2

I have an Ubuntu 16.04 server that I have running xl2tp and openvpn as a VPN server. However, I want the server itself to be connected to either a SOCKS Proxy or another OpenVPN connection. That is:

client --> server --> vpn or socks server --> internet

Right now, if I perform a curl or wget request from the server's terminal (to, say, https://api.ipify.com/), it's traffic is clearly going through the second vpn or socks (I've tried both). However, if I connect a client to the server over l2tp or openvpn, and then try the same curl or wget from the client, it's traffic is exiting from the server directly, rather than router through the second vpn / socks proxy.

In other words, although what I want is:

client --> server --> vpn or socks server --> internet

What I'm getting instead is:

client --> server +---(server-native traffic)---> vpn2/socks --> internet
                  |
                  +---(client vpn traffic)----> internet

How can I achieve the result of forcing traffic from VPN clients into a second vpn or socks proxy?

I'd like to do this transparently - I can't control how the clients connect to the server, but I can control the server.

cegfault
  • 185

1 Answers1

1

It's been five (5) years - almost to the day - since I posted this question (holy existential dread Batman!). For the sake of anyone coming here from a web search:

Use Wireguard

I was able to solve my problem a long time ago with WireGuard, compiled into the Linux kernel as of 5.6 (March 2020) and on. There are utilities available for mobile, desktop, and server platforms.

For those who don't want to use wireguard, or need a tor proxy, @HappyFace recently commented that example configurations exist in a new Iran-focused github project. I have no idea if they work or not.

Wireguard has met all my needs. It's networking scheme is far simpler and easier to learn.

cegfault
  • 185