I connect fine over OpenVPN to the Synology VPN server however internet traffic does not pass through the VPN.
The OpenVPN Read Me instructions suggest deleting the "#" before redirect-gateway in the OpenVPN config to allow routing through vpn. When I do this, I am unable to reach the web at all when connected to the VPN.
I am not that experienced configuring OpenVPN... any help would be appreciated.
Also, if anyone knows of an OpenVPN client for iOS 6 that doesn't require a jailbreak... would be grateful to know what that is. PPTP seems to insecure.
Unable to Route All Web Traffic Through OpenVPN
-
widmark
- OpenVpn Newbie
- Posts: 15
- Joined: Wed Apr 11, 2012 7:26 pm
-
viktorf768
- OpenVpn Newbie
- Posts: 7
- Joined: Mon Oct 01, 2012 6:12 pm
Re: Unable to Route All Web Traffic Through OpenVPN
The command "redirect-gateway" just cares for sending all Traffic from the client to the VPN Server.
You have to configure your Server (where your VPN Server is running) to forward the traffic of the VPN Network to the Gateway of the Server LAN, to continue to find the way "out" to the internet. Also NAT has to be configured on the Server, cause without NAT the forwarded traffic will not know the way back. So forwarding and(!) NAT has to be configured on the Server itself.
The commands for configuring the Server as a router with forwarding and NAT (Network Address Translation) depends on the OS which is used. On an OS X 10.8.2 everything works after the following commands are executed as user root in an terminal:
sysctl -w net.inet.ip.fw.enable=1
sysctl -w net.inet.ip.forwarding=1
natd -interface en0
ipfw add divert natd ip from any to any via en0
Commands for an other OS will differ slightly.
After a restart of the machine these commands have to be executed again.
Writing a script and executing it once as a launched DAEMON process is the solution for the permanent setup as a routed gateway with NAT.
You have to configure your Server (where your VPN Server is running) to forward the traffic of the VPN Network to the Gateway of the Server LAN, to continue to find the way "out" to the internet. Also NAT has to be configured on the Server, cause without NAT the forwarded traffic will not know the way back. So forwarding and(!) NAT has to be configured on the Server itself.
The commands for configuring the Server as a router with forwarding and NAT (Network Address Translation) depends on the OS which is used. On an OS X 10.8.2 everything works after the following commands are executed as user root in an terminal:
sysctl -w net.inet.ip.fw.enable=1
sysctl -w net.inet.ip.forwarding=1
natd -interface en0
ipfw add divert natd ip from any to any via en0
Commands for an other OS will differ slightly.
After a restart of the machine these commands have to be executed again.
Writing a script and executing it once as a launched DAEMON process is the solution for the permanent setup as a routed gateway with NAT.