-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
All Traffic Going Through VPN #288
Comments
https://github.com/kylemanna/docker-openvpn/blob/master/docs/faqs.md#how-do-i-set-up-a-split-tunnel The client may still choose to send 0.0.0.0/0 traffic through the VPN, but it'll get dropped. |
https://github.com/kylemanna/docker-openvpn#openvpn-details Remove the |
@fsegouin I did try to remove that line from the client config, but then no traffic would make it over VPN and couldn't connect to anything. |
@pieterlange that link to the doc looks promising... I'll have to try that... though would ideally like to not regen the config if possible. I assume that would break existing clients, no? |
You will have to regen your config and usually that does not break existing clients, but you will have to make sure your clients do not have I would like to add that this is all documented and standard openvpn behaviour 🤓 |
This worked by adding the following to
Where @kylemanna would it make sense to add a note on this in the README? I burned a lot of time for something that was a quick fix... and I'd imagine would be a common request to not have all traffic go through VPN by default. Let me know and I can submit a PR if you like. |
Apologies, I spoke too soon.. the above change wasn't enough (no traffic is passing through VPN with that). So my issue is, I guess, that even with |
Hi BJ,
I believe you're after the split tunnel answer from the FAQ:
https://github.com/kylemanna/docker-openvpn/blob/master/docs/faqs.md
HTH,
Andrew
…On 14/08/17 20:39, BJ Dierkes wrote:
Apologies, I spoke too soon.. the above change wasn't enough (no
traffic is passing through VPN with that).
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#288 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AGOz2ayovIl2frvvlHxf6VEWsd5OOoqTks5sYKJXgaJpZM4OK62o>.
|
@andrewrembrandt thanks, you're right... and I've finally got it working, but I still needed to add the following configurations to
Where Regardless... it's working for me now. |
Hi all, I add in iptables of the server: and net.ipv4.ip_forward = 1 the problem is that the client is not able to go in internet (ping 8.8.8.8 doesn't work) Can you suggest me something? |
Hi
However I get two issues:
What am I doing wrong? |
take out the
|
I'm running into this too. I've gone over all the links in the comments but I haven't had any luck? `OVPN_DATA="ovpn-data-SERVERNAME" docker volume create --name $OVPN_DATA docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://VPN.MYDNSNAME -2 -C AES-256-CBC (Have tried this originally) docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_genconfig -u udp://VPN.MYDNSNAME -2 -C AES-256-CBC docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn ovpn_initpki docker run -v $OVPN_DATA:/etc/openvpn -d --name=vpn -p 1194:1194/udp --cap-add=NET_ADMIN kylemanna/openvpn docker run -v $OVPN_DATA:/etc/openvpn --rm -it kylemanna/openvpn easyrsa build-client-full nopass (do you actually type nopass or not --i have and haven't) docker run -v $OVPN_DATA:/etc/openvpn --rm -t kylemanna/openvpn ovpn_otp_user google-authenticator --time-based --disallow-reuse --force --rate-limit=3 --rate-time=30 --window-size=3 docker run -v $OVPN_DATA:/etc/openvpn --rm kylemanna/openvpn ovpn_getclient CLIENTNAME > `CLIENTNAME.ovpn`` |
you have
try adding the word 'route'
|
|
Solved using only ovpn_genconfig: I thank QBIK for the help provided by this guide. |
Thanks for the great answer! You made a small typo however, forgetting ovpn_genconfig. Here's the correct command:
|
Thanks with that information I was able to set up my server to route all traffic through VPN ;) |
I've noticed recently that all traffic is going through the VPN, even though the setting for it is disabled in TunnelBlick. Even if the client setting is disabled, the server or underlying client configuration can override it as if it were enabled.
Do you have any suggestions on ensuring that only traffic destined for the VPN network goes over the VPN?
The text was updated successfully, but these errors were encountered: