| Linode Forum https://forum.linode.com/ |
|
| NAT with OpenVpn instead of using Squid, Client Setup? https://forum.linode.com/viewtopic.php?f=19&t=7645 |
Page 1 of 1 |
| Author: | cattani [ Sun Aug 28, 2011 5:24 am ] |
| Post subject: | NAT with OpenVpn instead of using Squid, Client Setup? |
Hello! If I set up iptables to NAT my Vpn traffic throug the linode, how do i manage to point my browser to send traffic through the vpn? - I know, I could use "redirect-gateway" in Openvpn, but that would redirect all my traffic and I only want traffic from i.e. Firefox to be nat-ed. I imagine setting up a local proxy (Windows-machine) would be a possibility, but I have no concrete idea? Could someone point me to to some tutorial or else about that? Thanks! |
|
| Author: | Internat [ Sun Aug 28, 2011 6:37 am ] |
| Post subject: | |
if all you want to do is subject your firefox traffic through your linode, you dont need to worry about a vpn. A simple proxy server will do your needs. |
|
| Author: | chesty [ Sun Aug 28, 2011 6:38 am ] |
| Post subject: | |
you could use ssh socks proxy, or a tiny non caching proxy on your linode, it doesn't have to be squid. I would use the socks proxy with firefox configured to use socks to proxy the dns, too. |
|
| Author: | cattani [ Sun Aug 28, 2011 6:43 am ] |
| Post subject: | |
@chesty: ssh-socks is a good idea. which proxy servers do you mean, i only know squid, thx! |
|
| Author: | otherbbs [ Sun Aug 28, 2011 8:08 pm ] |
| Post subject: | |
Take a look at tinyproxy. -- Travis |
|
| Author: | Guspaz [ Mon Aug 29, 2011 11:01 am ] |
| Post subject: | |
If your OpenVPN server is set to forward traffic, then simply connecting with the OpenVPN client should automatically forward all traffic through the VPN. If you'd like a trivial-to-set-up VPN solution, the OpenVPN guys make "OpenVPN Access Server". It's semi-commercial, but does come with 2 free simultaneous logins (extra logins cost $5 each, one-time fee). Deploying it is pretty simple (no configuration on your end), so you basically just need to install it and create some user accounts and you're golden. I'd recommend switching from the default TCP+UDP mode to UDP-only, though. |
|
| Author: | chesty [ Mon Aug 29, 2011 11:27 am ] |
| Post subject: | |
cattani wrote: @chesty: ssh-socks is a good idea. which proxy servers do you mean, i only know squid, thx!
If you use ssh socks proxy, you don't need any other proxy. You don't really need the vpn, but either way works. On windows putty is the go for ssh socks proxy, if you google putty socks proxy you should get tutorials. |
|
| Author: | cattani [ Mon Aug 29, 2011 12:30 pm ] |
| Post subject: | |
ok, thanks, I tested ssh-proxy and vpn+squid - both have dismal speed, maybe its because i am over the ocean, cant get over 150kb/sek, but thats another story gtz |
|
| Author: | iml [ Mon Aug 29, 2011 3:17 pm ] |
| Post subject: | |
Squid proxy is for caching stuff, so just connect to the VPN server. I doubt that has anything to do with your bandwidth, however. |
|
| Author: | hoopycat [ Mon Aug 29, 2011 4:33 pm ] |
| Post subject: | |
Encrypting your traffic and tunneling it to another server usually does not improve performance. It can make it much worse, especially when the server is far away. (That said, a hotel I stayed at in California only rate-limited TCP traffic on the "free 512 kb/sec wireless." OpenVPN uses UDP by default. Pretty sure the hotel had a T1, and I'm pretty sure I was saturating it accidentally.) |
|
| Author: | cattani [ Tue Aug 30, 2011 2:46 am ] |
| Post subject: | |
thx all, maybe its the long distance+tunneling which slows down everything, scp gives me ca 300kb/sek, half for http over ssh proxy or vpn+squid. |
|
| Author: | Guspaz [ Tue Aug 30, 2011 10:28 am ] |
| Post subject: | |
SSH tunneling is TCP-over-TCP, so unless I'm mistaken, even the smallest packetloss or jitter is going to cause two layers of TCP to fight eachother. Congestion control on top of congestion control... |
|
| Author: | cattani [ Sat Oct 01, 2011 4:57 am ] |
| Post subject: | |
@guspaz: Thanks for your input, that is the solution! I changed openvpn to UDP and voila: near line speed of my internet connection - amazing! |
|
| Author: | cattani [ Sun Nov 30, 2014 8:23 am ] |
| Post subject: | Re: NAT with OpenVpn instead of using Squid, Client Setup? |
Hy, I have an update: this worked amazingly fast until my ISP changed something, now I got max 8mbit/sec and tons of udp-packet replays. Tunnel over tcp works slightly more steadily, but is overall slower. i cant figure out any fix, seems my isp is shuffling udp packets. Do you have any ideas what I could try? thx |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|