How can I force all traffic to go through OpenVPN connection

6

2

I'm using a VPN connection provided by a commercial company. This provides me with a static IP.

There's an external database server I want to connect. The db server is configured to allow connections from whitelisted IP addresses. The VPN's IP Address is whitelisted.

I run a local IIS webserver and it must connect to an external database. However, the connection is blocked because Windows is not using the VPN connection for IIS.

I don't have access to db server configuration or VPN server configuration.

As an experiment, I created a virtual machine, installed a copy of the iis site. The virtual machine uses the host vpn connection. This way, the new iis website connects correctly to the database. This is why I assume the host's iis is not using the vpn connection.

How can I force all traffic to go through OpenVPN connection in windows 10?

chepe263

Posted 2016-03-26T21:35:25.187

Reputation: 341

Answers

10

Add redirect-gateway def1 option to the relevant VPN config file (C:\Program Files\OpenVPN\config\xxx.ovpn). You will need to run OpenVPN client with administrative rights.

You can also use it as a command-line argument like this: --redirect-gateway def1.

This will add a static route to the VPN service you use, remove your current default route and add a default route towards the VPN tunnel. Keep in mind, however, that this could lead to undesirable consequences, such as inability to access resources of your corporate network or your ISP DNS servers when the VPN connection is active. The former could be solved by adding additional static routes for your corporate network, the latter is resolved by using public DNS servers (e.g. Google's 8.8.8.8, 8.8.4.4).

There's some more useful information in documentation.

Queeq

Posted 2016-03-26T21:35:25.187

Reputation: 166

is there a way to add the route by command line? There's no configuration files, a propietary vpn client does it by itself. – chepe263 – 2016-03-27T05:14:49.687

Yes. I've added it to the answer. It is actually weird you have proprietary VPN client. Are you sure this is OpenVPN? VPN services usually provide custom config files for their clients. But proprietary software is something strange. – Queeq – 2016-03-27T08:24:35.767

Asked: 2016-03-26T21:35:25.187

Viewed: 11 536 times

Active: 2016-03-27T08:24:19.390