OpenVPN airvpn as a local gateway

[Fjew 0]

Hello!

I have previously just changed GW of the devices I wanted to have VPN protection and it has been good enough for me. But for some reason it's all blocked when I change GW to the airvpn machine, the airvpn is working as expected there. Also added the "sysctl -w net.ipv4.ip_forward=1" and flushed iptables, tried reboot.. Well I'm out of ideas, I'm using the auto generated config for regular openvpn, any help ?

Best regards

[ss11 20]

On the AirVPN machine you must have iptables rules that route from the local network interface to the VPN interface.
Example:

AirVPN machine has internal IP address 192.168.1.3/24 ; and is connected to AirVPN via tun1 interface.
Your local computers are in the network 192.168.1.0/24 on the same network with the AirVPN machine, they are reachable directly (e.g. they can ping each other).

You need to setup on each computer in the network gateway 192.168.1.3 (AirVPN machine) and on AirVPN machine iptables rules to do MASQUARADE or source/destination rules from 192.168.1.0/24 to `tun1` interface.

Same for IPv6, where you will need to configure ULA (unique local addresses) on your LAN for all machines and the AirVPN machine, enable ipv6 forwarding in sysctl.conf and have ip6tables rules the same as iptables rules for IPv4.

You aslo need a DNS forwarder on AirVPN machine (like unbound) that will listen for DNS requests on 192.168.1.3 and the IPv6 ULA address and forward them to the AirVPN DNS resolver inside the VPN tunnel.

Last but not least you need to edit gai.conf or windows net policies to prefer IPv6 ULA's so that dual-stack mode works as per RFC (IPv6 first, then IPv4).

Hope this helps. I only gave some guidelines not specific setups because I have no clue of what your setup is or what kind of network you have or what kind of IP classes you use, etc. but you can google information from here in order to fulfill the steps above.