Goal:
- Your Windows XP PC becomes an Internet gateway, using OpenVPN server mode. Traffic can be tunneled from any OpenVPN client.
- This example assumes that you already know how to install OpenVPN and setup keys and/or certificates. For the scope of this example, information about key and certificate management will not be provided.
- We'll setup a server.ovpn, a client.ovpn, and some Windows XP settings. Keep in mind that .ovpn is the Windows equivalent of .conf in Linux.
server.ovpn
Code: Select all
port 1194
proto udp
dev tun
server 10.0.0.0 255.255.255.0 #you may choose any subnet. 10.0.0.x is used for this example.
ca ca.crt #certs are optional. you may choose to go with keys or passwords instead.
cert my-server.crt
key my-server.key
dh dh1024.pem
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
#the following commands are optional
keepalive 10 120
comp-lzo
persist-key
persist-tun
verb 3
Code: Select all
client
dev tun
proto udp
remote public.ip.of.winXP.server 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca ca.crt
cert client.crt
key client.key
ns-cert-type server
comp-lzo
verb 3
explicit-exit-notify 2
ping 10
ping-restart 60
route-method exe
route-delay 2
Code: Select all
Start -> Right-click My Computer -> Manage
Services
Right-click Routing and Remote Access -> Properties -> Automatic
Right-click Routing and Remote Access -> Start
Next:
Control Panel
Network Connections
Local Area Connection (or whichever is your primary Internet interface [with your WAN ip])
Properties
Advanced
Tick the box "Allow other network users to connect through this computer's Internet connection"
From the drop-down list select "Local Area Connection 2", or whatever is the connection name of your TAP OpenVPN server interface.
Start->run->regedit (you type regedit)*
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Value: IPEnableRouter
Type: REG_DWORD
Data: 0x00000001 (1)
*Since this is Windows XP, you should restart Windows after making changes to registry
- This is very similar Windows 7 solution. If you know an easier or more efficient set of methods, please do share. If you know a proper method for forwarding DNS, also please do share.