All traffic not going through VPN

[hormel09]

I added these two lines to my server config

Code: Select all

push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"

And these two lines to my client config

Code: Select all

push "redirect-gateway def1" 
push "dhcp-option DNS 10.8.0.1" 

Everything else in the config files are the default settings. Except I added Local a.b.c.d to the server since it has a static ip to my router. The section in the HowTo manual related to this subject mentions nothing about editing the client config. I only did it because several other threads concerning this subject said to add the pull compliment. After connecting to the server, I used whatismyip.com to see if my IP address had changed. It did not. There were some commented out lines in the default server config that I think my be relevant to my problem. They are here:

Code: Select all

# Push routes to the client to allow it
# to reach other private subnets behind
# the server.  Remember that these
# private subnets will also need
# to know to route the OpenVPN client
# address pool (10.8.0.0/255.255.255.0)
# back to the OpenVPN server.
;push "route 192.168.10.0 255.255.255.0"
;push "route 192.168.20.0 255.255.255.0"

# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# or bridge the TUN/TAP interface to the internet
# in order for this to work properly).
;push "redirect-gateway def1 bypass-dhcp"

If you would like to see my full config files, I'll post them. Any help is greatly appreciated! I'm new to OpenVPN.

[maikcat]

hi there,

FYI, server ONLY "pushes" options to clients not vice-versa.

if you use client directive into client config , pull statement is not needed.

please post your complete server/client configs and if your server is linux post the output of:

iptables -L -t nat -v

Michael.

[hormel09]

Here is the server

Code: Select all

local 192.168.1.200
port 1194
proto udp
dev tun
ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\server.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\server.key"
dh "C:\\Program Files (x86)\\OpenVPN\\config\\dh1024.pem"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"

Here is the client

Code: Select all

client
dev tun
remote [static WAN ip of router] 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\client1.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\client1.key"
ns-cert-type server
comp-lzo
verb

I went ahead and deleted the push lines of the client. The server is a win 7 pro machine. The client is a win 8 machine. Thanks for the help!

[maikcat]

hello there,

The server is a win 7 pro machine.

fellow mod bebop already wrote a very nice howto using win7 as server....

can you please read it?

Michael.

[hormel09]

I found the tutorial. I copy and pasted the config files, except for my server's ip.
server

Code: Select all

port 1194
proto udp
dev tun
server 10.0.0.0 255.255.255.0   #you may choose any subnet. 10.0.0.x is used for this example.

ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\server.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\server.key" 
 
dh "C:\\Program Files (x86)\\OpenVPN\\config\\dh1024.pem"


push "redirect-gateway def1"

push "dhcp-option DNS 8.8.8.8"      

#the following commands are optional
keepalive 10 120         
comp-lzo                   
persist-key                
persist-tun                
verb 3    

client

Code: Select all

client
dev tun
proto udp
remote [server address] 1194   

resolv-retry infinite
nobind
persist-key
persist-tun

ca "C:\\Program Files (x86)\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files (x86)\\OpenVPN\\config\\client1.crt"
key "C:\\Program Files (x86)\\OpenVPN\\config\\client1.key"
ns-cert-type server

comp-lzo
verb 3
explicit-exit-notify 2
ping 10
ping-restart 60

route-method exe
route-delay 2

I also performed the win 7 tweaks (routing and remote access, network adapter settings, and the regedit) . I recently noticed that ping request from the client to the server (and vice versa) time out. But the client is being assigned the ip address 10.0.0.6, which seems reasonable. I'm stuck Any ideas of what it could be? Should I try getting the ping to work? Or is that pointless? Yet again, thanks for the help.

[maikcat]

check if your client adds the appropriate routes to its routing table..

are you running the gui on your client with admin rights?

Michael.