You are not logged in.
- Topics: Active | Unanswered
#1 2016-06-30 15:49:04
- ewaller
- Administrator
- From: Pasadena, CA
- Registered: 2009-07-13
- Posts: 19,769
Client Side Openvpn Configuration in Virtual Machine.
First, allow me to assert that I have authorization from my corporate IT department to do what I am doing.
I have an Arch Linux client running in Virtualbox on a Windows 8.1 host on a corporate network. The client and host are linked with a virtual network (10.0.2.0/24) and the host provides NAT forwarding. The corporate (172.x.x.x) network bridges to the Internet through a Sonicwall firewall/gateway. I am using OpenVPN on the guest to connect to my home network. The home network has an Asus router running an OpenVPN server. It creates a 10.8.0.0 virtual network and provides a tunnel to the 192.168.1.0/24 network in my home to which there are half a dozen clients attached.
The OpenVPN client can reach my home network just fine. I can ssh or browse into all of the assets on the home network.
But, I need to, from the client side, be able to direct *all* traffic through the VPN. As it is right now, only traffic destined for my 192.168.1.0/24 network behind my home router is sent down the pipe. (Actually, I have not tried talking on the 10.8.0.0 subnet to a second VPN client; I expect that would work as well.)
I am thinking there are two things I must do. First, I need to change my default gateway; but to what? I think I have to talk through the 10.0.2.0 net to get out of the Windows host; or is my head up and locked?
Second, I can only see devices on my network through IP addresses which tells me I am not seeing my router's DNS. Makes sense, as DNS queries have to be made on this end in order to decide whether or not to go through the VPN tunnel. If I get the default gateway set up so that all traffic passes through the tunnel, I imagine I am still likely to have to wrestle with DNS.
tl;dr How does one configure a gateway to route all traffic through a VPN tunnel when the first leg uses NAT forwarding?
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline
#2 2016-07-01 14:45:00
- Abaddon
- Member
- From: Poland
- Registered: 2004-05-03
- Posts: 249
Re: Client Side Openvpn Configuration in Virtual Machine.
Your openvpn can push default getway to your client by
push "redirect-gateway def1 bypass-dhcp" If you want to do it manually you should set 0.0.0.0/1 via openvpn server address assigned for connection to you. Here it would be an address from 10.8.0.0.
Last edited by Abaddon (2016-07-01 14:45:30)
Gnome - The weakest link!
Linux, *not* GNU/Linux!
Offline
#3 2016-07-01 15:08:49
- ewaller
- Administrator
- From: Pasadena, CA
- Registered: 2009-07-13
- Posts: 19,769
Re: Client Side Openvpn Configuration in Virtual Machine.
Thanks for your reply. I think that is a server side configuration; Unfortunately, the router does not lend itself to custom configuration from its web GUI which is why I had hoped to do this from the client side. I'll give 10.8.0.0 a shot when I get to work next Tuesday.
Nothing is too wonderful to be true, if it be consistent with the laws of nature -- Michael Faraday
Sometimes it is the people no one can imagine anything of who do the things no one can imagine. -- Alan Turing
---
How to Ask Questions the Smart Way
Offline