Hi, Sorry for asking a question on my first post, but I'm no expert.
I am using a openVPN roadwarrior type setup. I have a openVPN server setup on a VPS to masqurade my clients internet connection through. As such the only IP that is visible to the internet from my client should be the VPS's IP.
Im having a problem however, that if my clients internet connection drops out and disconnects for a period OR the VPS server becomes inaccessable to the client somehow the pre-VPN connection default route is finding its way back into the routing table and the client is then connecting to the internet again but not through the VPN. I am using redirect-gateway so when the VPN connects that default client machine route is deleted, but it's still re-appearing sometimes when the connection goes for a period of time.
I guess this has something to do with the SIGUSR1[soft,ping-restart] received, process restarting - and openVPN re-entering the default_gateway to the routing table, in able to connect to the server VPN again.
How can this be avoided completely. If I put: ping-restart 0 onto the client and delete and ping-restart or similar from the server config would that make the client process restarting and as such openVPN adding the default_gateway to the client routing table totally impossible?
What i'd like to achieve is under absolutely no circumstances what so ever my client connecting to the internet without going through the VPN, after me running the openVPN client and it initially connecting to the openVPN server of course.
Thanks for any tips. Perhaps there's an easier way to do this?
IP Leaking
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
- OpenVpn Newbie
- Posts: 4
- Joined: Fri Mar 04, 2011 11:39 am
Re: IP Leaking
PS.. I just tested this, and after 10 or so minutes, somehow the default_gateway has found its way back into to the client routing table and the client is now connecting to the internet again without use of the VPN.
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: IP Leaking
this has little to do with OpenVPN , I guess; what you'd need is a routing table/firewall setup that allows you to connect to the VPN server and *only* the VPN server. Delete your default gateway and add an explicit route to the VPN server - it depends on your client OS how you can do this most efficiently.
-
- OpenVpn Newbie
- Posts: 4
- Joined: Fri Mar 04, 2011 11:39 am
Re: IP Leaking
I'm using an XP VMware virtual machine for the openVPN client. This is going to be possible?
- janjust
- Forum Team
- Posts: 2703
- Joined: Fri Aug 20, 2010 2:57 pm
- Location: Amsterdam
- Contact:
Re: IP Leaking
yes I think so - simply don't set up the default routes in the win XP VM ; again, this has little to do with openvpn and more with windows+routing
-
- OpenVpn Newbie
- Posts: 4
- Joined: Fri Mar 04, 2011 11:39 am
Re: IP Leaking
Thanks for pointing me in the right direction, I think I have it fixed. Managed it by setting static IP's for the VM's and using _pre & _up scripts.