Routing web traffice via VPN

[cranus]

Hi

I am trying to route my web traffice over my openvpn connection to the another networks gateway.

I have an local net account at home and an international net account at work.

I have established a site to site vpn connection in which all pcs can access either subnet. Now since I have a local only account I am trying to route my international or all web trafic via to vpn to the international gateway at work

I can ping both gateways from any machine on my network
I just need help with the routing info
I am using linux centos boxes for the vpn
IPFORWORDING is set to 1 on both boxes

NETWORK TOPOLOGY

NETWORK A -10.8.0.1(VPN SERV IP) --- 10.8.0.6(VPN CLIENT) -NETWORK B

NETWORK A ----------- NETWORK B
192.168.1.0/24 ----------- 192.168.5.0/24
GW 192.168.1.1 ------------GW 192.168.5.1
International ISP account ------------ LOCAL ISP account


any help would be appriciated

thanks

 

[ambo]

In the routing table of the box at your house:
Add a default route and use the IP of the box at work as the gateway.

If the VPN is working then the return routing should be fine.

Then just check that the box at work has firewall rules that allows the VPN to use its WAN and make sure that the NAT'ting on the box is configured for both the local and remote subnets.

 

[magneto]

u will have enble this setting on yor openvpn server...
# If enabled, this directive will configure
# all clients to redirect their default
# network gateway through the VPN, causing
# all IP traffic such as web browsing and
# and DNS lookups to go through the VPN
# (The OpenVPN server machine may need to NAT
# the TUN/TAP interface to the internet in
# order for this to work properly).
# CAVEAT: May break client's network config if
# client's local DHCP server packets get routed
# through the tunnel. Solution: make sure
# client's local DHCP server is reachable via
# a more specific route than the default route
# of 0.0.0.0/0.0.0.0.
;push "redirect-gateway"

and do the route so that clients on Network B access int via network A..

that should be it...

 

[cranus]

Re: ROUTING...

I a noob when it comes to routing so I be needing some help with that

In theory just by adding some routing instructions it should work. I would like to try that first before touching the openvpn server code.


I would like to try ambos method first

I have disabled the firewalls on both linux boxes

so on network B routing code
I would just add a the following


route add -net default netmask 255.255.255.0 gw 192.168.1.1?

note the above may be wrong so please correct me if its incorrect.
how would you nat the boxes.

I forgot to mention in initial post
NETWORK A
VPN BOX IP 192.168.1.110

NETWORK B
VPN BOX IP 192.168.5.111

thanks for the lead to sovling this problem.

zak

 

[magneto]

what is 192.168.1.1?? router??

 

[cranus]

yes..

192.168.1.1 and 192,168.5.1 are the routers for its respective networks

The routers are the default gateways atm.


cranus

 

[magneto]

if u do that way u will prob have to add route on router A for it 2 know how to get back to B network...


r u the only one using the vpn for this purpose??

 

[cranus]

I would like it to work for any client(PC) on network B
I've already added a route to networks Bs subnet to get the vpn subnet to subnet .

here is my routing table for networks A router
Destination IP Address Subnet Mask Default Gateway Hop Count Interface
196.209.1.1 255.255.255.255 * 40 ppp0
196.209.1.1 255.255.255.255 * 41 ipsec0
168.X.X.X 255.255.255.255 196.209.1.1 40 ppp0
196.14.X.X 255.255.255.255 196.209.1.1 40 ppp0
196.209.X.X 255.255.255.255 * 40 ppp0
196.209.X.X 255.255.255.255 * 41 ipsec0
192.168.5.0 255.255.255.0 192.168.1.110 15 ixp0
192.168.2.0 255.255.255.0 196.209.1.1 10 ipsec0
10.8.0.0 255.255.255.0 192.168.1.110 15 ixp0
192.168.1.0 255.255.255.0 * 50 ixp0
default 0.0.0.0 196.209.1.1 40 ppp0

 

[MobileAllOver]

edit undo...

The default Gateway should point to your normal PPP connection.
Static routes to subnets on your VPN connection as described