I’m trying to set up an OpenVPN server that allows me to connect to my server at home from my laptop when I’m away using an unsecured public Wifi network. I’ve been able to mostly set it up - I’m able to connect to the VPN and talk to my server; however, when I try and browse or ping the Internet on my laptop, it times out.
I’ve tried Googling for the answer, and I’ve set ‘push “redirect-gateway def1”’ in the server.conf file.
I suspect that the issue is in my use of iptables - I’m not 100% clear on how iptables works, and so my attempts to use it have been mostly copying and pasting from online tutorials. Unfortunately, it hasn’t worked. Can anyone tell me how I should use iptables to route the client’s Internet traffic through my server, and if there are any other settings I need to change in order to do so?
Sounds like your VPN is configured by default <correctly> which means that you are connecting <only> to your VPN Server.
This is the <proper> way for all VPNs to connect although as you’ve discovered it poses a problem for VPN clients initially if they want to connect to anything that’s not in the VPN Server’s LAN.
There are 2 solutions to your problem,
The <improper> solution (which rarely stops people from doing it nonetheless)
Configure a “split-vpn” (Should be easy to Google for any VPN technology. What this means is that your VPN client connects to your VPN server for a particular address space, but your default gateway remains your regular, non-VPN ISP gateway. This is considered a serious security issue because an exploit can forward through your VPN client and gain access to your VPN Server’s network.
2/ The <proper> solution
Configure your VPN Server (or as necessary another node) as your new Default Gateway (usually VPN configurations leave the DG blank). This means that your traffic to the Internet is routed through your VPN, through your remote network and then out to the Internet. You will almost certainly experience latencies but is considered best which won’t compromise security.