Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Create an OpenVPN Windows server that proxies internet traffic
Tested on Windows 10 x64, Anniversary Update
17.09.2017

Set up OpenVPN

  1. Set up an OpenVPN connection following this guide

  2. Generate a TA key and place it in the same folder as the other certificates/keys:

openvpn --genkey --secret ta.key
  1. Append the following lines to your server.ovpn profile:
# Route all traffic through VPN
push "redirect-gateway def1"
# Push Google DNS to prevent leak
push "dhcp-option DNS 8.8.8.8"
  1. Append the following lines to your client.ovpn profile:
# Block DNS leak
block-outside-dns

Service tweaks

  1. Open the Services window
  2. Find Routing and Remote Access and set it to: Startup type - Automatic
  3. Start the service

Adapter tweaks

  1. Open the network adapters window
  2. Right-click your internet adapter (e.g. Ethernet) and then: Properties -> Sharing -> Allow other network users to connect through this computer's Internet connection
  3. (if applicable) From the drop-down list select your OpenVPN TAP adapter (e.g. Ethernet 2)

Note: Only one adapter can be shared at a time, so if you don't see the Sharing tab, make sure no other adapter is being shared.

Registry tweaks

Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Value: IPEnableRouter
Type: REG_DWORD
Data: 0x00000001 (1)

Configure a static route (if behind router)

You have to route all packets sent to the client's virtual IP back to the VPN server.

Example using Cisco router:

10.8.0.0 - virtual network subnet
255.255.255.0 - virtual network subnet mask
192.168.1.175 - VPN server internal IP (in the subnet of the router)

router setup

Final OpenVPN tweaks

  1. Right-click openvpn-gui.exe and then: Properties -> Compatibility -> Run this program as an administrator
  2. (optional) Configure the OpenVPN server to start and connect automatically:
"C:\Program Files\OpenVPN\bin\openvpn-gui.exe" --connect server.ovpn
@stefanos-apostolopoulos

This comment has been minimized.

Copy link

stefanos-apostolopoulos commented May 17, 2019

i want to run it as personal vpn server with internet access so these lines inside the server/client .ovpn must be the only one? or add them on sample?

@maoanz

This comment has been minimized.

Copy link

maoanz commented Oct 1, 2019

I have searching around for 2 days until I came to your post, it solves my problem.
I was thinking about configuration of OpenVPN, and there are a lot of post about openvpn configuration.
But in fact it's more about the configuration on windows that hosts the OpenVPN server.
Thanks a lot !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.