Answer the question
In order to leave comments, you need to log in
How to redirect traffic in OpenVPN?
Good afternoon.
To protect against provider tricks, I set up an OpenVPN tunnel from the router. Everything would be fine, but when OpenVPN is running, there are problems: I can’t access my devices from the outside, the speed leaves much to be desired (with the same configs on the computer, the speed is 25-30mbit, on the router 10-15), and VPN is a hindrance for online games ( only ping adds). I have a NAS with Ubuntu Server 14.04 installed. And that's what I came up with an idea ... Install OpenVPN on the NAS and configure it so that it works like a proxy, i.e. if I prescribe a proxy 192.168.1.8:port (IP NASa) in the browser, then the browser traffic goes through the OpenVPN tunnel, and where the proxy is not explicitly registered, it will work directly. That's just the question - how to do it?
Answer the question
In order to leave comments, you need to log in
Uff. Well, you muddied =)
Option one - a proxy is raised on the NAS, for the entire NAS the main gateway is the far end of the VPN tunnel. According to this scheme, you connect to a proxy on the NAS, which sends all traffic to the tunnel, and then it depends on the tunnel settings.
Option two - a proxy is raised somewhere, you connect to the NAS on which port forwarding is made, to the same proxy.
And if you do this:
1. On a NAS with Ubuntu Server 14.04 installed, an openvpn client is configured to a remote server. Now all traffic from it is wrapped in a vpn tunnel.
2. On the working machine, run ssh in Socks-proxy mode:
habrahabr.ru/post/122445
We get the opportunity in the same browser to specify the local port to which ssh sock-proxy is forwarded as a proxy.
You asked and answered yourself =)
0. You just have a router at home, without any vpn-s.
1. Somewhere remotely there is a vpn server.
2. US is a VPN client for a remote server (through your regular router). All outgoing traffic from US to the Internet goes only to the VPN tunnel (the home network 192.168.0.0/24 is not touched).
3. A squid has been raised on US, the rules are allowed to serve your internal LAN.
4. On devices that require VPN access, you simply enter the NASA IP (proxy).
Of course, there are disadvantages:
In the VPN tunnel, you can send only applications that can work through a proxy, or all traffic from a specific device (for example, all phones can be sent through VPN by default). But we need to tweak a bit.
But if you take the information from your question, this will not be a minus.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question