Wonder if you guys can help with this one.
I've setup and generated the Torguard VPN config and put it into /etc/openvpn as with all the others.
It connects (had to put route-nopull into the torguard config else it would kill my entire network. No webpages would load)
I would like to only send HTTP and HTTPS traffic over the Torguard VPN connection, leaving my games to run on the normal line, eno1 (External), for lower pings.
Im having no luck :/ VPN connects but cant forward traffic over it.
This is what i've tried so far, but with no luck:
Any ideas would be helpful.
Thanks!
I've setup and generated the Torguard VPN config and put it into /etc/openvpn as with all the others.
It connects (had to put route-nopull into the torguard config else it would kill my entire network. No webpages would load)
I would like to only send HTTP and HTTPS traffic over the Torguard VPN connection, leaving my games to run on the normal line, eno1 (External), for lower pings.
Im having no luck :/ VPN connects but cant forward traffic over it.
This is what i've tried so far, but with no luck:
iptables -I POSTROUTING -t nat -o tun2 -j MASQUERADE
ip route add default dev tun2 table 200
ip rule add fwmark 11 table 200
iptables -t mangle -I PREROUTING -p tcp --dport 80 -j MARK --set-mark 11
iptables -t mangle -I PREROUTING -p tcp --dport 443 -j MARK --set-mark 11
Any ideas would be helpful.
Thanks!
In OpenVPN
Share this post:
Responses (3)
-
Accepted Answer
DNS leaks can be caused by using ClearOS as your DNS server. On your client, try setting the DNS server to 8.8.8.8 and 8.8.4.4 (GoogleDNS) and see if you still get a leak. the downsides will be that all your lookups may go through the tunnel and you won't be able to resolve LAN host names. If it works, you can intercept DNS lookups with the firewall and redirect them to GoogleDNNS instead. This can be scripted. -
Accepted Answer
-
Accepted Answer
I am not sure why you are masquerading your traffic.
Download the app-ibvpn-core from clearos-contribs and have a look at the route-up.sh script for some ideas. They do not use any marking, but they do play with routing tables. I think in the app you set a list of LAN IP's which you want to use the VPN for and the script runs against those IP's. I am not sure the best way to handle the different ports, but have a look at the openvpn configuration in the zip file on this post. It looks like OpenVPN/ibVPN here only runs against four ports.
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »