » Mon Apr 11, 2011 6:12 pm

This is my server.conf:

local xxx.xxx.xxx.xxx
port 1194
proto tcp
dev tun
ca /keys/ca.crt
cert /keys/server.crt
key /keys/server.key # This file should be kept secret
dh /keys/dh1024.pem
server 192.168.2.0 255.255.255.0
ifconfig-pool-persist ipp.txt
client-config-dir ccd
route 192.168.1.0 255.255.255.0 #or 192.168.137.0 when using ICS
push "redirect-gateway def1"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
log openvpn.log
verb 3

I also have a client1 file inside the ccd folder which has the following command:

iroute 192.168.1.0 255.255.255.0 #or 192.168.137.0 when using ICS

This is the client.conf (opvpn)

client
dev tun
proto tcp
remote xxx.xxx.xxx.xxx 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client1.crt
key client1.key
ns-cert-type server
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
comp-lzo
verb 3

I have a PC that runs Win 7 64 and is connected to the internet via Wi-Fi. What i try to do is to have that pc connected to the VPN and share its Wi-Fi internet connection to the Ethernet either by Bridging Wi-Fi & LAN (only the device i connect to the pc, not the VPN LAN) or through ICS.

If i bridge Wi-Fi and LAN, Windows automatically creates a 192.168.1.0/24 subnet. If I share Wi-Fi over Ethernet via ICS, i use a 192.168.137.0/24 subnet. Both TV/or laptop are assigned on that subnet. When vpn is off, they have access to the internet.. When on, they don't..

Oh, and my router configuration is on a 192.168.1.0/24 subnet with a 192.168.1.254 gateway.

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: Sharing openvpn connection over Ethernet..

Post by janjust » Mon Apr 11, 2011 6:17 pm

can you try bridging the ethernet + tap-win32 adapter? that way all clients from the LAN should automatically become part of the VPN.

apn3a
OpenVpn Newbie
Posts: 4
Joined: Fri Jan 07, 2011 9:53 pm
Location: Athens-Greece, NY, Boston

Re: Sharing openvpn connection over Ethernet..

Post by apn3a » Mon Apr 11, 2011 6:44 pm

janjust wrote:can you try bridging the ethernet + tap-win32 adapter? that way all clients from the LAN should automatically become part of the VPN.
okay i cant believe it was that.. i feel such a noob. this was the only thing i didnt try. it seems to work, though the internet connection speed is approx 1mbps. is there anything i can do to improve it?

Post Reply