OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

how to properly configure openvpn to spoof the ip address?

https://forums.openvpn.net/viewtopic.php?t=32612

Page 1 of 1

how to properly configure openvpn to spoof the ip address?

Posted: Fri Jul 09, 2021 10:22 am
by DGDays
I was able to start an openvpn server on my PC and connect a client to it, but I just can't configure it to replace the client's ip with the server's ip. I know that

Code: Select all

push "redirect-gateway def1 bypass-dhcp"
does this, but then the Internet on the client disappears and it is impossible even to ping 8.8.8.8. Can you please tell me what to do about it?

Client config:

Code: Select all

remote 178.44.196.105
client
port 12345

proto tcp4-client
dev tun

tls-client
tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1
remote-cert-tls server

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\config\\ClientVPN.crt"
key "C:\\Program Files\\OpenVPN\\config\\ClientVPN.key"

cipher AES-128-CBC
comp-lzo

persist-key
persist-tun

verb 3
mute 20
Server config:

Code: Select all

dev-node "ServerVPN"
mode server
port 12345 

proto tcp4-server
dev tun

tls-server
tls-auth "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ta.key" 0

tun-mtu 1500
tun-mtu-extra 32
mssfix 1450

ca "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ca.crt"
cert "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.crt"
key "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\ServerVPN.key"
dh "C:\\Program Files\\OpenVPN\\easy-rsa\\keys\\dh2048.pem"

server 10.10.10.0 255.255.255.0

client-to-client
keepalive 10 120
cipher AES-128-CBC
comp-lzo

persist-key
persist-tun

client-config-dir "C:\\Program Files\\OpenVPN\\config"

verb 3

route-delay 5
route-method exe

push "route 192.168.0.0 255.255.255.0"
push "redirect-gateway def1 bypass-dhcp"
route 192.168.182.0 255.255.255.0

Re: how to properly configure openvpn to spoof the ip address?

Posted: Fri Jul 09, 2021 12:15 pm
by TinCanTech
You are using Windblows for your server ..

You could run a VBox Linux VM and it is easier than making Windblows be a server ..

You'll need to read Bebop's post here:
viewforum.php?f=7

Re: how to properly configure openvpn to spoof the ip address?

Posted: Fri Jul 09, 2021 5:10 pm
by DGDays
I agree, it's easier, but I can't allocate resources on the VBox in any way...

Re: how to properly configure openvpn to spoof the ip address?

Posted: Sat Jul 10, 2021 2:30 pm
by openvpn_inc
Hello,

There's no suggestion that your server is doing NAT for the VPN packets. The NAT is required unless you have a large enough routable netblock (non-RFC-1918) to use for your VPN.

This is much better documented in GNU/Linux and *BSDs, but Windows can do it also IIUC. I think they call the feature "Internet Connection Sharing."

Please see http://pekster.sdf.org/misc/redirect.png for a good flowchart covering everything you need to check, to get this working.

Good luck, rob0

Re: how to properly configure openvpn to spoof the ip address?

Posted: Mon Jul 12, 2021 3:04 pm
by 300000
If you cant make it work as you like so here is the picture just do follow and it shoud work as you like.

open your server config and add this line to make static ip for your openvpn network card first.


ip-win32 manual

Image
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/