I set up OpenVPN on my iPad with the "redirect-gateway def1" parameter to redirect all traffic through the VPN. This redirects web traffic since if I go to a web site like http://www.whatismyip.com/ it shows the ip address of the VPN server. It does not however redirect all traffic for apps. For example I have a web camera set up on a port that's not 80, 8080 or 443 and traffic to and from that port is not going over the VPN if I specify the public hostname and port (specifying a LAN address does work).
How can I get ALL traffic to go over the VPN, not just web traffic?
redirect-gateway doesn't redirect ALL traffic
-
Morac
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Oct 04, 2013 2:45 pm
-
Morac
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Oct 04, 2013 2:45 pm
Re: redirect-gateway doesn't redirect ALL traffic
Yes I run OpenVPN on a router with Tomato USB firmware. I currently have it set to not automatically push "redirect-gateway def1" so I can pick and choose on the client side. I've tried changing it though and it makes no difference.
The problem doesn't seem to be on the server side though as it is redirecting traffic sent over the VPN. iOS 7, for whatever reason, is only sending web traffic over the VPN.
The problem doesn't seem to be on the server side though as it is redirecting traffic sent over the VPN. iOS 7, for whatever reason, is only sending web traffic over the VPN.
Code: Select all
The client config (without certs) is:
-----------------------------------------
client
dev tun
proto udp
remote mkraft.homeip.net 1194
resolv-retry infinite
nobind
persist-key
persist-tun
redirect-gateway def1
keepalive 15 60
ns-cert-type server
cipher AES-256-CBC
comp-lzo
verb 3
key-direction 1
server config (generated automatically:
-----------------------------------------
daemon
server 10.8.0.0 255.255.255.0
proto udp
port 1194
dev tun21
cipher AES-256-CBC
comp-lzo adaptive
keepalive 15 60
verb 3
push "route 192.168.1.0 255.255.255.0"
push "dhcp-option DNS 192.168.1.1"
tls-auth static.key 0
ca ca.crt
dh dh.pem
cert server.crt
key server.key
status-version 2
status status
Added ip table rules (generated automatically):
-----------------------------------------
iptables -t nat -I PREROUTING -p udp --dport 1194 -j ACCEPT
iptables -I INPUT -p udp --dport 1194 -j ACCEPT
iptables -I INPUT -i tun21 -j ACCEPT
iptables -I FORWARD -i tun21 -j ACCEPT
-
Morac
- OpenVpn Newbie
- Posts: 6
- Joined: Fri Oct 04, 2013 2:45 pm
Re: redirect-gateway doesn't redirect ALL traffic
I've tried it both ways and neither way works.
I'll mention that adding the redirect to the client does work for web traffic as if I go to whatismyip.com it shows my home IP address when using the redirect configuration and my cell IP address when using a configuration without redirect.
I'll mention that adding the redirect to the client does work for web traffic as if I go to whatismyip.com it shows my home IP address when using the redirect configuration and my cell IP address when using a configuration without redirect.