Answer the question
In order to leave comments, you need to log in
How to allow connection to VPN from additional IP?
Good afternoon.
I have a server with two IP addresses on ens3.
From one address (main) I can both connect via SSH and connect to VPN.
From an additional address, I can only connect via SSH, but the connection to the VPN does not work, and the syslog logs are empty at this moment.
Rules for VPN:
iptables -t nat -A POSTROUTING -o ens3 -s 10.8.0.0/24 -j MASQUERADE
iptables -I INPUT -p udp --dport 5555 -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 - j ACCEPT
However, I cleared the rules completely and it didn't help. I do not have a ban on connecting from a specific address, or vice versa, permission from only one.
I've fully grep -r "IP" and replaced where it could be related to OpenVPN - doesn't help. The address is essentially open and allowed, only Openvpn does not want to connect through it.
In fact, I want something: connect from an additional one, and go online from the main one (like doublevpn, only on two ips of one server, so as not to lose speed, but now this is not the point and we are not discussing this issue).
Thank you.
Answer the question
In order to leave comments, you need to log in
Set the openvpn config
to listen on all interfaces. Either the IP that you want to use as "input"
Additional rule for accessing the Internet from a specific address
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o ens3 -j SNAT --to-source <IP>
1. OpenVPN may not listen on the second interface.
2. OpenVPN has its own log - you need to look into it.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question