Erwin Bierens

Knowledge is Power

Route all traffic by OpenVPN

2018-12-11 1 min read Linux Security Erwin Bierens

In October i posted a blog about setting up your OpenVPN server in 2 minutes.

This blog is a addon to your existing configuration to route all traffic over the VPN. 

/

Change server configuration

go to the config file (/etc/openvpn/server.conf) and add the following lines:

    push "redirect-gateway def1"
    push "dhcp-option DNS "
    push "dhcp-option DNS 1.1.1.1"

Restart your OpenVPN daemon

    sudo /etc/init.d/openvpn restart

Change client configuration

Change your client config, and add the following line

    redirect-gateway def1

Change IP Tables

Last thing to do is change your iptables to NAT traffic to the internet. (make sure you have the right to do this or run this as root)

    iptables -I FORWARD -i tun0 -o wlan0 \
            -s 10.8.0.0/24 -m conntrack --ctstate NEW -j ACCEPT
    iptables -I FORWARD -m conntrack --ctstate RELATED,ESTABLISHED \
            -j ACCEPT
    iptables -t nat -I POSTROUTING -o wlan0 \
            -s 10.8.0.0/24 -j MASQUERADE

Caption:

  • tun0: your virtual VPN network interface
  • eth0: your normal network interface (to make sure you will use the right interface, check with “ifconfig”)
  • 10.8.0.0: your VPN network IP range

/

anonymous internet over vpn masquerade nat openvpn openvpn tunnel
comments powered by Disqus
© 2024 by Erwin Bierens
Powered by Bilberry Hugo Theme