How to share client side internet connection with server side in openvpn?

1.7k views Asked by At

I setup an openvpn server on Ubuntu 14.04 in Japan and my brother setups an openvpn client on Ubuntu 14.04 In Switzerland. The vpn connection successfully work and ping requests form client side or server side answered successfully.Also i setup IP forwarding and nat configuration in my computer. And my brother can browse the internet through my internet connection(connection to a Japanese ISP). When he browses internet ,his public IP is the same as mine.

Question: "Can i browse the internet through his internet connection and will be seen with his public IP while browsing internet, "with this vpn structure(his computer->client side and mycomputer->server side)"? If yes, which configuration must be used?"

I know, i can do that if he act as server side and i act as client side, but the question is clear.

1

There are 1 answers

0
khosro On BEST ANSWER

After hard search, solution is: Making a point-to-point secure connection with openvpn like this is the solution(simple point-to-point secure connection). Some routing table entries and firewall entries must be add to each side. Start openvpn in p-t-p server mode in Japan and name it A and start openvpn in p-t-p client mode in Swiss and name it B. The connection established very quickly. And then add routing table enrties in Japan side like this in Ubuntu terminal (A(Japan) tunnel interface IP is 10.8.0.1 and B(Swiss) tunnel interface IP is 10.8.0.2):

route add -net 0.0.0.0 netmask 0.0.0.0 gw 10.8.0.2 dev tun0
route add -net 111.111.111.111  netmask 255.255.255.255 gw 192.168.1.1 dev eth1 //(eth1 is the internet interface)
//replace 111.111.111.111 with Swiss side public IP
//192.168.1.1 is the IP of internet interface

sysctl net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

and add some firewall rule in Swiss side like this:

sysctl net.ipv4.ip_forward=1
iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE      //wlan0 is internet interface in Swiss side

and then while A side browses the internet, his public IP is the same as B side public IP.