I'm running OpenVPN as a server on a machine running Windows Home Server (largely equivalent to Server 2003), and clients running various levels of Windows 7 64-bit. The server is running stable OpenVPN with GUI, the clients are running 2.1 rc15 (due to the signed driver requirement in 64-bit Windows).
I want all traffic from the clients (including general internet traffic) to route through the VPN tunnel. In order to do so I have added
Code: Select all
push "redirect-gateway def1"Code: Select all
Mon Aug 30 23:05:02 2010 [RioGrande] Peer Connection Initiated with 76.105.236.118:1194
Mon Aug 30 23:05:03 2010 SENT CONTROL [RioGrande]: 'PUSH_REQUEST' (status=1)
Mon Aug 30 23:05:03 2010 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 8.8.4.4,route-gateway 192.168.1.20,ping 10,ping-restart 120,ifconfig 192.168.1.21 255.255.255.0'
Mon Aug 30 23:05:03 2010 OPTIONS IMPORT: timers and/or timeouts modified
Mon Aug 30 23:05:03 2010 OPTIONS IMPORT: --ifconfig/up options modified
Mon Aug 30 23:05:03 2010 OPTIONS IMPORT: route options modified
Mon Aug 30 23:05:03 2010 OPTIONS IMPORT: route-related options modified
Mon Aug 30 23:05:03 2010 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Mon Aug 30 23:05:03 2010 ROUTE default_gateway=129.138.223.254
Mon Aug 30 23:05:03 2010 TAP-WIN32 device [Client-TAP] opened: \\.\Global\{CA63FE1A-47A7-4F86-8D46-9DC2DC0529D1}.tap
Mon Aug 30 23:05:03 2010 TAP-Win32 Driver Version 9.4
Mon Aug 30 23:05:03 2010 TAP-Win32 MTU=1500
Mon Aug 30 23:05:03 2010 Notified TAP-Win32 driver to set a DHCP IP/netmask of 192.168.1.21/255.255.255.0 on interface {CA63FE1A-47A7-4F86-8D46-9DC2DC0529D1} [DHCP-serv: 192.168.1.0, lease-time: 31536000]
Mon Aug 30 23:05:03 2010 Successful ARP Flush on interface [40] {CA63FE1A-47A7-4F86-8D46-9DC2DC0529D1}
Mon Aug 30 23:05:08 2010 TEST ROUTES: 1/1 succeeded len=0 ret=1 a=0 u/d=up
Mon Aug 30 23:05:08 2010 C:\WINDOWS\system32\route.exe ADD 76.105.236.118 MASK 255.255.255.255 129.138.223.254
Mon Aug 30 23:05:08 2010 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=25 and dwForwardType=4
Mon Aug 30 23:05:08 2010 Route addition via IPAPI succeeded [adaptive]
Mon Aug 30 23:05:08 2010 C:\WINDOWS\system32\route.exe ADD 0.0.0.0 MASK 128.0.0.0 192.168.1.20
Mon Aug 30 23:05:08 2010 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Mon Aug 30 23:05:08 2010 Route addition via IPAPI succeeded [adaptive]
Mon Aug 30 23:05:08 2010 C:\WINDOWS\system32\route.exe ADD 128.0.0.0 MASK 128.0.0.0 192.168.1.20
Mon Aug 30 23:05:08 2010 ROUTE: CreateIpForwardEntry succeeded with dwForwardMetric1=30 and dwForwardType=4
Mon Aug 30 23:05:08 2010 Route addition via IPAPI succeeded [adaptive]
Mon Aug 30 23:05:08 2010 Initialization Sequence Completed
When I examine the routing table, I see this at the top:
Code: Select all
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 5.0.0.1 5.146.190.58 9256
0.0.0.0 0.0.0.0 129.138.32.254 129.138.32.60 30
0.0.0.0 128.0.0.0 192.168.1.20 192.168.1.21 30
5.0.0.0 255.0.0.0 On-link 5.146.190.58 9256
5.146.190.58 255.255.255.255 On-link 5.146.190.58 9256
5.255.255.255 255.255.255.255 On-link 5.146.190.58 9256
76.105.236.118 255.255.255.255 129.138.32.254 129.138.32.60 30
It seems to me that it would work to set the gateway to 192.168.1.1, the gateway used on the remote network, but I do not know how to configure the server to do this.
Basically, it is very important for security reasons that all internet traffic go through the VPN tunnel. I would appreciate advice on the easiest way to achieve this. Sorry if I'm missing something I should have found.
Thanks!
