Routing all Traffic through OpenVPN Tunnel

I have installed OpenVPN server on Archlinux and am now using OpenVPN GUI on Windows 7, I can talk to other computers connected through the VPN but I have not yet figured out how to route all traffic through the tunnel.

How do I do this? I figured I need to do it with route ( cmd command ) but I think i need some pointers here.

I've followed the OpenVPN HowTo on the matter but that doesn't work, it simply doesn't push the "force the client to go through this gateway"-option.

And changing from OpenVPN to a PPTP / IPSec alternative is not an option at the moment.

Filip Ekberg

Posted 2010-03-15T10:07:39.670

Reputation: 591

Answers

Set the VPN Interface as your def gateway (making sure it's up)...

In Linux this would be something along the lines of (of a.b.c.d is the address of your VPN interface):

sudo ip route replace 0.0.0.0/0 via a.b.c.d

Or you can use "/sbin/route" but the syntax is slightly different.

If you want this to persist through reboots you can add it to /etc/rc.local but you probably want to use the specific method for your distribution. I see you are using Arch Linux so the file you want to edit for a permanent static route added at boot is /etc/rc.conf. Check here for more info.

Good Luck!

=====================

I just wrote this answer and then re-read the question....

For Windows you want to do this (on a command line):

route add 0.0.0.0 mask 0.0.0.0 a.b.c.d

or possibly:

route change 0.0.0.0 mask 0.0.0.0 a.b.c.d

wawawawa

Posted 2010-03-15T10:07:39.670

Reputation: 249

While this answer does provide information about adding routes in Windows (in general), it's far inferior to Erics answer given the OpenVPN context. – Shaamaan – 2018-09-25T10:28:16.717

On Windows Vista and subsequent, it is often necessary to tell OpenVPN:

route-method exe
route-delay 2

Otherwise the routes cannot be set.

Then I recommend not to change your routes manually but to use the OpenVPN dedicated setting:

redirect-gateway def1

There is a big difference between the two: your route interferes with the default one and when your local DHCP renews your lease or something, it might restore the original default route and mess things up. The redirect-gateway def1 rather installs two routes: 0.0.0.0/1 and 127.0.0.0/1. It leaves the default route, is more specific so has precedence over the default and is easily removed.

Eric Darchis

Posted 2010-03-15T10:07:39.670

Reputation: 1 178

1redirect-gateway def1 did the trick for me after running OpenVPN as admin. – EnigmaRM – 2014-12-19T22:14:30.203

Excellent description of something that I found quite peculiar at first glance. Thank you – regulatre – 2015-10-24T13:22:37.847

In the OpenVPN config file, have you tried changing the "redirect-gateway" to "redirect-gateway def1"?

CGA

Posted 2010-03-15T10:07:39.670

Reputation: 3 767

Yes I have, as I said, I've done what the HowTo said and it is still not wokring. – Filip Ekberg – 2010-03-15T11:58:16.177

redirect-gateway should work. Can you post route print output, and also openvpn client output. In there you should see if the default route gets replaced. – Robert Ivanc – 2010-05-21T17:01:41.213

Don't forget to do:

echo 1 > /proc/sys/net/ipv4/ip_forward

user36218

Posted 2010-03-15T10:07:39.670

Reputation: 111