Configure OpenVPN as a local proxy to use it only when needed

  • First, I think it is the proper place to post my question (and not serverfault or networkengineering). If not, please tell me what's the correct place.

    I used FreeGate. I configured the Firefox extension autoproxy for tunneling through FreeGate only the pages are banned (autoproxy uses a black list of banned pages).

    I wonder if it is posible to do the same with OpenVPN. Actually, I'm using SecurePoint OpenVPN with VPNBook. Maybe it is posible together with a proxy server like Handcrafted FreeProxy?

  • OpenVPN is a different kind of tunnel. Proxying is application-to-application. Your browser (completely independent of the rest of your computer) decides to send its traffic through a proxy server running somewhere else. This can be done for on a request-by-request basis if necessary, because its up to the application to decide where its sending its requests.

    OpenVPN, on the other hand, works at the network level. You run a program that alters your computer's network configuration. Typically a new "virtual" network interface is created and configured, and your computer's network routing rules are typically changed to send traffic through it based on your pre-established configuration. This is system-wide, and effects all programs running on your machine. There are definite setup and tear-down steps which take several seconds or several tens of seconds, and it's not feasible to do on a per-connection basis.

    That said, there may be a sort of hybrid approach. For example, you can create a standing OpenVPN connection which isn't your default route, but which connects to a private network on the othe side (say a 192.168.x.x network for example), and you can set up a proxy machine on that foreign private network. You use your existing techniques to send the desired traffic to the proxy on the other side of the VPN, effectively getting you control over which traffic uses the VPN.

    The overhead of OpenVPN is low; so it can be open while you're not using it without consuming significant bandwidth or CPU time. The setup is simple enough, but takes some doing. Obviously you'd need some control over both the VPN configuration and the proxy server on the other side of it. But it can be done.

    Thanks for clarify everything. Actually, that's what I did with Teamviewer VPN. Unfortunately, I don't have control of the servers of VPNBook. Would be the following configuration posible? 1) `OpenVPN-Tap` **not** as default route. 2) Local `proxy` which send all the received _data segments_ in port _xxxx_ to the `OpenVPN-Tap` 3) Firefox setup with the proxy: _localhost_, port _xxxx_

    By the way, I just discover the magic of VPN Gate (together with SoftEther). So I'll use that one instead OpenVPN for sure!

    @tylerl I think what OP is trying to do is use your "hybrid approach", but use a program, running on localhost (instead of using another PC on the LAN), that exposes the OpenVPN connection as a HTTP/SOCKS proxy.

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM

Tags used