OpenVPN redirect-gateway does not work on Windows 7?

Question

i have set up openvpn, and it works. pinging from client to server and backwards works just fine. but now i wanted to redirect all the clients traffic through the vpn. so i did the following steps as mentioned in the docs.

on serverside:

in server.conf i put push "redirect-gateway def1"

and i enabled routing via iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

on clientside:

actually nothing, server does it all for the client, i start it on win7 with: openvpn.exe --config client.ovpn

now my routing table looks like this, Realtek is my physical network interface card and the physical gateway is 192.168.2.1. My pc's ip is 192.168.2.199:

http://pastebin.com/1XPVVeab

When using "push redirect-gateway" instead in the server.conf it looks like that:

http://pastebin.com/gPkupPSz

Both are not working, what am i doing wrong? I can't ping the gateway 10.8.0.5, but the vpn can't either ping it's gateway. I can ping vpn 10.8.0.1.

What i dont understand is, what the heck is the gateway 10.8.0.5?

Answer 1

In my experience, you need to run OpenVPN (or OpenVPN GUI, depending on how you're invoking it) with full Admin permissions. The redirect-gateway directive basically modifies the routing table, so OpenVPN is going to require elevated privileges to do that.

Ignore the 10.8.0.5. That's OpenVPN's point-to-point-ness showing. It's used internally by the service.

As said, the important thing is to run OpenVPN with Administrative rights. You have to elevate your command prompt, or OpenVPN GUI, or your service.

Answer 2

I've searched everywhere on the Internet to no avail for the right solution to this problem, until I got here.

After running the OpenVPN GUI with elevated administrative access, the problem was solved. Just running the application as administrator got everything right.

Thank you for sharing your experience.