IP cloaking for OpenVPN and/or IPsec

[MatFuz]

Hi all,
I've had a look, but can't seem to find specifically the answer in the other discussions, so I'm sorry if this has been covered before...

I need a VPN tunnel to keep my home IP when travelling in order to access Netflix etc, so I guess I simply need to know what variations are required from the standard documented OpenVPN and IPsec setups are required to ensure all internet traffic passes through the VPN interface through to the remote client.

Thanks for any help!

[bartjsmit]

In the OpenVPN server configuration, enable 'Redirect Gateway' to ensure all client IPv4 traffic goes through the tunnel. For IPv6, add this to 'Advanced' to get the same result:

push "route-ipv6 2000::/3"

Bart...

[MatFuz]

Hi Bart,
Thanks for the reply - I've tried this a couple of times with Redirect Gateway, and I get a connection and can still access my home network, but now cannot access the internet. Is this a DNS setting issue, or do I need additional firewall rules?

Thanks for any help.

Matt

[MatFuz]

By the way, I am using the directions given in the SSL VPN road warrior set-up without OTP settings, and simply clicking the Redirect Gateway box.

[bartjsmit]

To exclude DNS, do a traceroute to 8.8.8.8. What are your DNS settings in the OpenVPN server?

Bart...

[fabian]

I would use "cat /etc/resolv.conf" on the host to find out, which DNS servers are used. I would prefer in general to use tcpdump / wireshark for debugging reasons to see what is going on.

[MatFuz]

Hi All, just wanted to say thanks for everything, but I have solved the issue: it's the DNS settings. Specifically that Windows clients needed to be forced to refresh the DNS servers. Once that was checked the system works perfectly. Thanks for the help!