I'm running OpenVPN service on both debian server and client. When start connection between client and server, I expect all the computer traffic (except ARP and DHCP requests) go through created tunnel. However, when I capture packets on wlan0 on client (the only connection going outside host) using Wireshark, I can see DNS requests visible and sometimes incoming TCP traffic as well, but most of the traffic is going through tunnel as expected. I provide both configurations of client and server and client routing table for inspection. I changed server address to avoid server exploitation in the case of some big configuration mistake.
Commands to run OpenVPN services are:
Code: Select all
For client: sudo openvpn --config /etc/openvpn/client.conf &
For server: sudo openvpn --config /etc/openvpn/server.conf &
Code: Select all
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 192.168.1.1 0.0.0.0 UG 1024 0 0 wlan0
192.168.1.0 * 255.255.255.0 U 0 0 0 wlan0
Code: Select all
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 10.0.1.5 128.0.0.0 UG 0 0 0 tun0
default 192.168.1.1 0.0.0.0 UG 1024 0 0 wlan0
132.220.56.210 192.168.1.1 255.255.255.255 UGH 0 0 0 wlan0
10.0.1.1 10.0.1.5 255.255.255.255 UGH 0 0 0 tun0
10.0.1.5 * 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.0.1.5 128.0.0.0 UG 0 0 0 tun0
192.168.1.0 * 255.255.255.0 U 0 0 0 wlan0
Code: Select all
script-security 3
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
remote-cert-tls server
log-append /var/log/openvpn.log
client
tls-client
dev tun
proto udp
remote 132.220.56.210
port 1194
resolv-retry infinite
nobind
persist-key
persist-tun
ca /etc/openvpn/certs/ca.crt
cert /home/user1/VPS/VPN/user1.crt
key /home/user1/VPS/VPN/user1.key
comp-lzo
verb 3
cipher AES-256-CBC
user nobody
group nogroup
Code: Select all
mode server
tls-server
port 1194
proto udp
dev tun
server 10.0.1.0 255.255.255.0
ca /etc/openvpn/ca.crt
cert /etc/openvpn/server.crt
key /etc/openvpn/server.key
dh /etc/openvpn/dh1024.pem
log-append /var/log/openvpn.log
status /var/run/vpn.status 10
user nobody
group nogroup
keepalive 10 120
comp-lzo
verb 3
cipher AES-256-CBC
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
persist-key
persist-tun
Can anybody please give me a hint? Thank you.