Hello,
I've got an OpenVPN server which works fine. It's using TUN interface. On the same server, I've also got a Tinyproxy server running.
My firewall permits VPN clients to access both local lan, and wan (thus, internet). All works good.
The only thing I'm missing is "how do I force all incoming VPN connections to also go though the HTTP proxy ?" Right now, Tinyproxy isn't logging anything coming from VPN connections... How can I change this ?
My OpenVPN 's FW settings :
config rule 'Allow_OpenVPN_Inbound'
option target 'ACCEPT'
option src '*'
option proto 'udp'
option dest_port '1194'
option name 'Allow_OpenVPN_Inbound'
config zone 'vpn_corbeau'
option name 'vpn_corbeau'
option network 'vpn0'
option input 'ACCEPT'
option forward 'REJECT'
option output 'ACCEPT'
option masq '1'
config forwarding 'vpn_corbeau_forwarding_lan_in'
option src 'vpn_corbeau'
option dest 'lan'
config forwarding 'vpn_corbeau_forwarding_lan_out'
option src 'lan'
option dest 'vpn_corbeau'
config forwarding 'vpn_corbeau_forwarding_wan'
option src 'vpn_corbeau'
option dest 'wan'
and my Tinyproxy FW settings :
config redirect
option name 'HTTP Transparent Proxy Redirect'
option src 'lan'
option proto 'tcp'
option src_dport '80'
option src_dip '!192.168.1.1'
option dest_ip '192.168.1.1'
option dest 'lan'
option dest_port '8118'
My Tinyproxy is set to listen on 192.168.1.1, and I've allowed '192.168.1.0/24', '10.8.0.0/24' and '127.0.0.1' to connect to it through its config file.
My OpenVPN network is on '10.8.0.0 255.255.255.0'.
I tried doing another FW forward rule that would forward all requests from vpn_zone and having src port 80 to the proxy, like this:
config redirect
option name 'HTTP Proxy for VPN'
option src 'vpn_corbeau'
option proto 'tcp'
option src_dport '80'
option dest_ip '192.168.1.1'
option dest 'lan'
option dest_port '8118'
option enabled '1'
but seems like the http isn't coming back.. at least, I know I can no longer go on the web with vpn clients doing so.
Any help on how I could make this work ?
Many thanks!!