Routing a VPN connection to a socks proxy on the same serverOpenVPN client as SOCKS 5 server?How can I route...
How to create a label containing values from different layers in QGIS
Is there a verb that means to inject with poison?
Why did Luke use his left hand to shoot?
Broad Strokes - missing letter riddle
Count repetitions of an array
What senses are available to a corpse subjected to a Speak with Dead spell?
Is there a way to store 9th-level spells in a Glyph of Warding or similar method?
What does MTU depend on?
Prevent Nautilus / Nemo from creating .Trash-1000 folder in mounted devices
Switch case implementation in Java for an integer pair combination
Coworker asking me to not bring cakes due to self control issue. What should I do?
How to not let the Identify spell spoil everything?
Will rerolling initiative each round stop meta-gaming about initiative?
Why didn't Tom Riddle take the presence of Fawkes and the Sorting Hat as more of a threat?
Not a Long-Winded Riddle
A starship is travelling at 0.9c and collides with a small rock. Will it leave a clean hole through, or will more happen?
Is there a file that always exists and a 'normal' user can't lstat it?
How are the system health extended events files rolling over?
A question about partitioning positivie integers into finitely many arithmetic progresions
Can we "borrow" our answers to populate our own websites?
Am I correct in stating that the study of topology is purely theoretical?
Why avoid shared user accounts?
How is this property called for mod?
Does the ditching switch allow an A320 to float indefinitely?
Routing a VPN connection to a socks proxy on the same server
OpenVPN client as SOCKS 5 server?How can I route *some* traffic over an SSH SOCKS proxy on OS X?VPN/Proxy server to bypass work proxyOpenVPN vs. SOCKS proxySOCKS proxy on a local networkOpenVPN does not work on WirelessLocal proxy solution to circumvent my VPNCreate VPN server to tunnel traffic thru external proxy serverTurn SOCKS to VPN using OpenVPNOpenVPN client connects to VPN server, but no internet connection
I'm running a VPS with the OpenVPN service. On the same server I also set up a local socks proxy (it's Tor, but I don't think it really matters for this case).
Can I somehow route my VPN connection to that socks proxy, without any changes in my local browser/device settings?
The connection I want to set up looks something like
(my device) -> VPN tunnel -> (VPN server -> Tor SOCKS proxy) -> Tor network
(this connection is inside VPS)
I see two options
1) Routing happens entirely on the server, transparently for a client
2) The VPN pushes socks proxy options (as it can push routes, DNS servers etc)
but I have no clue how to achieve either one.
I frequently use OpenVPN to bypass blocking, and I want to use the same routine to connect to the Tor network both from Windows and Android devices, without bothering to change proxy settings, running local tor/orbot etc. Ideally I plan to run it alongside a regular VPN connection that routes all traffic to the Internet (this is already set up and working fine) but on a different port.
vpn proxy openvpn tor vps
edited Aug 8 '18 at 9:38
robinCTS
4,01741527
asked Aug 8 '18 at 9:25
Oleg ShemetovOleg Shemetov
1062
add a comment |
I'm running a VPS with the OpenVPN service. On the same server I also set up a local socks proxy (it's Tor, but I don't think it really matters for this case).
Can I somehow route my VPN connection to that socks proxy, without any changes in my local browser/device settings?
The connection I want to set up looks something like
(my device) -> VPN tunnel -> (VPN server -> Tor SOCKS proxy) -> Tor network
(this connection is inside VPS)
I see two options
1) Routing happens entirely on the server, transparently for a client
2) The VPN pushes socks proxy options (as it can push routes, DNS servers etc)
but I have no clue how to achieve either one.
I frequently use OpenVPN to bypass blocking, and I want to use the same routine to connect to the Tor network both from Windows and Android devices, without bothering to change proxy settings, running local tor/orbot etc. Ideally I plan to run it alongside a regular VPN connection that routes all traffic to the Internet (this is already set up and working fine) but on a different port.
vpn proxy openvpn tor vps
edited Aug 8 '18 at 9:38
robinCTS
4,01741527
asked Aug 8 '18 at 9:25
Oleg ShemetovOleg Shemetov
1062
add a comment |
I'm running a VPS with the OpenVPN service. On the same server I also set up a local socks proxy (it's Tor, but I don't think it really matters for this case).
Can I somehow route my VPN connection to that socks proxy, without any changes in my local browser/device settings?
The connection I want to set up looks something like
(my device) -> VPN tunnel -> (VPN server -> Tor SOCKS proxy) -> Tor network
(this connection is inside VPS)
I see two options
1) Routing happens entirely on the server, transparently for a client
2) The VPN pushes socks proxy options (as it can push routes, DNS servers etc)
but I have no clue how to achieve either one.
I frequently use OpenVPN to bypass blocking, and I want to use the same routine to connect to the Tor network both from Windows and Android devices, without bothering to change proxy settings, running local tor/orbot etc. Ideally I plan to run it alongside a regular VPN connection that routes all traffic to the Internet (this is already set up and working fine) but on a different port.
vpn proxy openvpn tor vps
edited Aug 8 '18 at 9:38
robinCTS
4,01741527
asked Aug 8 '18 at 9:25
Oleg ShemetovOleg Shemetov
1062
I'm running a VPS with the OpenVPN service. On the same server I also set up a local socks proxy (it's Tor, but I don't think it really matters for this case).
Can I somehow route my VPN connection to that socks proxy, without any changes in my local browser/device settings?
The connection I want to set up looks something like
(my device) -> VPN tunnel -> (VPN server -> Tor SOCKS proxy) -> Tor network
(this connection is inside VPS)
I see two options
1) Routing happens entirely on the server, transparently for a client
2) The VPN pushes socks proxy options (as it can push routes, DNS servers etc)
but I have no clue how to achieve either one.
I frequently use OpenVPN to bypass blocking, and I want to use the same routine to connect to the Tor network both from Windows and Android devices, without bothering to change proxy settings, running local tor/orbot etc. Ideally I plan to run it alongside a regular VPN connection that routes all traffic to the Internet (this is already set up and working fine) but on a different port.
vpn proxy openvpn tor vps
vpn proxy openvpn tor vps
edited Aug 8 '18 at 9:38
robinCTS
4,01741527
asked Aug 8 '18 at 9:25
Oleg ShemetovOleg Shemetov
1062
edited Aug 8 '18 at 9:38
robinCTS
4,01741527
asked Aug 8 '18 at 9:25
Oleg ShemetovOleg Shemetov
1062
edited Aug 8 '18 at 9:38
robinCTS
4,01741527
edited Aug 8 '18 at 9:38
robinCTS
4,01741527
edited Aug 8 '18 at 9:38
robinCTS
4,01741527
4,01741527
asked Aug 8 '18 at 9:25
Oleg ShemetovOleg Shemetov
1062
asked Aug 8 '18 at 9:25
Oleg ShemetovOleg Shemetov
1062
asked Aug 8 '18 at 9:25
Oleg ShemetovOleg Shemetov
1062
1062
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
Finally got to it.
First you need to run another OpenVPN instance. Just copy your openvpn/server.conf and change
port [some free port]
server [another subnet, if your first instance was on 10.8.0.0, set it to 10.8.1.0] 255.255.255.0
push "dhcp-option DNS [we will use TOR DNS, so this will be TOR proxy IP, e.g. 10.8.1.1]"
you may want to generate another keypair.
Then you start TOR in transparent proxy mode (please note that official documentation lists this mode as potentially insecure, refer to https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy for details). It will serve as your gateway and DNS server. Change default torrc file appending this configuration
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort [address in your subnet, e.g. 10.8.1.1]:9040
DNSPort [same, 10.8.1.1]:53
and finally route all subnet requests to TOR proxy (special configuration for DNS traffic)
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040
make sure you allow internal 10.8.1.0 subnet traffic in your firewall.
Connecting to different ports will allow you to switch from TOR network to regular internet connection through VPN. No client configuration necessary.
answered 5 hours ago
Oleg ShemetovOleg Shemetov
1062
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1347117%2frouting-a-vpn-connection-to-a-socks-proxy-on-the-same-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
Finally got to it.
First you need to run another OpenVPN instance. Just copy your openvpn/server.conf and change
port [some free port]
server [another subnet, if your first instance was on 10.8.0.0, set it to 10.8.1.0] 255.255.255.0
push "dhcp-option DNS [we will use TOR DNS, so this will be TOR proxy IP, e.g. 10.8.1.1]"
you may want to generate another keypair.
Then you start TOR in transparent proxy mode (please note that official documentation lists this mode as potentially insecure, refer to https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy for details). It will serve as your gateway and DNS server. Change default torrc file appending this configuration
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort [address in your subnet, e.g. 10.8.1.1]:9040
DNSPort [same, 10.8.1.1]:53
and finally route all subnet requests to TOR proxy (special configuration for DNS traffic)
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040
make sure you allow internal 10.8.1.0 subnet traffic in your firewall.
Connecting to different ports will allow you to switch from TOR network to regular internet connection through VPN. No client configuration necessary.
answered 5 hours ago
Oleg ShemetovOleg Shemetov
1062
add a comment |
Finally got to it.
First you need to run another OpenVPN instance. Just copy your openvpn/server.conf and change
port [some free port]
server [another subnet, if your first instance was on 10.8.0.0, set it to 10.8.1.0] 255.255.255.0
push "dhcp-option DNS [we will use TOR DNS, so this will be TOR proxy IP, e.g. 10.8.1.1]"
you may want to generate another keypair.
Then you start TOR in transparent proxy mode (please note that official documentation lists this mode as potentially insecure, refer to https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy for details). It will serve as your gateway and DNS server. Change default torrc file appending this configuration
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort [address in your subnet, e.g. 10.8.1.1]:9040
DNSPort [same, 10.8.1.1]:53
and finally route all subnet requests to TOR proxy (special configuration for DNS traffic)
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040
make sure you allow internal 10.8.1.0 subnet traffic in your firewall.
Connecting to different ports will allow you to switch from TOR network to regular internet connection through VPN. No client configuration necessary.
answered 5 hours ago
Oleg ShemetovOleg Shemetov
1062
add a comment |
Finally got to it.
First you need to run another OpenVPN instance. Just copy your openvpn/server.conf and change
port [some free port]
server [another subnet, if your first instance was on 10.8.0.0, set it to 10.8.1.0] 255.255.255.0
push "dhcp-option DNS [we will use TOR DNS, so this will be TOR proxy IP, e.g. 10.8.1.1]"
you may want to generate another keypair.
Then you start TOR in transparent proxy mode (please note that official documentation lists this mode as potentially insecure, refer to https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy for details). It will serve as your gateway and DNS server. Change default torrc file appending this configuration
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort [address in your subnet, e.g. 10.8.1.1]:9040
DNSPort [same, 10.8.1.1]:53
and finally route all subnet requests to TOR proxy (special configuration for DNS traffic)
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040
make sure you allow internal 10.8.1.0 subnet traffic in your firewall.
Connecting to different ports will allow you to switch from TOR network to regular internet connection through VPN. No client configuration necessary.
answered 5 hours ago
Oleg ShemetovOleg Shemetov
1062
Finally got to it.
First you need to run another OpenVPN instance. Just copy your openvpn/server.conf and change
port [some free port]
server [another subnet, if your first instance was on 10.8.0.0, set it to 10.8.1.0] 255.255.255.0
push "dhcp-option DNS [we will use TOR DNS, so this will be TOR proxy IP, e.g. 10.8.1.1]"
you may want to generate another keypair.
Then you start TOR in transparent proxy mode (please note that official documentation lists this mode as potentially insecure, refer to https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy for details). It will serve as your gateway and DNS server. Change default torrc file appending this configuration
VirtualAddrNetworkIPv4 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort [address in your subnet, e.g. 10.8.1.1]:9040
DNSPort [same, 10.8.1.1]:53
and finally route all subnet requests to TOR proxy (special configuration for DNS traffic)
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p udp -m udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A PREROUTING -s [your subnet, e.g. 10.8.1.0/24] -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 9040
make sure you allow internal 10.8.1.0 subnet traffic in your firewall.
Connecting to different ports will allow you to switch from TOR network to regular internet connection through VPN. No client configuration necessary.
answered 5 hours ago
Oleg ShemetovOleg Shemetov
1062
answered 5 hours ago
Oleg ShemetovOleg Shemetov
1062
answered 5 hours ago
Oleg ShemetovOleg Shemetov
1062
answered 5 hours ago
Oleg ShemetovOleg Shemetov
1062
1062
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1347117%2frouting-a-vpn-connection-to-a-socks-proxy-on-the-same-server%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
