Answer the question
In order to leave comments, you need to log in
A
A
Alexander Kunin2014-08-08 20:23:45
Alexander Kunin, 2014-08-08 20:23:45
How to reach the server by external ip when connected to it via VPN (pptpd, CentOS)?
Hello,
I have a VPS server running a web server with virtual hosts (name based).
On it, according to numerous tutorials, a pptpd server was raised. Everything works, but now it is not possible to reach the server at the external address either via ssh or in other ways, but if you can use the internal ip address for ssh, then this will not work for virtual hosts.
I would be grateful if you tell me where to look and what words to google?
At the request "unable to access server by external ip during vpn connection" I did not find any useful information for myself, but "pptp routes" is about something else.
[[email protected] ~]# ip r
192.168.1.10 dev ppp0 proto kernel scope link src 192.168.1.1
109.120.100.0/24 dev venet0 proto kernel scope link src 109.120.100.27
169.254.0.0/16 dev venet0 scope link metric 1002
default dev venet0 scope link[[email protected] ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: venet0: <BROADCAST,POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/void
inet 127.0.0.1/32 scope host venet0
inet 109.120.100.27/24 brd 109.120.100.255 scope global venet0:0
31: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1496 qdisc pfifo_fast state UNKNOWN qlen 3
link/ppp
inet 192.168.1.1 peer 192.168.1.10/32 scope global ppp0[[email protected] ~]# iptables-save
# Generated by iptables-save v1.4.7 on Fri Aug 8 23:44:15 2014
*nat
:PREROUTING ACCEPT [6112:472404]
:POSTROUTING ACCEPT [11:672]
:OUTPUT ACCEPT [1126:81339]
-A POSTROUTING -o venet0 -j MASQUERADE
COMMIT
# Completed on Fri Aug 8 23:44:15 2014
# Generated by iptables-save v1.4.7 on Fri Aug 8 23:44:15 2014
*mangle
:PREROUTING ACCEPT [213612:37124715]
:INPUT ACCEPT [146674:15347003]
:FORWARD ACCEPT [66820:21762079]
:OUTPUT ACCEPT [154566:54487863]
:POSTROUTING ACCEPT [221175:76217108]
COMMIT
# Completed on Fri Aug 8 23:44:15 2014
# Generated by iptables-save v1.4.7 on Fri Aug 8 23:44:15 2014
*filter
:INPUT ACCEPT [146674:15347003]
:FORWARD ACCEPT [66820:21762079]
:OUTPUT ACCEPT [36205:17494985]
:VZ_FORWARD - [0:0]
:VZ_INPUT - [0:0]
:VZ_OUTPUT - [0:0]
-A INPUT -j VZ_INPUT
-A FORWARD -j VZ_FORWARD
-A FORWARD -i ppp -o venet0:0 -j ACCEPT
-A FORWARD -i venet0:0 -o ppp -j ACCEPT
-A OUTPUT -j VZ_OUTPUT
-A VZ_OUTPUT -p tcp -m tcp --sport 80 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 22 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 25 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 110 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 53 -j ACCEPT
-A VZ_OUTPUT -p udp -m udp --sport 53 -j ACCEPT
-A VZ_OUTPUT -p tcp -j ACCEPT
-A VZ_OUTPUT -p udp -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 8880 -j ACCEPT
-A VZ_OUTPUT -p tcp -m tcp --sport 8443 -j ACCEPT
-A VZ_OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -p tcp -j ACCEPT
-A VZ_OUTPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -p udp -j ACCEPT
COMMIT
# Completed on Fri Aug 8 23:44:15 2014 [[+comments_count]] answer(s)
@hobbyte
H
hobbyte, 2014-08-09 @hobbyte
I think here you need to look at the routes of your computer, not the server, your default starts to look in vpn when connected.
Similar questions
A
M
V
I
W
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question