vpn - How to chain two OpenVPN servers












0














I know there are plenty of questions on Super User about this topic already out there, but all of them are for more advanced users, or they are unclear to me.



I found on Reddit that you supposedly could do openvpn --config vpn1.ovpn and then openvpn --config vpn2.ovpn, but I've had no success. I'm pretty sure this type of connection only passes the traffic through vpn2 and it has no "instructions" to pass it through vpn1.



I am aware of the method of connecting to a VPN through a virtual machine, but I'm looking for a method that doesn't involve that.



Edit:



I'm trying to connect my computer to a VPN server I don't own, and route the traffic through that one to another VPN server I don't own. Basically like this:



MY COMPUTER ----------> VPN1 ----------> VPN2 ----------> Internet



Is this even possible without having another device of your own to route through? I know it's possible to do this on one physical machine using a virtual machine, like I mentioned earlier, but is this possible with a single physical device?



Edit 2:



One of my config files (with remote IP and certificates censored out):



dev tun
proto udp
remote 70.**.**.*** 1279
;http-proxy-retry
;http-proxy [proxy server] [proxy port]
cipher AES-128-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
#auth-user-pass

<ca>
-----BEGIN CERTIFICATE-----
blah blah blah
...
...
-----END CERTIFICATE-----
</ca>



<cert>
-----BEGIN CERTIFICATE-----
blah blah blah
...
...
-----END CERTIFICATE-----
</cert>



<key>
-----BEGIN RSA PRIVATE KEY-----
blah blah blah
...
...
-----END RSA PRIVATE KEY-----

</key>


The other server config has exactly the same setup except for the remote IP. Even the certificates are the same (I'm not a tech wiz, so I don't know if that's normal or not...)










share|improve this question
























  • To what purpose? External connections would only see the connections from one physical device, no matter how many permutations that went on internally. Unless, of course, you were connecting through a VPN to an outside third device.
    – Christopher Hostage
    Dec 6 '18 at 21:28










  • Um, I'm not very technical, so I'm not sure exactly what you mean, but I was using an OpenVPN client and noticed that it were having DNS leak problems. I also found a solution; chaining VPNs. Like I said, I'm not a tech wizard, I just use OpenVPN for network connections, and I don't own any of the servers, but I just wanted a VPN to browse the internet anonymously.
    – Anonymous User 216
    Dec 6 '18 at 21:33












  • I very much doubt connecting to more VPNs is going to solve any DNS leakage. A correctly configuration VPN will not leak DNS requests.
    – Daniel B
    Dec 6 '18 at 21:42










  • I can add one or both of the servers' config files... would that help? Besides, when I connected to a VPN on my host OS and then to a VPN on a virtual machine, I did not have leak problems.
    – Anonymous User 216
    Dec 6 '18 at 21:44










  • Ah but that’s not the same you see. Yes, you need to use DNS servers that would be routed over the VPN connection.
    – Daniel B
    Dec 7 '18 at 5:05
















0














I know there are plenty of questions on Super User about this topic already out there, but all of them are for more advanced users, or they are unclear to me.



I found on Reddit that you supposedly could do openvpn --config vpn1.ovpn and then openvpn --config vpn2.ovpn, but I've had no success. I'm pretty sure this type of connection only passes the traffic through vpn2 and it has no "instructions" to pass it through vpn1.



I am aware of the method of connecting to a VPN through a virtual machine, but I'm looking for a method that doesn't involve that.



Edit:



I'm trying to connect my computer to a VPN server I don't own, and route the traffic through that one to another VPN server I don't own. Basically like this:



MY COMPUTER ----------> VPN1 ----------> VPN2 ----------> Internet



Is this even possible without having another device of your own to route through? I know it's possible to do this on one physical machine using a virtual machine, like I mentioned earlier, but is this possible with a single physical device?



Edit 2:



One of my config files (with remote IP and certificates censored out):



dev tun
proto udp
remote 70.**.**.*** 1279
;http-proxy-retry
;http-proxy [proxy server] [proxy port]
cipher AES-128-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
#auth-user-pass

<ca>
-----BEGIN CERTIFICATE-----
blah blah blah
...
...
-----END CERTIFICATE-----
</ca>



<cert>
-----BEGIN CERTIFICATE-----
blah blah blah
...
...
-----END CERTIFICATE-----
</cert>



<key>
-----BEGIN RSA PRIVATE KEY-----
blah blah blah
...
...
-----END RSA PRIVATE KEY-----

</key>


The other server config has exactly the same setup except for the remote IP. Even the certificates are the same (I'm not a tech wiz, so I don't know if that's normal or not...)










share|improve this question
























  • To what purpose? External connections would only see the connections from one physical device, no matter how many permutations that went on internally. Unless, of course, you were connecting through a VPN to an outside third device.
    – Christopher Hostage
    Dec 6 '18 at 21:28










  • Um, I'm not very technical, so I'm not sure exactly what you mean, but I was using an OpenVPN client and noticed that it were having DNS leak problems. I also found a solution; chaining VPNs. Like I said, I'm not a tech wizard, I just use OpenVPN for network connections, and I don't own any of the servers, but I just wanted a VPN to browse the internet anonymously.
    – Anonymous User 216
    Dec 6 '18 at 21:33












  • I very much doubt connecting to more VPNs is going to solve any DNS leakage. A correctly configuration VPN will not leak DNS requests.
    – Daniel B
    Dec 6 '18 at 21:42










  • I can add one or both of the servers' config files... would that help? Besides, when I connected to a VPN on my host OS and then to a VPN on a virtual machine, I did not have leak problems.
    – Anonymous User 216
    Dec 6 '18 at 21:44










  • Ah but that’s not the same you see. Yes, you need to use DNS servers that would be routed over the VPN connection.
    – Daniel B
    Dec 7 '18 at 5:05














0












0








0







I know there are plenty of questions on Super User about this topic already out there, but all of them are for more advanced users, or they are unclear to me.



I found on Reddit that you supposedly could do openvpn --config vpn1.ovpn and then openvpn --config vpn2.ovpn, but I've had no success. I'm pretty sure this type of connection only passes the traffic through vpn2 and it has no "instructions" to pass it through vpn1.



I am aware of the method of connecting to a VPN through a virtual machine, but I'm looking for a method that doesn't involve that.



Edit:



I'm trying to connect my computer to a VPN server I don't own, and route the traffic through that one to another VPN server I don't own. Basically like this:



MY COMPUTER ----------> VPN1 ----------> VPN2 ----------> Internet



Is this even possible without having another device of your own to route through? I know it's possible to do this on one physical machine using a virtual machine, like I mentioned earlier, but is this possible with a single physical device?



Edit 2:



One of my config files (with remote IP and certificates censored out):



dev tun
proto udp
remote 70.**.**.*** 1279
;http-proxy-retry
;http-proxy [proxy server] [proxy port]
cipher AES-128-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
#auth-user-pass

<ca>
-----BEGIN CERTIFICATE-----
blah blah blah
...
...
-----END CERTIFICATE-----
</ca>



<cert>
-----BEGIN CERTIFICATE-----
blah blah blah
...
...
-----END CERTIFICATE-----
</cert>



<key>
-----BEGIN RSA PRIVATE KEY-----
blah blah blah
...
...
-----END RSA PRIVATE KEY-----

</key>


The other server config has exactly the same setup except for the remote IP. Even the certificates are the same (I'm not a tech wiz, so I don't know if that's normal or not...)










share|improve this question















I know there are plenty of questions on Super User about this topic already out there, but all of them are for more advanced users, or they are unclear to me.



I found on Reddit that you supposedly could do openvpn --config vpn1.ovpn and then openvpn --config vpn2.ovpn, but I've had no success. I'm pretty sure this type of connection only passes the traffic through vpn2 and it has no "instructions" to pass it through vpn1.



I am aware of the method of connecting to a VPN through a virtual machine, but I'm looking for a method that doesn't involve that.



Edit:



I'm trying to connect my computer to a VPN server I don't own, and route the traffic through that one to another VPN server I don't own. Basically like this:



MY COMPUTER ----------> VPN1 ----------> VPN2 ----------> Internet



Is this even possible without having another device of your own to route through? I know it's possible to do this on one physical machine using a virtual machine, like I mentioned earlier, but is this possible with a single physical device?



Edit 2:



One of my config files (with remote IP and certificates censored out):



dev tun
proto udp
remote 70.**.**.*** 1279
;http-proxy-retry
;http-proxy [proxy server] [proxy port]
cipher AES-128-CBC
auth SHA1
resolv-retry infinite
nobind
persist-key
persist-tun
client
verb 3
#auth-user-pass

<ca>
-----BEGIN CERTIFICATE-----
blah blah blah
...
...
-----END CERTIFICATE-----
</ca>



<cert>
-----BEGIN CERTIFICATE-----
blah blah blah
...
...
-----END CERTIFICATE-----
</cert>



<key>
-----BEGIN RSA PRIVATE KEY-----
blah blah blah
...
...
-----END RSA PRIVATE KEY-----

</key>


The other server config has exactly the same setup except for the remote IP. Even the certificates are the same (I'm not a tech wiz, so I don't know if that's normal or not...)







networking vpn openvpn






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Dec 6 '18 at 22:18

























asked Dec 6 '18 at 14:56









Anonymous User 216

11




11












  • To what purpose? External connections would only see the connections from one physical device, no matter how many permutations that went on internally. Unless, of course, you were connecting through a VPN to an outside third device.
    – Christopher Hostage
    Dec 6 '18 at 21:28










  • Um, I'm not very technical, so I'm not sure exactly what you mean, but I was using an OpenVPN client and noticed that it were having DNS leak problems. I also found a solution; chaining VPNs. Like I said, I'm not a tech wizard, I just use OpenVPN for network connections, and I don't own any of the servers, but I just wanted a VPN to browse the internet anonymously.
    – Anonymous User 216
    Dec 6 '18 at 21:33












  • I very much doubt connecting to more VPNs is going to solve any DNS leakage. A correctly configuration VPN will not leak DNS requests.
    – Daniel B
    Dec 6 '18 at 21:42










  • I can add one or both of the servers' config files... would that help? Besides, when I connected to a VPN on my host OS and then to a VPN on a virtual machine, I did not have leak problems.
    – Anonymous User 216
    Dec 6 '18 at 21:44










  • Ah but that’s not the same you see. Yes, you need to use DNS servers that would be routed over the VPN connection.
    – Daniel B
    Dec 7 '18 at 5:05


















  • To what purpose? External connections would only see the connections from one physical device, no matter how many permutations that went on internally. Unless, of course, you were connecting through a VPN to an outside third device.
    – Christopher Hostage
    Dec 6 '18 at 21:28










  • Um, I'm not very technical, so I'm not sure exactly what you mean, but I was using an OpenVPN client and noticed that it were having DNS leak problems. I also found a solution; chaining VPNs. Like I said, I'm not a tech wizard, I just use OpenVPN for network connections, and I don't own any of the servers, but I just wanted a VPN to browse the internet anonymously.
    – Anonymous User 216
    Dec 6 '18 at 21:33












  • I very much doubt connecting to more VPNs is going to solve any DNS leakage. A correctly configuration VPN will not leak DNS requests.
    – Daniel B
    Dec 6 '18 at 21:42










  • I can add one or both of the servers' config files... would that help? Besides, when I connected to a VPN on my host OS and then to a VPN on a virtual machine, I did not have leak problems.
    – Anonymous User 216
    Dec 6 '18 at 21:44










  • Ah but that’s not the same you see. Yes, you need to use DNS servers that would be routed over the VPN connection.
    – Daniel B
    Dec 7 '18 at 5:05
















To what purpose? External connections would only see the connections from one physical device, no matter how many permutations that went on internally. Unless, of course, you were connecting through a VPN to an outside third device.
– Christopher Hostage
Dec 6 '18 at 21:28




To what purpose? External connections would only see the connections from one physical device, no matter how many permutations that went on internally. Unless, of course, you were connecting through a VPN to an outside third device.
– Christopher Hostage
Dec 6 '18 at 21:28












Um, I'm not very technical, so I'm not sure exactly what you mean, but I was using an OpenVPN client and noticed that it were having DNS leak problems. I also found a solution; chaining VPNs. Like I said, I'm not a tech wizard, I just use OpenVPN for network connections, and I don't own any of the servers, but I just wanted a VPN to browse the internet anonymously.
– Anonymous User 216
Dec 6 '18 at 21:33






Um, I'm not very technical, so I'm not sure exactly what you mean, but I was using an OpenVPN client and noticed that it were having DNS leak problems. I also found a solution; chaining VPNs. Like I said, I'm not a tech wizard, I just use OpenVPN for network connections, and I don't own any of the servers, but I just wanted a VPN to browse the internet anonymously.
– Anonymous User 216
Dec 6 '18 at 21:33














I very much doubt connecting to more VPNs is going to solve any DNS leakage. A correctly configuration VPN will not leak DNS requests.
– Daniel B
Dec 6 '18 at 21:42




I very much doubt connecting to more VPNs is going to solve any DNS leakage. A correctly configuration VPN will not leak DNS requests.
– Daniel B
Dec 6 '18 at 21:42












I can add one or both of the servers' config files... would that help? Besides, when I connected to a VPN on my host OS and then to a VPN on a virtual machine, I did not have leak problems.
– Anonymous User 216
Dec 6 '18 at 21:44




I can add one or both of the servers' config files... would that help? Besides, when I connected to a VPN on my host OS and then to a VPN on a virtual machine, I did not have leak problems.
– Anonymous User 216
Dec 6 '18 at 21:44












Ah but that’s not the same you see. Yes, you need to use DNS servers that would be routed over the VPN connection.
– Daniel B
Dec 7 '18 at 5:05




Ah but that’s not the same you see. Yes, you need to use DNS servers that would be routed over the VPN connection.
– Daniel B
Dec 7 '18 at 5:05










1 Answer
1






active

oldest

votes


















0














For one hop using an interim computer called interim.host, use the following procedure,
where I have used the official OpenVPN port number 1194:



From your workstation:



$ ssh -L1194:localhost:1194 user@interim.host


From interim.host:



$ ssh -L1194:localhost:1194 user@remote.host


Finally connect your local openvpn client to localhost:1194.



You may use this procedure to extend to as many hops as required.






share|improve this answer





















  • Sorry, but this is not the kind of answer I was looking for. I've added an edit to make this clearer.
    – Anonymous User 216
    Dec 6 '18 at 21:15










  • Let me know when your edit is done, what kind of an answer you are looking for.
    – harrymc
    Dec 6 '18 at 21:17










  • Finished the edit. I'm looking for a method to chain the VPNs through one device.
    – Anonymous User 216
    Dec 6 '18 at 21:20













Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});














draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1381377%2fvpn-how-to-chain-two-openvpn-servers%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























1 Answer
1






active

oldest

votes








1 Answer
1






active

oldest

votes









active

oldest

votes






active

oldest

votes









0














For one hop using an interim computer called interim.host, use the following procedure,
where I have used the official OpenVPN port number 1194:



From your workstation:



$ ssh -L1194:localhost:1194 user@interim.host


From interim.host:



$ ssh -L1194:localhost:1194 user@remote.host


Finally connect your local openvpn client to localhost:1194.



You may use this procedure to extend to as many hops as required.






share|improve this answer





















  • Sorry, but this is not the kind of answer I was looking for. I've added an edit to make this clearer.
    – Anonymous User 216
    Dec 6 '18 at 21:15










  • Let me know when your edit is done, what kind of an answer you are looking for.
    – harrymc
    Dec 6 '18 at 21:17










  • Finished the edit. I'm looking for a method to chain the VPNs through one device.
    – Anonymous User 216
    Dec 6 '18 at 21:20


















0














For one hop using an interim computer called interim.host, use the following procedure,
where I have used the official OpenVPN port number 1194:



From your workstation:



$ ssh -L1194:localhost:1194 user@interim.host


From interim.host:



$ ssh -L1194:localhost:1194 user@remote.host


Finally connect your local openvpn client to localhost:1194.



You may use this procedure to extend to as many hops as required.






share|improve this answer





















  • Sorry, but this is not the kind of answer I was looking for. I've added an edit to make this clearer.
    – Anonymous User 216
    Dec 6 '18 at 21:15










  • Let me know when your edit is done, what kind of an answer you are looking for.
    – harrymc
    Dec 6 '18 at 21:17










  • Finished the edit. I'm looking for a method to chain the VPNs through one device.
    – Anonymous User 216
    Dec 6 '18 at 21:20
















0












0








0






For one hop using an interim computer called interim.host, use the following procedure,
where I have used the official OpenVPN port number 1194:



From your workstation:



$ ssh -L1194:localhost:1194 user@interim.host


From interim.host:



$ ssh -L1194:localhost:1194 user@remote.host


Finally connect your local openvpn client to localhost:1194.



You may use this procedure to extend to as many hops as required.






share|improve this answer












For one hop using an interim computer called interim.host, use the following procedure,
where I have used the official OpenVPN port number 1194:



From your workstation:



$ ssh -L1194:localhost:1194 user@interim.host


From interim.host:



$ ssh -L1194:localhost:1194 user@remote.host


Finally connect your local openvpn client to localhost:1194.



You may use this procedure to extend to as many hops as required.







share|improve this answer












share|improve this answer



share|improve this answer










answered Dec 6 '18 at 15:30









harrymc

253k12261563




253k12261563












  • Sorry, but this is not the kind of answer I was looking for. I've added an edit to make this clearer.
    – Anonymous User 216
    Dec 6 '18 at 21:15










  • Let me know when your edit is done, what kind of an answer you are looking for.
    – harrymc
    Dec 6 '18 at 21:17










  • Finished the edit. I'm looking for a method to chain the VPNs through one device.
    – Anonymous User 216
    Dec 6 '18 at 21:20




















  • Sorry, but this is not the kind of answer I was looking for. I've added an edit to make this clearer.
    – Anonymous User 216
    Dec 6 '18 at 21:15










  • Let me know when your edit is done, what kind of an answer you are looking for.
    – harrymc
    Dec 6 '18 at 21:17










  • Finished the edit. I'm looking for a method to chain the VPNs through one device.
    – Anonymous User 216
    Dec 6 '18 at 21:20


















Sorry, but this is not the kind of answer I was looking for. I've added an edit to make this clearer.
– Anonymous User 216
Dec 6 '18 at 21:15




Sorry, but this is not the kind of answer I was looking for. I've added an edit to make this clearer.
– Anonymous User 216
Dec 6 '18 at 21:15












Let me know when your edit is done, what kind of an answer you are looking for.
– harrymc
Dec 6 '18 at 21:17




Let me know when your edit is done, what kind of an answer you are looking for.
– harrymc
Dec 6 '18 at 21:17












Finished the edit. I'm looking for a method to chain the VPNs through one device.
– Anonymous User 216
Dec 6 '18 at 21:20






Finished the edit. I'm looking for a method to chain the VPNs through one device.
– Anonymous User 216
Dec 6 '18 at 21:20




















draft saved

draft discarded




















































Thanks for contributing an answer to Super User!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.





Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


Please pay close attention to the following guidance:


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1381377%2fvpn-how-to-chain-two-openvpn-servers%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Сан-Квентин

Алькесар

Josef Freinademetz