How to make NAT for openvpn?

F

Falseclock2022-02-26 14:05:45

openvpn

Falseclock, 2022-02-26 14:05:45

There is a machine on which the openvpn server was raised on port 1194. Everything is as usual.

Now another openvpn machine is up. How to properly forward to the new server on the old one?

On the old machine, the service was extinguished and the rules were introduced:

iptables -t nat -A PREROUTING -p udp --dport 1194 -j DNAT --to-destination 10.204.11.200:1194
iptables -t nat -A POSTROUTING -j MASQUERADE

The connection reaches the desired server, I see it in the logs, but there is no feedback from the client.

What else needs to be added to iptables in order to be able to transfer the connection to the new server?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

D

Drno, 2022-02-26
@Drno

that is, you want to redirect the VPN connection request from the old server to the new one?
Iptables seems to have a redirect rule.
Isn't it easier on clients to change the address to a new one? Or just redirect the domain?