This hack will enable your client machines to basically use the internet entirely through the vpn.

On the server add the following to your openvpn config file:

 push "redirect-gateway def1" 
 push "dhcp-option DNS"

If your vpn is for example your home gateway, you’ll definitely want to use the gateway address.
If your vpn server is on a remote server somewhere and it doesn’t run its own dns server or you don’t have a dns server running on the vpn network, you’ll want to just use a public dns server address such as Google’s

Then on the server, you need to enable forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

And enable masquerading of packets:

iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE  

Where is your vm network and eth0 is the main external interface of the server.

More here:

Blog Logo

Mario Loria




Because gets old after a while.

Back to Overview