Page 1 of 1
[Solved] Redirecting traffic through VPN tunnel
Posted: Sat Oct 19, 2013 9:04 am
by Zizilk
Hi with this configs i tried to organize VPN tunnel between two computers.
Client side
Code: Select all
port 1194
remote 95.24.206.136
dev tun
ifconfig 10.8.0.2 10.8.0.1
secret static.key
comp-lzo
keepalive 10 60
ping-timer-rem
persist-tun
persist-key
push "dhcp-option DNS 10.8.0.1"
Server side
Code: Select all
port 1194
proto udp
dev tun
secret /media/DISK_A1/system/etc/openvpn/static.key
ifconfig 10.8.0.1 10.8.0.2
keepalive 10 120
comp-lzo
persist-key
persist-tun
status status.log
log openvpn.log
push "redirect-gateway def1"
The main goal that i need to some external applications see me in network where placed Server, with its external IP address (some services requires static IP address, but unfortunately i usually working from different places). So i need to redirect all client side traffic through tunnel. Using above placed configs i can estabilish connection between client and server, but from client all traffic goes directly to internet. I found in HOWTO's article about such redirection and adds strings from it but it's not working.
Client pc has windows 8 on-board and server is router Zyxel Keenetic giga II with V1 firmaware and opgk installed
Re: Redirecting traffic through VPN tunnel
Posted: Sat Oct 19, 2013 4:26 pm
by Zizilk
Thank you, perhapse i didn't understant this correctly
http://openvpn.net/index.php/open-sourc ... l#redirect
So how i see in this two articles i should configure server in such way so it could accept incoming traffic from client and client can access other machines in my network and then i must configure client machine - in network setting write that original DNS server is on VPN server.
Re: Redirecting traffic through VPN tunnel
Posted: Thu Oct 24, 2013 5:32 pm
by Zizilk
Sorry for my english
Unfortunately it's foreign for me.
I mean that i'm trying to establish connection through VPN-tunnel. And all applications and should use this tunnel and external applications should see that i'm working from VPN server machine's external IP.
i also found out that W8 used to see the vpn-network as unknown. I solve it changing some registry keys with official ms support script.
Now after connection i can ping internal server ip (10.8.0.1) but vpn-connection still hasn't dns server address (i point it manually in its properties) but connection still hasn't gateway. here is info for vpn connection from ipconfig (sorry but my windows has only single-language license and it's russian)
Code: Select all
DNS-суффикс подключения . . . . . :
Описание. . . . . . . . . . . . . : TAP-Windows Adapter V9 //description
Физический адрес. . . . . . . . . : 00-FF-B2-91-F9-A5 //mac
DHCP включен. . . . . . . . . . . : Да //dhcp enable: yes
Автонастройка включена. . . . . . : Да
Локальный IPv6-адрес канала . . . : fe80::5cb1:afd1:ba0c:40a%7(Основной) //local ipv6 address
IPv4-адрес. . . . . . . . . . . . : 10.8.0.2(Основной) //local ipv6 address
Маска подсети . . . . . . . . . . : 255.255.255.252 //network mask
Аренда получена. . . . . . . . . . : 24 октября 2013 г. 21:07:08
Срок аренды истекает. . . . . . . . . . : 24 октября 2014 г. 21:07:08
Основной шлюз. . . . . . . . . :
DHCP-сервер. . . . . . . . . . . : 10.8.0.1 //dhcp-server
IAID DHCPv6 . . . . . . . . . . . : 620822450
DUID клиента DHCPv6 . . . . . . . : 00-01-00-01-18-D9-DE-0C-20-89-84-49-E8-24
DNS-серверы. . . . . . . . . . . : 10.8.0.1 //dns server
NetBios через TCP/IP. . . . . . . . : Включен
When i'm trying to establish external connection (open browser for example) windows won't use VPN-connection but will goes directly to internet. (but perhaps it tries to use it because it appears some lag between entering address and page begin loading).
Re: Redirecting traffic through VPN tunnel
Posted: Thu Oct 24, 2013 6:01 pm
by Zizilk
Just now i find out that Internet explorer tries to use VPN-connection but it doesn't see dns address and i can't serf internet with url address. But can use IP addresses. unfortunately i don't exactly which connection is used cause almost all sites perhaps are using virtual host so when i tried to go somewhere where i can check my external api using direct ip of the site i found that direct ip access is blocked, or there are no such page, or even i found strange admin panel's)
Re: Redirecting traffic through VPN tunnel
Posted: Thu Oct 24, 2013 8:50 pm
by Zizilk
well after adding these strings on server-side i got on client-side such errors
Code: Select all
Fri Oct 25 00:09:56 2013 Options error: Unrecognized option or missing parameter(s) in [PUSH-OPTIONS]:1: default-gateway (2.3.2)
Fri Oct 25 00:09:56 2013 Options error: --dhcp-option: unknown option type 'dns' or missing parameter
But connection estabilished and i lost ping with server after adding this strings. Client get ip but can't ping server
Re: Redirecting traffic through VPN tunnel
Posted: Thu Oct 24, 2013 8:59 pm
by Zizilk
Yep i did it
i add this string to client config
redirect-gateway