LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (http://www.linuxquestions.org/questions/linux-networking-3/)
-   -   IPTABLES ? - 1 ip in a different subnet push all traffic from that ip through vpn (http://www.linuxquestions.org/questions/linux-networking-3/iptables-1-ip-in-a-different-subnet-push-all-traffic-from-that-ip-through-vpn-4175416616/)

andrew44 07-13-2012 09:46 PM

IPTABLES ? - 1 ip in a different subnet push all traffic from that ip through vpn
 
Hi,

I have a linux machine that I use as a vpn openVPN server and a pptp client and home router.

I have another machine that I want to use for connecting to a foreign country. This machine does not need to connect to any other resources on the "home network".

How can I get IPTABLES or any other app to forward all traffic, TCP, UDP etc. everything this device might use through a VPN interface? I've tried a couple of things and its not working.

If the above doesn't work I do have space to put another NIC in the router. Whilst I'd rather not spend the money, if that is the only way to do it I'm open to that too.

Thanks

andrew44 07-14-2012 11:15 AM

I see lots of views on this but no answers, do I need to rephrase the question? Or am I asking something that cant be done?

SuperJediWombat! 07-18-2012 03:40 AM

Your question is not very clear. It would help if you could draw up a basic network diagram showing the configuration that you are hoping to achieve.

Do you currently have a VPN connection to the foreign country you have specified?

Lexus45 07-18-2012 04:34 AM

There's an option in OpenVPN server configuration file, which allows to pass all client's traffic through the VPN link, making it a default gateway.
http://openvpn.net/index.php/open-so....html#examples

Code:

# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# the TUN/TAP interface to the internet in
# order for this to work properly).
# CAVEAT: May break client's network config if
# client's local DHCP server packets get routed
# through the tunnel.  Solution: make sure
# client's local DHCP server is reachable via
# a more specific route than the default route
# of 0.0.0.0/0.0.0.0.
;push "redirect-gateway"


andrew44 07-18-2012 11:25 PM

Thanks for the replies. I found a solution this afternoon, sourced based routing.

http://www.wlug.org.nz/SourceBasedRouting

http://www.tipsfortux.com/?p=10

It wasn't exactly what I wanted but it will do the job; I think the ideal would be destination based routing but I will look into that in the future.

Thanks for the replies.


All times are GMT -5. The time now is 03:47 PM.