Configuration for OpenVPN


#1

Hello Team,

We have OpenVPN Server installed on linux ec2 instance and on same instance mitmproxy is running.
As per our requirement, I want to use mitmproxy to log all the access logs which was browse by making connection with VPN.

It means that User connected to the VPN and if he browse a link either http/https these request will go the mitmproxy and then to internet.

I have tried to configuration iptable rules as well but no any log is getting captured. Both VPN and mitm on same server.

"
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080"

Please suggest.


#2

I needed to do the exact same thing. Your iptables is good but you need to listen on ‘tun0’ rather than ‘eth0’, because on eth0 you only have the 1194 port encoded request to the openvpn server.
What do you mean that VPN and mitm are “on the same proxy” ?


#3

Thanks @fazega… Now mitmproxy is able to log http based url but still failing on “https”.

I am very much confused about the CA related configuration. In my case , I have a ca.crt which is being used in OpenVPN and i tried by importing same in ~./mitmproxy/mitmproxy-ca-cert.pem and same pem is installed on android device.

But still https based url is showing insecure.

Thanks