Ok, so i have a VPN client (MikroTik) connected to a VPN Server (whatever), and the VPN client with an IP of say 192.168.1.1 is our PC’s gateway… right bog standard!
For what ever reason i want to route all my “internet” traffic via the VPN.
Now i cannot add another default route something like: dst:0.0.0.0/0 gw: pptp-out1 since the router its self needs a default gateway to be able to establish the VPN in the first place.
So how do i identify only the “public internet” traffic? like it should exclude 192.168… etc etc I think its called A class network? (I can always specify an 10.0.0.0 range ips if im using any).
I want to put some clever network in like: Dst Address : X.Y.Z.0/A gw: pptp-out1
This would then identify any traffic heading for the internet and route it out via the VPN.
then mark all interent traffic (and exclude traffic which has private ip as destination (assume that you lan interface is ether1-LAN, and you lan range is 192.168.1.0/24), be careful → dst-address list has “!” mark which means everthing except private ip addresses (inversion)
step three create def route for that traffic (traffich which has routing mark traffic_for_VPN in step 2) and changee your gateway (in my case it is pptp-out1):
is here way, how to route to vpn also the traffic from the router itself? It means that all communication from LAN network and also from router will be routed to vpn?
I have configured properly routing from LAN network to VPN, but I’m not able to set up routing for router itself.
is here way, how to configure also communication of router itself be routed to vpn? It means whole communication from LAN and from router itself will be routed to VPN.
Currently, I have configurated routing for LAN network to VPN, but I’m not able to configure routing for router itself.
Is this at the same time way to prevent any traffic to go skipping VPN? I want to be sure that specific traffic is not possible outside VPN. In other words If the VPN is not available etc. the traffic is not possible.
I have the same problem but dont udnerstand anything into Linux. Have already installed vps on openvz vps + installed obfs on client/server. Now i need someone help who can do what’s described on second post cause i wanna setup all my router traffic goes through remote vpn. Can anyone help to me? My skype id - parsi19881
Hi,
I am new here so hello everyone!
I have bought new MikroTik router from Lithuania and I configured it as vpn client. Now I am trining to redirect all my wi-fi devices to use openvpn interface as main gateway so the entire traffic would be trough vpn in Poland. The reason is because I am using vpn in Poland and I would like to watch some services not available abroad. Thank you in advance.
[quote=davidand post_id=818728 time=1600871545 user_id=170714]
Is there any way to enhance the configuration below with a protection so that when a VPN connection is down, no packets are forwarded via the default gateway, - in other words, enforcing using the VPN connection?
[/quote]
Sure. The key is to add a type=blackhole default route with routing-mark=traffic_for_VPN and distance=20. While the VPN’s virtual interface is active, the route through it (with a default value of distance which is 1) will be used; whenever that interface goes down and the route using it becomes inactive, the blackhole route becomes active.
Currently, as there is no other route in the routing table traffic_for_VPN, routing uses routing table main as a fallback.
PPTP has not been considered secure since years, so if you are really serious about privacy, don’t use it.