I occasionally connect to the internet using public wifi networks at coffee shops and the airport. I know they are not secure networks and I'd like to ensure that when I am on them all my traffic is routed through a secure connection.
I have a Windows 7 x64 machine which I'm trying to setup as an OpenVPN 2.1.3 server. I have successfully configured it and can establish a connection using the client on a different computer.
When connecting from the client I'd like to have all the traffic routed through the OpenVPN server. When I enable the push "redirect-gateway def1" option I can not connect to any sites using the client. The documentation states that if I am using Linux I'd need enable NAT using iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE Unfortunately I'm not using Linux (though if I have to I'll set his up on a linux VM).
How do I configure OpenVPN and Windows so that the redirect-gateway works? Here is my OpenVPN Server config:
port 443
proto udp
dev tun
ca C:/PROGRA~2/OpenVPN/easy-rsa/keys/ca.crt
cert C:/PROGRA~2/OpenVPN/easy-rsa/keys/server.crt
key C:/PROGRA~2/OpenVPN/easy-rsa/keys/server.key # This file should be kept secret
dh C:/PROGRA~2/OpenVPN/easy-rsa/keys/dh1024.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 10.8.0.1"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
Thanks,
Martin
Best Answer
I believe the Windows terminology for "IP packet forwarding with MASQUERADE/SNAT" is "Internet Connection Sharing". Configure ICS on your Windows 7 x64 box, and you should then be able to see the internet from your VPN client.