[Solved] Redirecting traffic through VPN tunnel

[Zizilk]

Hi with this configs i tried to organize VPN tunnel between two computers.
Client side

Code: Select all

port 1194
remote 95.24.206.136
dev tun
ifconfig 10.8.0.2 10.8.0.1
secret static.key
comp-lzo
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
push "dhcp-option DNS 10.8.0.1"

Server side

Code: Select all

port 1194 
proto udp 
dev tun 
secret /media/DISK_A1/system/etc/openvpn/static.key 
ifconfig 10.8.0.1 10.8.0.2 
keepalive 10 120 
comp-lzo 
persist-key 
persist-tun
status status.log
log openvpn.log
push "redirect-gateway def1"

The main goal that i need to some external applications see me in network where placed Server, with its external IP address (some services requires static IP address, but unfortunately i usually working from different places). So i need to redirect all client side traffic through tunnel. Using above placed configs i can estabilish connection between client and server, but from client all traffic goes directly to internet. I found in HOWTO's article about such redirection and adds strings from it but it's not working.

Client pc has windows 8 on-board and server is router Zyxel Keenetic giga II with V1 firmaware and opgk installed

[Zizilk]

Thank you, perhapse i didn't understant this correctly http://openvpn.net/index.php/open-sourc ... l#redirect

So how i see in this two articles i should configure server in such way so it could accept incoming traffic from client and client can access other machines in my network and then i must configure client machine - in network setting write that original DNS server is on VPN server.

[Zizilk]

Sorry for my english Unfortunately it's foreign for me.

I mean that i'm trying to establish connection through VPN-tunnel. And all applications and should use this tunnel and external applications should see that i'm working from VPN server machine's external IP.

i also found out that W8 used to see the vpn-network as unknown. I solve it changing some registry keys with official ms support script.

Now after connection i can ping internal server ip (10.8.0.1) but vpn-connection still hasn't dns server address (i point it manually in its properties) but connection still hasn't gateway. here is info for vpn connection from ipconfig (sorry but my windows has only single-language license and it's russian)

Code: Select all

DNS-суффикс подключения . . . . . :
Описание. . . . . . . . . . . . . : TAP-Windows Adapter V9 //description
Физический адрес. . . . . . . . . : 00-FF-B2-91-F9-A5 //mac
DHCP включен. . . . . . . . . . . : Да //dhcp enable: yes
Автонастройка включена. . . . . . : Да 
Локальный IPv6-адрес канала . . . : fe80::5cb1:afd1:ba0c:40a%7(Основной) //local ipv6 address
IPv4-адрес. . . . . . . . . . . . : 10.8.0.2(Основной) //local ipv6 address
Маска подсети . . . . . . . . . . : 255.255.255.252 //network mask
Аренда получена. . . . . . . . . . : 24 октября 2013 г. 21:07:08
Срок аренды истекает. . . . . . . . . . : 24 октября 2014 г. 21:07:08
Основной шлюз. . . . . . . . . :
DHCP-сервер. . . . . . . . . . . : 10.8.0.1 //dhcp-server
IAID DHCPv6 . . . . . . . . . . . : 620822450
DUID клиента DHCPv6 . . . . . . . : 00-01-00-01-18-D9-DE-0C-20-89-84-49-E8-24
DNS-серверы. . . . . . . . . . . : 10.8.0.1 //dns server
NetBios через TCP/IP. . . . . . . . : Включен

When i'm trying to establish external connection (open browser for example) windows won't use VPN-connection but will goes directly to internet. (but perhaps it tries to use it because it appears some lag between entering address and page begin loading).

[Zizilk]

Just now i find out that Internet explorer tries to use VPN-connection but it doesn't see dns address and i can't serf internet with url address. But can use IP addresses. unfortunately i don't exactly which connection is used cause almost all sites perhaps are using virtual host so when i tried to go somewhere where i can check my external api using direct ip of the site i found that direct ip access is blocked, or there are no such page, or even i found strange admin panel's)

[Zizilk]

well after adding these strings on server-side i got on client-side such errors

Code: Select all

Fri Oct 25 00:09:56 2013 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: default-gateway (2.3.2)
Fri Oct 25 00:09:56 2013 Options error: --dhcp-option: unknown option type 'dns' or missing parameter

But connection estabilished and i lost ping with server after adding this strings. Client get ip but can't ping server

[Zizilk]

Yep i did it
i add this string to client config

redirect-gateway