Home / ubuntu / Questions / 1065397
Accepted
David Kamer
Asked: 2018-08-15 11:55:38 +0800 CST

How to route all traffic through vpn adapter?

  • 772

I'm using SoftEther, but that may be irrelevant.

I have the following adapter:

vpn_myadapter: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 [redacted]  prefixlen 64  scopeid 0x20<link>
        ether [redacted]  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

and I have the following routes:

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         dslrouter.netge 0.0.0.0         UG    600    0        0 wlp4s0
link-local      0.0.0.0         255.255.0.0     U     1000   0        0 virbr0
192.168.123.0   0.0.0.0         255.255.255.0   U     0      0        0 virbr0
192.168.254.0   0.0.0.0         255.255.255.0   U     600    0        0 wlp4s0

I need to know how I can easily use Ubuntu to route all internet traffic through my VPN adapter.

networking vpn routing

1 Answers

  1. Best Answer

    This answer assumes you already have successfully connected your account and have a working adapter.

    Ok, after sifting through tutorials on IP tables/routes I found the solution that works with SoftEther that should work with other VPN adapters to tunnel traffic through the adapter.

    Start by running ip neigh to get the default gateway of your VPN's network and the default gateway of this network. You will also need your remote server IP. If this doesn't get the information for you, run ifconfig and tcpdump on the IP for your VPN adapter.

    You can easily combine the bellow steps into a bash script and/or reverse them to disconnect a VPN adapter:

    First you will need to get DHCP info from your server with:

    sudo dhclient vpn_myadapter

    vpn_myadapter is the the adapter name that can be found with ifconfig.

    Second you have to create a route from your VPN server's IP address to your local internet gateway that will get you out to the internet. 55.55.55.55 is what I will use as the example server address. Also you will need to know what the adapter names are for your internet connection and your VNA (virtual network adapter), and you can find these with ifconfig. You can also use ip neigh to get a concise list of your adapters and their gateways.

    Command to create a route from VPN IP to local gateway (in this example 192.168.0.1)

    sudo ip route add 55.55.55.55/32 via 192.168.0.1 dev eth0

    Make sure eth0 is set to the adapter that corresponds with your local gateway

    Next you'll delete your default route which routes all traffic by default.

    sudo ip route del default

    Now you will add a default route that will use the VPN's default gateway. This information can be gathered from either your provider, the server you setup or using a combination of tcdump, ip neigh, and ifconfig. You might be able to find the information at this point, but you should have run ip neigh at the beginning if you are unable to find the information now. I will use the default default gateway provided by SoftEther which is 192.168.30.1.

    sudo ip route add default via 192.168.30.1 dev vpn_myadapter

    That should route all your traffic through the remote network. If you are still unable to connect to the internet you will need to run DhcpEnableand SecureNatEnable (you shouldn't but might need to run NatEnable depending on your configuration) on your server if you are unable to get dhcp or internet working after you have connected your client through these steps or your dhclient command didn't work. I am unsure if your server will need a reboot after updating it.

    EDIT: SecureNatEnable will enable NAT and DHCP.

    • 6