How to allow connection to VPN from additional IP?

A

AkZwork2019-12-25 03:11:14

linux

AkZwork, 2019-12-25 03:11:14

Good afternoon.
I have a server with two IP addresses on ens3.
From one address (main) I can both connect via SSH and connect to VPN.
From an additional address, I can only connect via SSH, but the connection to the VPN does not work, and the syslog logs are empty at this moment.
Rules for VPN:
iptables -t nat -A POSTROUTING -o ens3 -s 10.8.0.0/24 -j MASQUERADE
iptables -I INPUT -p udp --dport 5555 -j ACCEPT
iptables -I FORWARD -s 10.8.0.0/24 - j ACCEPT
However, I cleared the rules completely and it didn't help. I do not have a ban on connecting from a specific address, or vice versa, permission from only one.
I've fully grep -r "IP" and replaced where it could be related to OpenVPN - doesn't help. The address is essentially open and allowed, only Openvpn does not want to connect through it.
In fact, I want something: connect from an additional one, and go online from the main one (like doublevpn, only on two ips of one server, so as not to lose speed, but now this is not the point and we are not discussing this issue).
Thank you.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

alex1478, 2019-12-25
@alex1478

Set the openvpn config
to listen on all interfaces. Either the IP that you want to use as "input"
Additional rule for accessing the Internet from a specific address

iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o ens3 -j SNAT --to-source <IP>

A

Alexey Dmitriev, 2019-12-25
@SignFinder

1. OpenVPN may not listen on the second interface.
2. OpenVPN has its own log - you need to look into it.