Browser Configuration for OpenVPN
Hi All,
I have recently configured OpenVPN on my company VPS, and have set up my Windows openVPN Client. It connects and everything looks good, but Firefox and/or Chrome aren't using my Client's traffic! I don't know what I'm doing wrong. Here are my conf files, could someone help me spot the error of my ways? ==server.conf== # Which local IP address should OpenVPN # listen on? (optional) ;local a.b.c.d port 1194 # TCP or UDP server? ;proto tcp proto udp # the firewall for the TUN/TAP interface. ;dev tap dev tun ca ca.crt cert server.crt key server.key # Configure server mode and supply a VPN subnet # for OpenVPN to draw client addresses from. server 10.8.0.0 255.255.255.0 # Push routes to the client to allow it # to reach other private subnets behind # the server. ;push "route 192.168.10.0 255.255.255.0" ;push "route 192.168.20.0 255.255.255.0" ==Client.conf== client dev tun remote 96.30.**.** 1194 (Actual address not shown) resolv-retry infinite nobind # Try to preserve some state across restarts. persist-key persist-tun ca ca.crt cert james.crt key james.key The OpenVPN Client GUI says "Connected on 10.8.0.10" So I know it's working, just none of my browser requests are being pushed to it. Let me know what I need to do. Thank you in advance! |
Just a shot in the dark.. maybe you should tell the browsers where to look.. like the proxy setup sections..
Also your environment (gnome proxy settings, etc.) may or may not need to be configured for your new set up. |
There is a server side option in the openVPN configuration that will force all traffic through the VPN, by default the behavior is to only route VPN traffic to the VPN.
Code:
# If enabled, this directive will configure |
Solved
Hi all,
Sorry for the long wait in reply. I was able to get this working by forwarding all my traffic through the VPN like this: My configuration is a VPS server running Virtuozzo 3. MASQUERADE is not virtualized on Virtuozzo 3, so I used SNAT instead. Also, most other places had eth0 instead of venet0 on the postrouting iptables command, and my server needed venet0. I made those changes, including my changes in the server.conf file (below), and it works fine. Run the following commands: Code:
iptables -F Code:
# Push routes to the client to allow it I finally got it working! I'm in Mainland China, and am subsequently blocked from youtube, facebook, hulu, twitter, etc... so this was a good way to get access to those sites and services. |
All times are GMT -5. The time now is 03:29 AM. |