Monthly Archives: February 2017 via OpenVPN

Privacy using OpenVPN and service

Let’s poke one’s prying eyes on your Internet traffic and setup VPN client to connect whole your home network (LAN) to Virtual Private Network using provider.

Install OpenVPN on your favorite distribution:
apt-get install openvpn

Generate OpenVPN client configs and OpenVPN keys for your account: Profile

Copy client configs and keys to /etc/openvpn/username.[ovpn,key,crt],ca.crt

Remove passphrase from private key:

openssl rsa -in username.key -out
mv username.key

Rename all *.ovpn profiles to *.conf:
rename "s/ovpn/conf/" *.ovpn

Autostart my OpenVPN server and client, edit /etc/default/openvpn:

AUTOSTART="server cz1-username"

Forward traffic through tun0 (OpenVPN):


Route incoming traffic via Internet original IP and gateway (eth0):
Server Fault solution

ip rule add from table 128
ip route add default dev eth0 via table 128

If you forward some traffic, for example port 10000:
-A PREROUTING -i eth0 -p tcp --dport 10000 -j DNAT --to-destination

You need to add another routing rule to return traffic to original source interface:

ip rule add from table 199
ip route add default dev eth0 via table 199

Set DNS server to Coolhousing ( for DNSmasq in /etc/resolv.dnsmasq:

Restart services:
/etc/init.d/dnsmasq restart
/etc/init.d/openvpn restart