Getting your VPN link up and running, while infinitely satisfying, is something of a letdown. Sure your connection is unlikely to be spied on, but without some proper configuration, that shiny new OpenVPN link of yours is borderline useless. Follow along as we show you how to get the most out of your new, stealthy mode of communication.
Clearing the first hurdle
As we covered earlier, setting up an OpenVPN server/client connection is straightforward in practice, if a bit tedious. You have undoubtedly noticed that it lacks any sort of immediate reward as its functionality is very limited without putting some further effort into configuring your setup for some useful activities.
One of the most common and useful activities for such a link is secure Internet access from any connection that your user happens to be on. Whether it's freely supplied wireless from the seediest of locales to their very own home network, you're certain to keep their web traffic hidden from prying eyes and your company's data secure.
The unfortunate downside to such a setup is an inherent delay in relaying your web requests to your OpenVPN server over your user's connection for it to handle data requests and pipe them back over that same connection to your user. If your connection speeds are up to the task it's a tolerable proposal but many clients using the same server can lead to the same bandwidth issues as anyone directly connected to your physical network.
This can also lead to issues with latency sensitive applications, such as VoIP, adding quite a few more hops between your user and their desired service is likely to introduce unintended results to their service experience, which will take some getting used to and could lead to disruptions.
Laying the groundwork
Oddly enough, piping your clients' traffic through your server requires just a few modifications to your server's OpenVPN configuration file. The first setting will inform your clients to forward all of their communications through the server regardless of the protocol.
push "redirect-gateway def1"
Add the line to your Windows OpenVPN server's config file, if your server and client are both residing on the same wireless network you'll want to use the following line instead:
push "redirect-gateway local def1"
As the OpenVPN server is now solely in charge of your clients' traffic you'll want them to have a working DNS server as they're no longer relying on the one their normal ISP's supplied them. Adding the next line should point them to use the machine as its new DNS server:
push "dhcp-option DNS 10.8.0.1"
We're still sticking with the default 10.8.0.1 IP address for the OpenVPN server, you'll want to change it to whichever address you decided on for your server earlier.
Loading Comments...