I'm struggle since Monday to route all internet traffic throw client. Please bear with me. Client is on windows 7 (openvpn 2.5.8) (Public IP) no NAT only layer 7 firewall (firewall is off/on same result). I want to to this only from server side, don't want to change anything on the client machine.
Here is screens from router and my configuration:
Settings gui asus OPENVPN
Server config:
Code: Select all
# Tunnel options
proto udp4
multihome
port 48739
dev tun21
sndbuf 0
rcvbuf 0
keepalive 10 30
up '/etc/openvpn/ovpn-up'
down '/etc/openvpn/ovpn-down'
setenv ovpn_type 0
setenv unit 1
script-security 2
daemon vpnserver1
verb 3
status-version 2
status status 10
compress lzo
plugin /usr/lib/openvpn-plugin-auth-pam.so openvpn
# Server Mode
server 10.83.79.0 255.255.255.0
duplicate-cn
push "route 192.168.173.0 255.255.255.0 vpn_gateway 500"
# Data Channel Encryption Options
auth SHA224
cipher AES-128-CBC
# TLS Mode Options
ca ca.crt
dh dh.pem
cert server.crt
key server.key
tls-auth static.key 0
# Custom Configuration
--username-as-common-name
--topology subnet
--client-config-dir /jffs/openvpn/server1/ccd
push "dhcp-option DNS 192.168.173.1"
push "dhcp-option DOMAIN RT-AC88U.ac88u.delta"
Code: Select all
ifconfig-push 10.83.79.99 255.255.255.0
topology subnet
iroute 192.168.173.0 255.255.255.0
push "redirect-gateway def1"
block-outside-dns
I'm using static routes on router gui-lan settings. When I redirect traffic, windows 7 client have internet about 10 minutes or less and then no internet (give me an error in network configuration in local area connection). If i want to make this possible: i must push route in ccd from 10.83.79.99/24 to router wan IP: xxx.xxx.xxx.xxx or private subnet 192.168.173.1? And this is the tricky part 2 i need outbound rule in router IPtables or static rotues right? I have setup one static (image above) but dunno is is right. Please help.
p.s. Im sorry if its in wrong section.