OpenVPN with local Internet for Clients

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
sumitsrjhs
OpenVpn Newbie
Posts: 4
Joined: Thu Jan 27, 2022 9:15 am

OpenVPN with local Internet for Clients

Post by sumitsrjhs » Thu Jan 27, 2022 9:19 am

Hi

I am installed OpenVPN Server on ubuntu 18.04
Its working fine. My problem is that i don't want to use Server's Internet bandwidth to the clients.

Clients should use their own internet bandwidth while working with VPN.
Please suggest

My Server configuration is

Server Config

port 1194
proto udp
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway def1 bypass-dhcp"
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_C6AObMPKYikooCsP.crt
key server_C6AObMPKYikooCsP.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1333
Joined: Tue Feb 16, 2021 10:41 am

Re: OpenVPN with local Internet for Clients

Post by openvpn_inc » Thu Jan 27, 2022 9:31 pm

sumitsrjhs wrote:
Thu Jan 27, 2022 9:19 am
Hi

I am installed OpenVPN Server on ubuntu 18.04
Its working fine. My problem is that i don't want to use Server's Internet bandwidth to the clients.

Clients should use their own internet bandwidth while working with VPN.
Please suggest

My Server configuration is

Server Config

--snip--
push "redirect-gateway def1 bypass-dhcp"
--snip--
Hi Sum,

Why are you pushing --redirect-gateway if you don't want to redirect the gateway?

Did you not follow the official HOWTO?

regards, rob0
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

sumitsrjhs
OpenVpn Newbie
Posts: 4
Joined: Thu Jan 27, 2022 9:15 am

Re: OpenVPN with local Internet for Clients

Post by sumitsrjhs » Fri Jan 28, 2022 5:37 am

HI

Thanks for your prompt reply.
As per your suggestion I have changed my configuration but still while checking internet from whatismyip.com its VPN Server's WAN IP instead of client's WAN IP.

Please suggest

Server Config

port 1194
proto udp
dev tun
user nobody
group nogroup
persist-key
persist-tun
keepalive 10 120
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
dh none
ecdh-curve prime256v1
tls-crypt tls-crypt.key
crl-verify crl.pem
ca ca.crt
cert server_C6AObMPKYikooCsP.crt
key server_C6AObMPKYikooCsP.key
auth SHA256
cipher AES-128-GCM
ncp-ciphers AES-128-GCM
tls-server
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3
push "route a.b.c.d 255.255.255.0"
push "route e.f.g.h 255.255.0.0"

TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: OpenVPN with local Internet for Clients

Post by TinCanTech » Fri Jan 28, 2022 5:49 am

Reboot your client.

sumitsrjhs
OpenVpn Newbie
Posts: 4
Joined: Thu Jan 27, 2022 9:15 am

Re: OpenVPN with local Internet for Clients

Post by sumitsrjhs » Fri Jan 28, 2022 9:18 am

HI

Also after rebooting, my VPN subnets are reachable but Internet is not working on clients.
Please suggest

Thanks

sumitsrjhs
OpenVpn Newbie
Posts: 4
Joined: Thu Jan 27, 2022 9:15 am

Re: OpenVPN with local Internet for Clients

Post by sumitsrjhs » Fri Jan 28, 2022 9:58 am

Hi

I resolved this issue. Issue was due to block-outside-dns.
Thanks For your help

Post Reply