General :: Windows - Routing Everything Except A Certain IP Range Through An OpenVPN Tunnel?
Aug 31, 2011
I've been working with my OpenVPN server for a while, and I have a rather interesting problem. I need to redirect all client traffic through the tunnel except for a couple IP's that need to be resolvable locally. The way I'm doing this is pushing these routes from the server:
Server 'PUSH' directives
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
I'm seeing that translating into these Windows routes:
Windows routes occurring
Wed Aug 31 15:14:35 2011 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1 bypass-dhcp,dhcp-option DNS 8.8.8.8,dhcp-option DNS 8.8.4.4,route 10.8.0.1,topology net30,ping 5,ping-restart 30,ifconfig 10.8.0.6 10.8.0.5'
Wed Aug 31 15:14:35 2011 ROUTE default_gateway=192.168.1.254
Wed Aug 31 15:14:40 2011 C:WINDOWSsystem32
oute.exe ADD 199.[*.*.*] MASK 255.255.255.255 192.168.1.254
Wed Aug 31 15:14:40 2011 C:WINDOWSsystem32
oute.exe ADD 0.0.0.0 MASK 128.0.0.0 10.8.0.5
Wed Aug 31 15:14:40 2011 C:WINDOWSsystem32
oute.exe ADD 128.0.0.0 MASK 128.0.0.0 10.8.0.5
Wed Aug 31 15:14:40 2011 C:WINDOWSsystem32
oute.exe ADD 10.8.0.1 MASK 255.255.255.255 10.8.0.5
I've hidden my server's IP beginning with 199 for security purposes.What I've gathered.I'm assuming that 0.0.0.0 is a kind of code for "everything," so I'm not sure how I could get this to work, but the general idea is that I need a specific IP range (172.16.*) to be resolvable on the LOCAL NETWORK (of the client) meaning it does not go through the VPN tunnel and the client can connect to 172.16.* locally.Is this possible? Routes can be executed through the command line, server "push" or client config options. Any way to get this to work while still routing other traffic through would do, really.
Additional Info: I have the server running on Debian 64-bit and the client running on Windows 7 (although Vista needs to work as well).Client/server configs can be provided if needed.
View 2 Replies
ADVERTISEMENT
Jun 23, 2009
get me understand the short range and the long range links from routing (and routing protocols') point of view.
View 6 Replies
View Related
Aug 9, 2010
i have installed openvpn and config it for a tunnel. my server.conf and client,conf is as follow:
server.conf
port 1194
proto udp
[code]...
View 1 Replies
View Related
Jan 31, 2010
I need to know the procedure to setup VPN between two network. i setup openvpn access server to do this easy. 1. Step by step procedure to setup VPN 2. Setup VPN with DHCP 3. How to check that open vpn is running successfully.
View 1 Replies
View Related
Feb 13, 2010
I want to configure a VPN over the Internet.I installed the 'openvpn' package, generated the key file, transfered it by a secure way to the client, and setted up the configuration file.
So, in that configuration file I input the IP addresses of the tunneled interfaces. Both IPs are static in the tunnel.
Then, I've heard somewhere that I can assign a dynamic configuration IP for the client. I do this registering a range.
Well, when I tried to change static IP to dynamic IP (changing '192.168.0.2' to '192.168.0.0/24') in the configuration file, the OpenVPN didn't work.
Obviously I don't know what I'm doing, and I really, don't believe that simply changing the IP will make it work, but I tried.
I hope I explained my problem as well.
My configuration file:
# OpenVPN Server Configuration File
dev tun 0
ifconfig 192.168.0.1 192.168.0.2
cd /etc/openvpn
secret key_file
In client I execute the 'openvpn' without the '--daemon' parameter.Then I want that my client uses a IP in a range (192.168.0.0/24, for example), instead of a static IP (192.168.0.2).I also thought to use a DHCP server, but I'm not sure that will work.
View 6 Replies
View Related
Jan 25, 2010
I'm using Debian Lenny and I want to tunnel rtorrent only through a OpenVPN tunnel. I have a tunnel running, the config file looks like this:
client
dev tun
proto udp
remote openvpn.xxx.com 1194
resolv-retry infinite
nobind
persist-key
persist-tun
[Code]...
My idea is that I could run a sockd proxy internally that redirects traffic to the openvpn tunnel. I could use the *nix "proxifier" application "tsocks" to make it possible for rtorrent to connect through that proxy (as rtorrent doesn't support proxies). I have trouble configuring sockd as my IP inside the VPN changes every time I connect. This is a config file someone said would help:[URl].. As my IP changes at each connect I don't know what to put in that config file. I have no control over the host side config file.
View 1 Replies
View Related
Mar 1, 2011
Im trying to configure a GRE over IPSec connection between two subnets. The IPSec tunnel is opened and now I want to add a GRE tunnel over it.So, what I didn't understand is why I can't route my subnet over the tunnel, once the only route I have there says that it should route the tunnel IP over the GRE01 interface. Any hint? Thanks.
View 1 Replies
View Related
Feb 10, 2011
I have two firewalls, one primary (fw1) and one fall-back/backup (fw2). On the LAN side the fw's reside in the same LAN segment. I have a client who wants VPN redundancy. So I configured two VPN tunnels for this client. One via fw1 and a backup via fw2. Since the default gateway on the VPN server points to fw1 only the tunnel via fw1 is established. OpenVPN can't establish a tunnel via fw2 because of the gateway and just sits there waiting...
View 1 Replies
View Related
Jul 31, 2010
I'm playing with OpenVPN and I'm trying to share my VM's internet connection with another VM. My server VM has internet access through a NAT interface on virtualbox. My client can even ssh to the server, so the openvpn tunnel must be working. I've tried on the server:
[Code]...
View 1 Replies
View Related
Apr 4, 2010
My special networking configuration.
The case: I'm running two dedicated Linux servers (openSUSE). Both servers are connected through public IP addresses to the internet. Each server hosts a VMware with another Linux inside.
SRV1 and SRV2 are the entry points for OpenVPN from external clients. SRV1 and SRV2 are although connected through an OpenVPN connection for save data sharing.
My problems:
SRV3 can't connect to SRV2 and SRV4.
SRV4 can't connect to SRV1 and SRV3.
External OpenVPN clients connected to SRV1 can't reach SRV2 and SRV4.
External OpenVPN clients connected to SRV2 can't reach SRV1 and SRV3.
Here are my configurations:
Code:
Code:
Code:
Code:
View 1 Replies
View Related
Feb 3, 2011
I have an Ubuntu VPS running 10.10 x86_64
This is what is in my /etc/network/interfaces right now.
Code:
auto eth0
iface eth0 inet static
address 67.202.x.x
gateway 67.202.x.1
netmask 255.255.255.0
auto lo
iface lo inet loopback
My server.conf
code....
I can get the VPN server running and everything connects fine from the client. I just don't know how to tunnel all the traffic through the VPS because it involves making the bridge which I'm having trouble with. What exactly am I supposed to put in /etc/network/interfaces?
View 1 Replies
View Related
Feb 18, 2011
I currently run openVPN on my Debian box that provides secure ipv4 routing from my laptop to my VPS in a different country (and from there the internet via this box). This works fine. However, id like to sort out ipv6 through this VPN as well as IPV4 and not overly sure how to do it. The remote server itself has native ipv6 configured on device eth0 and it works (ping6, traceroutes all fine,incoming to web servers etc) nicely on dual stack.
How would i go about modifying the config (both client and server if needed) to enable openVPN to act as a tunnel broker to enable the laptop to use the ipv6 through the server as well as the old v4? (the internet connection laptop end will not/does not have native ipv6 from the ISP. Currently im using he-net tunnel broker but id like to run myself through my existing openVPN). VPN config details: Its using UDP, port 1194, creates a TUN interface, redirect-gateway etc and the rest is normal config. Edit:- if it matters the clients are all running windows so i cant use sh scripts to set up stuff client end.
View 1 Replies
View Related
Apr 21, 2010
Just curious to see what everyone's opinion on using routing vs. bridging for openVPN. I'm installing openVPN on a linux box that I'm using as a router. What I was wondering was your opinions on which one of these two options to use.
View 2 Replies
View Related
May 2, 2010
I am playing with openvpn, and I got stuck.I am using ubuntu server for openvpn server, which has 2 physical NICs, one is directly on internet and other is LAN, where few pcs are connected on.
View 5 Replies
View Related
Apr 16, 2011
To be able to use my 3g connection from my laptop I am using Azilink.Azilink work by setting up a little Openvpn server on your smartphone then you connect to your smartphone from your laptop with OpenVPN.From there what i wanted was to use a second VPN connection to an external Linux host and redirecting all my traffic to that tunnel... (redirect-gateway + iptables)It is working but partially..Here is the way I connect through my phone (all steps are I think important for the routing issue...)
1) I plug the phone then a usb0 interface is created with the 192.168.239.5 ip adress (my phone is 192.168.239.4)Then adb connect 192.168.239.4
2) I have to enable a port forward on my phone adb forward tcp:41927 tcp:41927
3) I run the openvpn script (to connect to my phone on wich i have launched Azilink)
So Openvpn connect to 127.0.0.1:41927 (to my phone) From there I have a Initialization Sequence Completed
At this time I am connected through 3G via my smartphone to the Internet..And as you imagine i don't want to enter all the IP adresses of Internet minus RFC1918 manually via route command.I think the problem comes from the fact that when i do the route add default gw 10.8.0.5 it is overwritting all the routes required to establish the first and the second connection am i right? Could someone help me solve that issue ?
View 2 Replies
View Related
Jul 27, 2010
I've been on a quest to enable full routing through my openvpn tunnel between my office and the colo. Masquerading will work, however it will throw off anything key based and makes a lot of things just more difficult and vague in general. Is there an easy way to do this via iptables? I tried using quagga hoping it would magically solve my problems, however it does not seem to do my routing for me . I just did a basic static route within zebra...
View 3 Replies
View Related
Mar 22, 2011
I've set up OpenVPN on a Linux server. All my Internet traffic goes through the VPN from that server. I'm running Windows 7 at home. I noticed in Wireshark that DNS queries are not going through the encrypted tunnel, but instead directly to my ISP's designated DNS servers.
To overcome this, I tried pushing DNS for OpenVPN from the server to my computer, and also inputting the DNS address in my wireless adapter's configuration options. This appears to have secured the DNS leak, but is it the proper way to go about it? If I didn't push the DNS address from the server to the client and only set the DNS in the client's wireless adapter, then I couldn't visit any website. And if I just pushed the DNS but didn't set it in the adapter, then some DNS requests still leaked to the ISP's DNS servers.
View 1 Replies
View Related
Mar 16, 2011
I have my home network (connected to internet via VPN) and my "MS-based" work network (opened to internet via VPN). In windows I can easily create two VPN connections to enter my Work domain, but how can I do that in Linux? Network Manager allows only one VPN connection... The best way is to create pptp tunnel over configured in Network Manager ppp0. I've googled a lot but still didn't find any working example.
View 3 Replies
View Related
Oct 3, 2010
I am currently running 64-bit Windows 7 from my home laptop and I would like to establish an SSH reverse tunnel to my laptop from my work Ubuntu 64-bit machine. I have been reading many "tutorials" that have led me nowhere and I feel as though I'm chasing my tail now. I have done the following on my Ubuntu machine:
Code:
ssh -R 19999:localhost:22 laptop_ip
and on my Windows machine, using putty, did the following:
Code:
Host Name: host_IP
[Code]...
I am able to access my Ubuntu machine when on my work network but there I have been unsuccessful when it comes to trying to remotely access it. I have tried everything that I can think of (though I am a novice). If there is any help/suggestions/ideas that could help, please let me know and don't hesitate to ask for more info!
p.s. I would also like to enable x-forwarding, but for now I would like to have remote access to the Ubuntu machine.
View 6 Replies
View Related
Apr 6, 2010
I have a firewall, this consists of three NIC's:
Code: eth0[192.168.0.2] eth1[192.168.1.2] and eth2[10.10.165.2]
I am trying to ping eth0 from eth2, but I am not able to succesfully get a response from pinging the device, I am using:
Code: ping 192.168.0.2 -I eth2
I have tried to insert routing data into the routing table, but it still doesn't work
View 2 Replies
View Related
Jan 8, 2010
I don't know what I'm trying to achieve falls into 'routing' or 'Bridging'???I have two network ports (with static IP ) and I would like to forward RX packets of one to the other.
I have done this in Windows by enabling a service called 'routing'.Is there something similar in Fedora 11? I am pretty sure there are a few thread explaining these but I am just not educated enough to find one that makes sense to me, so Please excuse me for starting a redundant thread and point me to it?
View 1 Replies
View Related
Apr 24, 2011
I want to plot a set of data in only one plot.The problem is that some points of the data should be better plotted in a linear scale (lets say 0 to 100,000) but there are other data points that, exceding the value 100,000, would be better plotted in a logarithmic scale, as they goes in the range 100,000 to 500,000,000. Let's say the data is:
Code:
X Y
0 100
10000 80
20000 75
[code]....
Is there a way to plot all these points in the same plot in only one X-axis showing two different ranges in that axis: linear: 0-100,000 logarithmic: 100,000 - 1,000,000,000?The axis would be read, for example, as:
Code:
|-----|-----|-----|-----|-----|-----|-----|-----|-----|
0 20k 40k 60k 80k 100k 1M 10M 100M 1G
(The abbreviations k-M-G are not the important point. Just shown for clarity)
View 2 Replies
View Related
Apr 11, 2011
I want to build a bash script, which can ping a range IP adresses which will be filled in by the admin. If there is no IP-adress filled in, then the script must ping the subnet where the system is logged on. So if my ip is 192.168.1.6, then the script must ping from 192.168.1.1 till 192.168.1.255 Or else, if there is given a beginning and ending ip it must ping that!
The first part of the bash script is to ping a given range (see below). But there is one problem, how can I tell the script to ping from $begin till $end, [..] is of course wrong! But what must be filled in there???
echo "Enter beginning IP-adres:"
read begin
echo "Enter ending IP-adres:"
read end
ping -c 1 $begin [..] $end
The second part is to find my own ip and ping the whole range.. How to do that? I only can find my own IP, but I cant ping the whole range,, how to do that?
#!/bin/bash
ifconfig | grep 'inet addr:' | grep -v '127.0.0.1' |
cut -d: -f2 | awk '{ print $1 }'
View 11 Replies
View Related
Apr 28, 2011
I downloaded Ubuntu 10.04 yesterday and installed using Wubi. I have downloaded ndiswrapper and ndisgtk and installed the drivers for my wireless adapter. My last question is how to make Ubuntu actually search for a wireless network in range like Windows does. So far, I like Ubuntu but want to connect to the 'net.
View 9 Replies
View Related
May 16, 2010
I have many openvpn implementations. Every time I use windows shares over openvpn, the speed is no more than 500KB/s, in LAN environment. When I start a copy it reaches 200-300KB/s, when I start second one it reaches 500KB/s. No more is reached after more copies simultaneously. When I use linux to copy files - the first copy reaches 700KB/s, the second copy reaches 2.5MB/s (then the first grows also to 2.5MB/s), the third copy reaches also 2.5MB/s. All of these are copied simultaneously, otherwise when only one is started it sits on 700KB/s. Moreover when 2 of the 3 simultaneous copy processes end, the one left backs at 700KB/s again.
But this is linux. When I use Windows the transfer speed is no more than 400-500KB/s (LAN environment).
The OpenVPN server is always ubuntu (any version - I've tried 6.06, 8.04, 10.04).
Tried the OpenVPN client in ubuntu (and the windows machine behind the ubuntu), in windows (directly installed the client on windows) and it is all the same - no more than 500KB/s.
I can not use this because it is so slooow. When only one file is copied at a time it reaches only 200KB/s!!! Searched all the google results - no one have an answer, although there are many people with the same problem.
Now, I am sure that the problem is in Windows, because when I use linux as a server and as a client, the client copies fast. But when I use windows as machine behind the client it copies slow. I don't know... something in the tcp/ip settings in windows or something...
View 9 Replies
View Related
Feb 9, 2011
I have set up my Openvpn Server in Centos and it is working fine. Windows XP clients are able to connect the OpenVPN Server and access the network. This is a customized OpenVPN Gui Client. Now I need the customized OpenVPN Client for MS Windows 7Bit. I am using openvpn-2.1.4-install OpenVPN Client in MS Windows 7 64Bit. This is a executable and working fine in the said architecture. Now I want to compile this version. I am following the given steps at : [URL].. As per the direction i have copied the source from 2.1.4 and tried to compile, but compiled copy is giving the error " An error occurred Installing the TAP-Win32 Device Driver". I have tried this compilation by making every change and hack but all in vain.
I think that there are some certain steps which are missing and not documented any where. And sure that someone in forum will know the facts.
View 1 Replies
View Related
Apr 5, 2010
i have some problems with configuring openvpn tunnel connection to my openvpn server. I'm using static-key tcp connection. Network manager always said to me that connection could not be established. Also, when i try to run openvpn from terminal, i got some strange permissions problem:
Code:
openvpn --config config.ovpn
Mon Apr 5 15:48:37 2010 OpenVPN 2.1_rc19 i486-pc-linux-gnu [SSL] [LZO2] [EPOLL] [PKCS11] built on Oct 13 2009
Mon Apr 5 15:48:37 2010 NOTE: OpenVPN 2.1 requires '--script-security 2' or higher to call user-defined scripts or executables
Mon Apr 5 15:48:37 2010 /usr/sbin/openvpn-vulnkey -q moj.key
[code]....
View 1 Replies
View Related
Feb 27, 2010
I have OpenVPN 2.0.8 installed configured to Ethernet Bridge BR0. All windows outside machines can "see" and mount remote inside firewalled machines (i.e. \machine1 or [URL]). However I can't access to inside windows machines with windows Remote Desktop
View 3 Replies
View Related
Jun 3, 2010
I have a Gateway ML6721 laptop that uses a Realtek RTL8187B for wireless comms. I am very new to Ubuntu and Linux. I am trying out linux using a usb stick, 16Gb with a 4Gb persistence. If I stay in the same room as the router there is no problem. If I walk too far, I get disconnected. Works fine in windows throughout the whole house. Is there a setting I can change or do I need to use a different driver?
View 3 Replies
View Related
Sep 15, 2009
I'm trying to set up a VPN connection between our CentOS 5.3 server at work and my bosses XP computer at home. At this point, we are kinda locked into Quickbooks. I'm testing the connection from my XP boot at home to see if it works. I can log into our servicemanuals easily enough from XP at home however, the windows takes forever to update. I have the Samba server only listening on port 445 because is seems to work more efficiently at work. I connect to the Samba shares via linux from home and everything works well but, when I try to do anything with the shares from Windows client at home, it's very slow!
I'm thinking that it must have something either to do with the Windows OpenVPN client or the client.conf file. Is there anything I should look at in the .conf file for answers?
View 1 Replies
View Related
