Go Back   AnandTech Forums > Hardware and Technology > Networking

Forums
· Hardware and Technology
· CPUs and Overclocking
· Motherboards
· Video Cards and Graphics
· Memory and Storage
· Power Supplies
· Cases & Cooling
· SFF, Notebooks, Pre-Built/Barebones PCs
· Networking
· Peripherals
· General Hardware
· Highly Technical
· Computer Help
· Home Theater PCs
· Consumer Electronics
· Digital and Video Cameras
· Mobile Devices & Gadgets
· Audio/Video & Home Theater
· Software
· Software for Windows
· All Things Apple
· *nix Software
· Operating Systems
· Programming
· PC Gaming
· Console Gaming
· Distributed Computing
· Security
· Social
· Off Topic
· Politics and News
· Discussion Club
· Love and Relationships
· The Garage
· Health and Fitness
· Merchandise and Shopping
· For Sale/Trade
· Hot Deals
· Free Stuff
· Contests and Sweepstakes
· Black Friday 2013
· Forum Issues
· Technical Forum Issues
· Personal Forum Issues
· Suggestion Box
· Moderator Resources
· Moderator Discussions
   

Reply
 
Thread Tools
Old 10-26-2012, 05:20 PM   #1
CaptainOrgasmo
Member
 
Join Date: Dec 2010
Posts: 37
Default All network traffic forced through VPN?

Hey all. I tried searching all over on how to do this, but I'm pretty networking-retarded so I'm having a ton of trouble figuring it out.

Basically I'd like the option to have 100% of my personal network traffic go through a VPN and block everything else. I'm running OpenVPN at the moment and can at least connect to the VPN, but I have no idea what I'm doing otherwise. My other question: is this something that can be handled through my router and would that be a better/worse option than something software?

Thank you so much in advance! This has been driving me nuts.
CaptainOrgasmo is offline   Reply With Quote
Old 10-27-2012, 12:18 PM   #2
RadiclDreamer
Diamond Member
 
RadiclDreamer's Avatar
 
Join Date: Aug 2004
Posts: 7,823
Default

All you have to do is make sure split tunneling is turned off and all traffic must flow over the vpn
__________________
CCENT, CCNA, A+, Net+
RadiclDreamer is offline   Reply With Quote
Old 10-28-2012, 11:57 AM   #3
CaptainOrgasmo
Member
 
Join Date: Dec 2010
Posts: 37
Default

Awesome thanks!

Do I turn it off through OpenVPN or somewhere else?

Sorry for the stupid questions. Like I said, I know next to nothing about networking.
CaptainOrgasmo is offline   Reply With Quote
Old 10-30-2012, 10:04 AM   #4
CaptainOrgasmo
Member
 
Join Date: Dec 2010
Posts: 37
Default

Just gonna bump this once, then I'll let it die.

Any help is greatly greatly appreciated.
CaptainOrgasmo is offline   Reply With Quote
Old 10-30-2012, 01:35 PM   #5
mv2devnull
Senior Member
 
Join Date: Apr 2010
Posts: 744
Default

This is a question about routing. When your machine has a network packet, it has to decide where to send it. The packet has a destination address. If the destination is the same host, well, the trip is short. If the destination is in a subnet to which this host is directly connected to with an interface, the packet goes out via that interface.


Yes, some routers do offer VPN. They most likely have about the same software as you would run on your computer; just a little bit different interface to configuring it. If the router does the work, then your computer does not even know that it is behind a VPN.

VPN does involve encryption though. You CPU may or may not be more efficient at it than your router.

If the destination is neither of those, it has to be sent to a machine in the local subnet that we believe can send the packet forward towards its real destination. That machine is called "router" or "gateway".

You cannot send "all" via VPN. The other end of VPN does have a (public) address. OpenVPN must send packets via the normal interface and normal routers to that endpoint. It probably needs to be able to resolve names too, so all name queries cannot go to the VPN-tunnel.

Everything else can be told to go via the VPN interface device and use the "internal IP" of the other end of the tunnel as the router. It is usually the "server-end" of the OpenVPN connection that configures the routing for the "client-end".

The other end has to do NAT. Packets coming from your host via the tunnel will have your "internal IP" as "source". Nobody but the other end knows that IP. The other end hides your IP, pretends that your packets come from it, and then retranslates the replies so that they come to you via the tunnel. That is NAT and the other end has to be configured to do it.
mv2devnull is offline   Reply With Quote
Old 10-30-2012, 03:52 PM   #6
CaptainOrgasmo
Member
 
Join Date: Dec 2010
Posts: 37
Default

Wow that's a ton to process, but thanks a bunch for all the info.
CaptainOrgasmo is offline   Reply With Quote
Old 10-30-2012, 06:29 PM   #7
CubanlB
Senior Member
 
Join Date: Oct 2003
Location: Saint Paul MN
Posts: 518
Default

What have you been using as a resource for openvpn. Thats a pretty standard config option for the server. There are some supporting configuration you should also do for dns, etc...
__________________
Denon 4306ci Denon DVD-3910 Playstation3 CHEAP HTPC w/ radeon 4350
Polk RTi8 Fronts Polk CSi3 Center Polk R50 Surrounds Kef PSW 4000 Sub
Panasonic 58V10
CubanlB is offline   Reply With Quote
Old 10-31-2012, 11:08 AM   #8
CaptainOrgasmo
Member
 
Join Date: Dec 2010
Posts: 37
Default

Quote:
What have you been using as a resource for openvpn.
I'm so clueless that I'm not even sure what this means.
CaptainOrgasmo is offline   Reply With Quote
Old 10-31-2012, 11:09 AM   #9
CaptainOrgasmo
Member
 
Join Date: Dec 2010
Posts: 37
Default

So I had a friend help me this last night and he had me take a different approach.

I'm now running OpenVPN + Comodo Firewall to block all traffic unless the VPN is connected. It's working fine for browsing, but when I fire up an application that uses the internet, Comodo wants to add a new wired network zone at: 169.254.244.233

Whatever application I open appears to have internet for the first 10-15 seconds, but once Comodo recognizes the new network zone, the whole connection goes down (for browsing even). Then I'm forced to disconnect the VPN and re-connect to get the secure connection back.

Any ideas? I'm thoroughly confused.
CaptainOrgasmo is offline   Reply With Quote
Old 10-31-2012, 11:30 AM   #10
RadiclDreamer
Diamond Member
 
RadiclDreamer's Avatar
 
Join Date: Aug 2004
Posts: 7,823
Default

Sorry, split tunneling can be a client option, but it can also be forced by the VPN admin. In the case of OpenVPN, I am not sure. Here is an article that I found that goes over it though.

http://dltj.org/article/openvpn-split-routing/
__________________
CCENT, CCNA, A+, Net+
RadiclDreamer is offline   Reply With Quote
Old 12-07-2012, 02:47 PM   #11
sabahm
Junior Member
 
Join Date: Dec 2012
Posts: 14
Default

Split Tunneling, a solution for you. It will route the traffic as per your instructions and companies like PureVPN and Ivacy are offering this service inclusive of their standard VPN account.
sabahm is offline   Reply With Quote
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 04:52 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.