Router has white IP. I've set VPN Client connection to OpenVPN server via UDP and can see it is successful.
Below is server config.
Code: Select all
port 1194
proto udp
dev tun
user nobody
group nogroup
persist-key persist-tun
keepalive 10 120
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "redirect-gateway def1 bypass-dhcp"
dh dh.pem
crl-verify crl.pem
ca ca.crt
cert server_xcVehZegEHjE22An.crt
key server_xcVehZegEHjE22An.key
auth SHA256 cipher AES-256-CBC
ncp-ciphers AES-256-CBC
tls-server tls-version-min 1.2
tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
client-config-dir /etc/openvpn/ccd
status /var/log/openvpn/status.log
verb 3
Code: Select all
client
proto udp
explicit-exit-notify
remote FQDN 1194
dev tun
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_xcVehZegEHjE22An name
auth SHA256
auth-nocache
cipher AES-256-CBC
tls-client tls-version-min 1.2
tls-cipher TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
ignore-unknown-option block-outside-dns
setenv opt block-outside-dns
verb 3
I can see new Address in Address List and Routes when VPN connection is set.
I added Mangle Rule with chain prerouting to mark routing from some IPs in local network 192.168.1.0 with New Routing Mark - vpn.
I added NAT Rule with chain srcnat with Src. Address from 192.168.1.0 with action masquerade. But traffic from devices that are added into this NAR rule are still going not through VPN connection.
I guess that I need to add routing between 192.168.1.0 and 10.8.0.0 networks, but I have no clue how to do it.
Can someone advise what I need to add more into NAT to make it work?