how to force all internet traffic go through my vpn tunnel

Posted on

A server stack is the collection of software that forms the operational infrastructure on a given machine. In a computing context, a stack is an ordered pile. A server stack is one type of solution stack — an ordered selection of software that makes it possible to complete a particular task. Like in this post about how to force all internet traffic go through my vpn tunnel was one problem in server stack that need for a solution. Below are some tips in manage your windows server when you find problem about windows, networking, vpn, openvpn, vpn-client.

I have my OpenVPN server running on my Linksys-E4200 router. The VPN server local ip is Now I am in the public library. My Windows7 OpenVPN client has connected with the OpenVPN server.

When I use tracert to see the traffic for some unpopular websites on a DOS window, I got the following:

Tracing route to []
over a maximum of 30 hops:

  1    33 ms    29 ms    21 ms
  2    39 ms    32 ms    34 ms
  3   160 ms    30 ms    33 ms []
  4    47 ms    43 ms   100 ms []
  5    41 ms    45 ms    48 ms []
  6    57 ms    38 ms    40 ms []

But when I try this for some popular websites, such as google, yahoo, cnn, I got this:

Tracing route to [2607:f8b0:4006:811::2004]
over a maximum of 30 hops:

  1     5 ms     8 ms     3 ms  2603:3005:540b:7800:c02:27ff:fef2:eaa7
  2    27 ms    26 ms    30 ms  2001:558:4023:145::1
  3    13 ms    12 ms    13 ms  2001:558:202:406::1
  4    16 ms    15 ms    13 ms  2001:558:200:4020::1
  5     *       30 ms     * [2001:558:0:f6b6::1]
  6    35 ms     *        * [2001:558:0:f5be::2]

In the first case, I assume the client traffic is through the VPN tunnel to my home(OpenVPN server) and then goes to the destination.

In the second case, these IPv6 addresses are from the local public library’s network. Does this mean that not all internet traffic from my machine/client are through the VPN tunnel?

How can I force all the client traffic goes through the VPN tunnel first? Is it a client machine issue?


After I have disabled the IPv6, I found I don’t have any internet access if the vpn connection is established. That means my vpn server doesn’t allow me to go outside?

By remote to my vpn server, I can see two vpn connections, one from my laptop and one from my phone. But there is nothing received for both of the connections.

enter image description here

As Linksys E4200 stock firmware doesn’t support OpenVPN, you probably have DD-WRT. Your issue is not likely caused by the router’s configuration, but the specifications of your home Internet.

The difference between [] and [2607:f8b0:4006:811::2004] is not the popularity but the Internet Protocol version used: doesn’t have AAAA record and is only served on IPv4, while all the big sites you tested have both IPv4 and IPv6.

Your public library has IPv6 connectivity, which either your home Internet connection or your OpenVPN setup lacks. This means that you don’t have a default IPv6 route through your OpenVPN. You can check your routing tables using route print to verify.

If your ISP doesn’t support IPv6, this can’t be fixed.

One option is to disable IPv6 on your Windows 7 machine. From GUI:

  1. From Network and Sharing Center
  2. select Change adapter settings
  3. right-click the correct adapter and select Properties.
  4. Uncheck Internet Protocol Version 6 (TCP/IPv6).

It’s also possible to disable IPv6 on all non-tunnel interfaces from Windows registry:


Using dword:000000ff disables IPv6 altogether.
(See Guidance for configuring IPv6 in Windows for advanced users.)

Leave a Reply

Your email address will not be published. Required fields are marked *