Can an OpenVPN Server Push Proxy Settings to a Mobile Device?
How to push proxy settings to OpenVPN Connect on iOS.
Yes, An OpenVPN server can push HTTP and HTTPS proxy settings to an iOS client to be used by Safari (or other iOS browsers) for the duration of the VPN session. For example, if you want iOS clients to use an HTTP/HTTPS proxy when connected to your OpenVPN server, you can configure the proxy connection.
Suppose you have a proxy at 10.144.4.14 on port 3128. To push the proxy settings to clients, you add the following directives to the OpenVPN server-side configuration:
push "dhcp-option PROXY_HTTP 10.144.5.14 3128" push "dhcp-option PROXY_HTTPS 10.144.5.14 3128"
If you want several web domains to connect directly and go through the proxy, run a command such as this:
push "dhcp-option PROXY_BYPASS example1.tld example2.tld example3.tld"
If your site uses a Proxy Autoconfiguration URL, specify the URL as follows:
push "dhcp-option PROXY_AUTO_CONFIG_URL http://example.tld/proxy.pac"
If you don't want to (or can't) modify the OpenVPN server configuration, you can add proxy directives directly to the client .ovpn profile. Remove the enclosing push "..." from the directive:
dhcp-option PROXY_HTTP 10.144.5.14 3128 dhcp-option PROXY_HTTPS 10.144.5.14 3128
Important
When you push proxy options, it may also be necessary to push a DNS server address:
Note
This feature controls application proxy use over the VPN tunnel and is not related to the connection proxy capability of OpenVPN to connect to a server through an HTTP proxy. The connection proxy capability is under the proxies menu.