Link to home
Start Free TrialLog in
Avatar of http:// thevpn.guru
http:// thevpn.guruFlag for Denmark

asked on

Manage Traffic To OpenVPN Server

Hi All

I have installed the OpenVPN server and I have installed the openvpn gui on XP SP2 the client connects successfully..I need to achieve the following scenario..I want some traffic to some specific server to go through the VPN server while I want all other Internet traffic to go through the ISP.

Route A : XP   VPN Interface 10.0.8.6---> 10.0.8.1 (VPN Interface) + (80.80.80.80 public IP + Interface) VPN Server --> Servers with same public IP subnet like VPN server
Route B:  XP ethernet Interface class C IP --> Gateway --> ISP --> Internet

I want to start the VPN connection and have all traffic to my pulic servers routed through VPN and all the traffic for the Internet to pass through the ISP.

I have used the redirect-gateway directive but that did pipe all traffic to the Internet through the VPN server.

I have used push 'route 80.80.80.0 255.255.255.0' that allowed me to pipe Internet traffic through the ISP but all traffic to 80.80.80.0/24 timed out even though I have masquerading and ip forwarding enabled on the OpenVPN server..

Any suggestions ?

Thanks
ASKER CERTIFIED SOLUTION
Avatar of arrkerr1024
arrkerr1024
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of http:// thevpn.guru

ASKER

I would really prefer a server side solution because this VPN client is going to be distributed to more than 30 users...I liked the static route idea..if I add static routes on my servers telling them to send traffic to 10.0.0.0/24 to the VPN server would that work..?

I have done research..please check with me the following

I am on a network and the OpenVPN is on the Internet on another network with no push options and gateway redirects..I can ping 10.8.0.1 from the client if I establish a VPN network connection, and if I trace the connection to the public IP of the server it goes through my ISP>

If I do push 80.80.80.0 255.255.255.0 my public network then I can neither ping 10.8.0.1 nor 80.80.80.10 the VPN server although the routing table of the OpenVPN server has an entry to send data to the 10.8.0.0/24 network through tun 0

[root@localhost ~]# route -n | grep 10.8.0
10.8.0.2        0.0.0.0         255.255.255.255 UH    0      0        0 tun0
10.8.0.0        10.8.0.2        255.255.255.0   UG    0      0        0 tun0

So it should know that packets coming from 10.8.0.0/24 should be sent back through tun0..right ?

And


tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet addr:10.8.0.1  P-t-P:10.8.0.2  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

As for the client routing table..

C:\Documents and Settings\ali.jawad>netstat -r

Route Table
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 19 b9 24 df 85 ...... Broadcom NetXtreme 57xx Gigabit Controller - Pac
ket Scheduler Miniport
0x3 ...00 ff 0a 6e 17 9b ...... TAP-Win32 Adapter V8 - Packet Scheduler Miniport

0x4 ...00 ff db 1b 6a d1 ...... TAP VPN Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.176       20
         10.8.0.1  255.255.255.255         10.8.0.5        10.8.0.6       1
         10.8.0.4  255.255.255.252         10.8.0.6        10.8.0.6       30
         10.8.0.6  255.255.255.255        127.0.0.1       127.0.0.1       30
   10.255.255.255  255.255.255.255         10.8.0.6        10.8.0.6       30
     80.80.80.0    255.255.255.0         10.8.0.5        10.8.0.6       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
      192.168.0.0    255.255.255.0    192.168.0.176   192.168.0.176       20
    192.168.0.176  255.255.255.255        127.0.0.1       127.0.0.1       20
    192.168.0.255  255.255.255.255    192.168.0.176   192.168.0.176       20
        224.0.0.0        240.0.0.0         10.8.0.6        10.8.0.6       30
        224.0.0.0        240.0.0.0    192.168.0.176   192.168.0.176       20
  255.255.255.255  255.255.255.255         10.8.0.6               4       1
  255.255.255.255  255.255.255.255         10.8.0.6        10.8.0.6       1
  255.255.255.255  255.255.255.255    192.168.0.176   192.168.0.176       1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None


Thanks