Remote PC reach mye home server via openVPN, how dos it work...
I have tried to understand how this openVPN works when I am on my work computer and access my home server through openVPN.
On my work computer I can surf to cnn.com etc. and that is going outside of openVPN tunnel.
I can also reach my home server via openVPN.
When I connect work computer I mount h: drive on my work pc to home server like "net use h: \192.168.50.50" Works like a charm.
I can also connect directly to server in a browser http:\192.168.50.50
Since I both can reach home server + reach all Internet, how is this working. I did expect work pc to only reach internet through openVPN connection.
Can anybody enlighten me, what is going on? How can a computer both be on safe openVPN and simultaneously be on unsafe Internet? Is this safe? Should i try to force my work computer (I don't know how) to only use openVPN for all connections, is it possible?
Gertjan last edited by
Should i try to force my work computer (I don't know how) to only use openVPN for all connections, is it possible?
When you launch the VPN Client on your work PC, a tunnel is constructed to your OpenVPN server.
With server options like these :
you enforce that all communcation goes through the VPN.
It's your home OpenVPN server that becomes your gateway to the net.
This means that you can access local (home) resources - and the entire net through your VPN.
This behaviour can be changes how ever. It's all up to the settings (routing info and such).
If you establish a VPN connection on a computer it has at least two network interface, the Ethernet or wireless and the virtual VPN interface.
Which interface is used for outgoing traffic is ruled by routes on the computer.
Now, the OpenVPN client is capable to add routes on the client computer and the OpenVPN server can tell the client, which routes are to be added (push routes).
In the server settings you have two options to push routes to the client:
- If you check "Redirect gateway" the server pushes the default route to the client, which means that the client directs all upstream traffic to the VPN server. This way you can surf the internet via the OpenVPN servers internet connection and its public IP.
- If you don't check "Redirect gateway" you can enter the subnets which should be directed over the VPN into the "Local Network/s" box. So if your local LAN is 192.168.50.0/24 and you state this subnet at "Local Network/s" only the route for this subnet is added to the clients routing table. So if you access an IP within this subnet on the client it goes out over the VPN virtual interface, while other traffic is directed to its default gateway.