Are you trying to push all your traffic through the tunnel? If so, you need to be careful how you set up routes. This is entirely separate from iptables.
You need to have a route that points specifically to the IP address of your VPN remote that uses your computer's default gateway, then you need to replace the default route with one that points to the remote end of the tunnel.
If you run the command "route -n", you'll see the address of your default gateway listed alongside the 0.0.0.0 default route. For illustration, let's suppose your router has address 192.168.1.1. Now suppose you want to set up a tunnel to the server at 172.16.16.16, with the tunnel having the address 10.10.10.10 on your machine and 10.10.10.11 on the server. Then you need to run some commands like these:
Code:
sudo ip route add 172.16.16.16 via 192.168.1.1
sudo ip route del default
sudo ip route add default via 10.10.10.11
The first tells your computer that it should send traffic intended for the remote server out through the normal default gateway 192.168.1.1. The next two commands then deletes the default route through that server and replaces it with the remote end of the tunnel. Now all traffic intended for the server will go out your router and over the Internet, while the rest of your traffic will go through the tunnel.
You can set up OpenVPN to run these commands when it starts using the "up" directive in openvpn.conf.
Bookmarks