I have succesfully set up an openvpn connection. By using the parameters
redirect-gateway def1
dhcp-option DNS 10.8.0.1
all traffic will go through the VPN, but I only want a specific application (like a browser (eg. Firefox)) to use the openvpn connection. All other traffic should go through the regular gateway.
Can I use the socks/proxy settings to point it to the openvpn link somehow? Maybe I can use putty to create this link? If so, how?
By the way, this is on windows os.
I had specifically this problem and couldn't find an easy to use solution. Basically the approach is still to set up SOCKS server in the VPN server. I've made this Docker image to make it actually usable
https://hub.docker.com/r/kizzx2/openvpn-client-socks/
Start that and then set your browser to use SOCKS proxy at local.docker:1081
Most applications can be coerced to go through that even if there's no built in proxy configuration. See proxychains
Yes, you could use a SOCKS proxy (or a regular proxy), and simply make sure the traffic to that proxy goes across the VPN. [ Of-course, if you are using SSH, a VPN is redundant ]. You would want to remove the "redirect-gateway def1" statement, possibly leaving it out altogether or replacing it with "redirect-private".
You need to be aware that DNS traffic could leak out your existing network if your nameservers are not on the other side of the VPN.
Putty can be used to create a socks connection.
The Unix way (apparently works with Putty as well) - From the command line
putty -D 8080 username@remotehost
(Where 8080 is the SOCKS port)
The Windows way: From http://vectrosecurity.com/content/view/67/26/ (and repeated here in case that site goes away)
- Open PuTTY.
- Where it says 'Host Name (or IP address)' and has a box underneath it, enter the name of your SSH host into the box.
- Under 'Saved Sessions' enter a name for this connection that will help you remember it later. For example, you could call it 'SSH Proxy' so you know this will be the proxy connection.
- In the 'Category:' menu on the left, expand the 'Connection' menu list if it is not expanded already. Expand the 'SSH' menu list if that one is not expanded already. Click 'Tunnels' (underneath 'SSH'). This opens the options where you will enter the settings for PuTTY to create the tunnel.
- Under 'Add new forwarded port:' enter 9853
- Where it says 'Destination' leave that field blank but be sure to select the 'Dynamic' option underneath it.
- Click the 'Add' button to add this port.
- In the 'Category:' menu on the left, click the click 'Connection'.
- Where it says 'Seconds between keepalives (0 to turn off)' enter 5 in the box. This will keep your connection alive and prevent it from timing out even when you walk away from the computer for a while.
- In the 'Category:' menu on the left, click 'Session' at the very top to go back to the first screen.
- Click the 'Save' button to save all of the settings you just entered. Later you will not have to enter these settings again in the future, you will only need to load up your saved profile (by double-clicking it after you open PuTTY) every time you wish to connect to the proxy.
- Click the 'Open' button to open the connection to the proxy.
- When connected you will be asked for your username and password. Enter the username and password for your account. Once connected the tunnel is open. After you are finished using the tunnel, type logout and press Enter.
If you’re indeed specifically asking for applications that support proxy servers, the answer is quite easy: Use a proxy server!
Your VPN connection must be configured so that it doesn’t modify clients’ default gateway. This way, all traffic uses the regular route to the internet.
I’ll assume your VPN connection uses 10.20.30.0/24 as the subnet, with 10.20.30.1 being the server’s IP address.
Configure a proxy (squid, or maybe something lighter) on your VPN server and set it to listen for clients on 10.20.30.1. Point your browser (or whatever) at the proxy at 10.20.30.1. Traffic to this IP address will always be routed through your VPN connection.
