1

How to make a VPN client a gateway?

Those. it is necessary that requests from the server go through the connected client.

Now I have:

client.ovpn

client
dev tun
proto tcp
remote X.X.X.X 1194
resolv-retry infinite
nobind
user nobody
group nogroup
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-CBC
auth SHA256
verb 3
key-direction 1
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
<ca>...</ca>
<cert>...</cert>
<key>...</key>
<tls-auth>...</tls-auth>

server.conf

port 1194
proto tcp
dev tun
ca ca.crt
cert server.crt
key server.key                                   
dh dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist /var/log/openvpn/ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
keepalive 10 120
tls-auth ta.key 0                      
cipher AES-256-CBC
auth SHA256
user nobody
group nogroup
persist-key
persist-tun
status /var/log/openvpn/openvpn-status.log
verb 3
explicit-exit-notify 0

With this configuration, requests from the server do not pass.

ping 8.8.8.8 -I tun0
PING 8.8.8.8 (8.8.8.8) from 10.8.0.1 tun0: 56(84) bytes of data.

curl --interface tun0 -v ipinfo.io
* Rebuilt URL to: ipinfo.io/
*   Trying 216.239.38.21...
* TCP_NODELAY set

Any advice would be appreciated.

user3488070
  • 49
  • 5

1 Answers1

0

Try to modify Registry Entry to allow IP forwarding:

 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
 IPEnableRouter=1
Valentino
  • 33
  • 1
  • 6
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Mar 29 '22 at 15:43