Tested on Windows 10 x64, Anniversary Update
17.09.2017
-
Set up an OpenVPN connection following this guide
-
Generate a TA key and place it in the same folder as the other certificates/keys:
openvpn --genkey --secret ta.key
- Append the following lines to your
server.ovpn
profile:
# Route all traffic through VPN
push "redirect-gateway def1"
# Push Google DNS to prevent leak
push "dhcp-option DNS 8.8.8.8"
- Append the following lines to your
client.ovpn
profile:
# Block DNS leak
block-outside-dns
- Open the
Services
window - Find
Routing and Remote Access
and set it to:Startup type - Automatic
- Start the service
- Open the network adapters window
- Right-click your internet adapter (e.g.
Ethernet
) and then:Properties -> Sharing -> Allow other network users to connect through this computer's Internet connection
- (if applicable) From the drop-down list select your OpenVPN TAP adapter (e.g.
Ethernet 2
)
Note: Only one adapter can be shared at a time, so if you don't see the Sharing
tab, make sure no other adapter is being shared.
Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Value: IPEnableRouter
Type: REG_DWORD
Data: 0x00000001 (1)
You have to route all packets sent to the client's virtual IP back to the VPN server.
Example using Cisco router:
10.8.0.0 - virtual network subnet
255.255.255.0 - virtual network subnet mask
192.168.1.175 - VPN server internal IP (in the subnet of the router)
- Right-click
openvpn-gui.exe
and then:Properties -> Compatibility -> Run this program as an administrator
- (optional) Configure the OpenVPN server to start and connect automatically:
"C:\Program Files\OpenVPN\bin\openvpn-gui.exe" --connect server.ovpn
i want to run it as personal vpn server with internet access so these lines inside the server/client .ovpn must be the only one? or add them on sample?