11

I have installed OpenVPN server on Archlinux and am now using OpenVPN GUI on Windows 7, I can talk to other computers connected through the VPN but I have not yet figured out how to route all traffic through the tunnel.

How do I do this? I figured I need to do it with route ( cmd command ) but I think i need some pointers here.

I've followed the OpenVPN HowTo on the matter but that doesn't work, it simply doesn't push the "force the client to go through this gateway"-option.

And changing from OpenVPN to a PPTP / IPSec alternative is not an option at the moment.

Improve this question

4 Answers 4

Reset to default
2

Set the VPN Interface as your def gateway (making sure it's up)...

In Linux this would be something along the lines of (of a.b.c.d is the address of your VPN interface):

sudo ip route replace 0.0.0.0/0 via a.b.c.d

Or you can use "/sbin/route" but the syntax is slightly different.

If you want this to persist through reboots you can add it to /etc/rc.local but you probably want to use the specific method for your distribution. I see you are using Arch Linux so the file you want to edit for a permanent static route added at boot is /etc/rc.conf. Check here for more info.

Good Luck!

=====================

I just wrote this answer and then re-read the question....

For Windows you want to do this (on a command line):

route add 0.0.0.0 mask 0.0.0.0 a.b.c.d

or possibly:

route change 0.0.0.0 mask 0.0.0.0 a.b.c.d

Improve this answer
1
  • While this answer does provide information about adding routes in Windows (in general), it's far inferior to Erics answer given the OpenVPN context.
    – MBender
    Commented Sep 25, 2018 at 10:28
15

On Windows Vista and subsequent, it is often necessary to tell OpenVPN:

route-method exe
route-delay 2

Otherwise the routes cannot be set.

Then I recommend not to change your routes manually but to use the OpenVPN dedicated setting:

redirect-gateway def1

There is a big difference between the two: your route interferes with the default one and when your local DHCP renews your lease or something, it might restore the original default route and mess things up. The redirect-gateway def1 rather installs two routes: 0.0.0.0/1 and 127.0.0.0/1. It leaves the default route, is more specific so has precedence over the default and is easily removed.

Improve this answer
2
  • 1
    redirect-gateway def1 did the trick for me after running OpenVPN as admin.
    – EnigmaRM
    Commented Dec 19, 2014 at 22:14
  • Excellent description of something that I found quite peculiar at first glance. Thank you
    – regulatre
    Commented Oct 24, 2015 at 13:22
1

In the OpenVPN config file, have you tried changing the "redirect-gateway" to "redirect-gateway def1"?

Improve this answer
2
  • Yes I have, as I said, I've done what the HowTo said and it is still not wokring.
    – Filip Ekberg
    Commented Mar 15, 2010 at 11:58
  • redirect-gateway should work. Can you post route print output, and also openvpn client output. In there you should see if the default route gets replaced.
    – Robert Ivanc
    Commented May 21, 2010 at 17:01
1

Don't forget to do:

echo 1 > /proc/sys/net/ipv4/ip_forward
Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .