OpenVPN and gateway on linux

Question

I have home server with Debian installed

When I turn on openvpn it creates new interface - tun0

It also adds some routing rules for that interface, including 0.0.0.0/1 via 192.168.101.1 dev tun0, but I always delete this rule to make eth0 default interface so everything goes via it by default

I want to setup that server as gateway, and make all data forward from eth0 to tun0

Then I could just change default gateway to server's ip on any device in lan to use vpn

And the question is how can I do this?

Why are you deleting this route? Do you not want half your traffic routed through the VPN? — Michael Hampton, Aug 27 '15 at 15:33
@MichaelHampton I want to route through the VPN only traffic which comes from device which doesn't have enough power to run openvpn client — stek29, Aug 27 '15 at 15:36
Your OpenVPN config is *seriously* boned, amongst other things, if it's dropping /1 routes when you don't want to default route out through the VPN. — womble, Aug 28 '15 at 02:34

stek29 · Accepted Answer · 2015-08-27T16:06:18.860

1

I found answer to my question:

Start OpenVPN:

openvpn --config /path/to/config.file &

Wait until it successfully connects:

until ip l sh tun0 >/dev/null 2>&1 ; do sleep 1; done

Delete rule which makes tun0 default interface:

ip route del 0.0.0.0/1 via 192.168.101.1 dev tun0

Enable ip forwarding:

sysctl -w net.ipv4.ip_forward=1

Enable and configure NAT:

iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

iptables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT

iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT

edited Aug 27 '15 at 16:06

answered Aug 27 '15 at 15:32

stek29

119
1
5

@peterh I should wait 2 days before I could do this – stek29 Aug 29 '15 at 13:17

OpenVPN and gateway on linux

1 Answers1