Warning: preg_replace(): The /e modifier is deprecated, use preg_replace_callback instead in ..../includes/class_bootstrap.php(430) : eval()'d code on line 123
HowTo: Routing all client traffic through the VPN
Results 1 to 2 of 2

Thread: HowTo: Routing all client traffic through the VPN

  1. #1
    Join Date
    Nov 2004
    Location
    Sweden
    Posts
    259

    HowTo: Routing all client traffic through VPN

    FOREWORD
    For a couple of days ago I tried posting this HowTo under “WL-500g/WL-500gx Tutorials” where other tutorials are. Either forum’s administrators have not had the time to publish it or administrator’s rules have restrained this HowTo from being published. In any case, the result is the distortion of the intended structure of this forum leading it to find HowTos where there should not be.

    SOURCE
    -. “HowTo install OpenVPN server" tutorial in this forum

    ASUMPTIONS
    -. Have read or installed OpenVPN server following the above source

    HOW-TO 1: Automatically without user intervention
    Create new server.conf and client.ovpn files as follows:

    server.conf file
    Code:
    dev tun0
    ifconfig 10.8.0.1 10.8.0.2
    secret static.key
    # Routing all client traffic (including web-traffic) through the VPN
    push "redirect-gateway def1"
    push "dhcp-option DNS 10.8.0.1"
    client.ovpn file
    Code:
    remote myremote.mydomain
    float
    dev tun0
    ifconfig 10.8.0.2 10.8.0.1
    secret static.key
    keepalive 10 60
    redirect-gateway def1
    route-method exe
    route-delay 2
    dhcp-option DNS 10.8.0.1
    where myremote.mydomain is the WAN ip address or host name of your Router.

    NOTES:
    i) With Microsoft Vista, client.ovpn may be started as administrator (run OpenVPN GUI as administrator).


    HOW-TO 2: By manipulating routing table on client
    After following “HowTo install OpenVPN server” tutorial one should gather the below parameters:

    1) Internet IP address of the VPN Server. I will call it VpnSrvIp
    2) Default gateway on VPN Client. I will call it GtwClntIp (see notes)

    I assume far-end IP address of the VPN link is 10.8.0.1 as it is on the above mentioned tutorial.

    Open a DOS prompt window and write the following:
    Code:
    route add VpnSrvIp MASK 255.255.255.255 GtwClnIp METRIC 1
    route add 0.0.0.0 MASK 0.0.0.0 10.8.0.1 METRIC 1
    It may happen that after a while Windows restructures the routing table giving priority to the Internet gateway. If so, run:

    Code:
    route change 0.0.0.0 MASK 0.0.0.0 10.8.0.1 METRIC 1

    NOTES
    i) If no DNS resolution edit file /etc/dnsmasq.conf and add line
    Code:
    interface=tun0
    and then restart the dnsmasq process (kill & invoke)
    ii) One way to identify the default gateway (GtwClntIp) on a Windows XP machine is by running “route print” on a DOS prompt window. This easy the identification in case more than one NIC is present.
    iii) More information: http://www.openvpn.net/index.php/doc...ion/howto.html
    Last edited by Tamadite; 11-10-2009 at 10:29. Reason: New info added

  2. #2
    I have followed the tour, Here is my "/etc/dnsmasq.conf"

    Code:
    user=nobody
    resolv-file=/tmp/resolv.conf
    no-poll
    interface=br0
    no-negcache
    cache-size=512
    dhcp-leasefile=/tmp/dnsmasq.log
    dhcp-range=lan,192.168.1.101,192.168.1.254,86400
    read-ethers
    dhcp-option=lan,252,"\n"
    dhcp-authoritative
    interface=tun0
    I kill the dnsmasq and restart it
    Code:
    killall dnsmasq && sleep 3 && dnsmasq
    then restart the openvpn again, and connect the server from my pc
    but I still have DNS problem
    Here is my post-fireware below

    Code:
    #!/bin/sh
    #OpenVPN access from WAN
    iptables -D INPUT -j DROP
    iptables -I INPUT -p udp --dport 1194 -j ACCEPT
    iptables -t nat -I PREROUTING -i eth1 -p udp --dport 1194 -j DNAT --to-destination $4:1194
    iptables -A INPUT -j DROP
    
    iptables -I INPUT -i tun0 -j ACCEPT
    iptables -I FORWARD -i tun0 -j ACCEPT
    iptables -I FORWARD -o tun0 -j ACCEPT
    iptables -I OUTPUT -o tun0 -j ACCEPT
    I can't find where could be wrong, could someone please help, thank you.

Similar Threads

  1. Превью новой версии прошивки 1.9.2.7-9
    By Oleg in forum Russian Discussion - РУССКИЙ (RU)
    Replies: 804
    Last Post: 14-03-2009, 20:42
  2. HowTo re-route all traffic through VPN
    By Tamadite in forum WL-500g/WL-500gx Tutorials
    Replies: 0
    Last Post: 15-11-2008, 00:54
  3. How to configure WL-500 as VPN client / router?
    By ePh432 in forum WL-500g Q&A
    Replies: 1
    Last Post: 04-06-2008, 05:49
  4. D-link VPN Client
    By satjoey in forum WL-500gP Q&A
    Replies: 1
    Last Post: 09-12-2007, 11:29

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •