Posted: Tue Apr 22, 2014 16:35 Post subject: Route PPTP server to WANIP while OpenVPN Client running
Hello, ANY help is MUCH appreciated.. I've written this question several different ways trying to get an answer... but no one seems to know or care to respond..
PLEASE, help... PLEASSSSSSE!!....
- I have an OpenVPN client running to StrongVPN.
- I have PPTP server running as well.
(so I can PPTP to my router from my phone and use the StrongVPN conn from anywhere)
PROBLEM: I have to PPTP via the OpenVPN IP, not the actual WAN IP... so it's coming in the OPENVpn conn encrypted IP while it's PPTP encrypted...
I want the router to answer the PPTP server via it's regular public WAN_IP, NOT THE OPENVPN/StrongVPN IP..
make sense?
I've tried putting the WAN_Gateway IP into the 'Policy Based routing' section of OPENVpn client.. nope.. don't work
I've tried IPTables.. nope...
I've heard something about route-up scripts, however, upon reading the WIKI here that specifically states to 'GO TO THE OPENVPN WIKI TO LEARN MORE ABOUT ROUTEUP SCRIPTS'... there is little to no mention of routeup scripts in said wiki..?... huh?... dead ends...
If anyone has tried this before, and I cannot imagine nobody thinking of this, please please please please help help help!!!!
Currently ,y conn is so slow when I PPTP over OPENVPN that it's gruelling to get any work done on my iOS apps/WebAPI dev environment...
Make sure your vpn provider actually supports pptp pass-through from the outside and the pptp reply packets goes back to the openvpn tun device via policy routing set up in the openvpn route-up script:
Code:
#!/bin/sh
ip route add table 200 default via $ifconfig_remote dev $dev
ip rule add from $ifconfig_local table 200
ip route flush cache
You'll also want to set the pptp MTU smaller than the default to avoid potential PMTU problems.
Thanks for the reply, however, I think you're off-point.
I want to do the opposite of what you are saying. I want PPTP to NOT come through the OpenVPN connection… PPTP pass thru is working fine through StrongVPN.,.. but the point is to NOT go through their IP…
example:
Strong VPN give me an ip beginning with 173.xxx.xxx.xxx
Comcast give me an IP like: 50.xxx.xxx.xxx
I want PPTP to answer on 50.xx.. not on 173.xx which is the StrongVPN IP that it is currently answering on...
follow me?...
or am I missing something you wrote?
So you route everything through the openvpn tunnel and you want pptp to go through the wan interface. well, the principle is the same. assuming you don't provide any other service on the router
#!/bin/sh
ip route add table 200 default via $route_net_gateway
ip rule add from $ifconfig_local table 200
ip route flush cache
if you do provide other services on the router, you'll have to do more fine-grained selection of packets, firewall marking.
