M
M
My_Second_Nickname2021-04-20 16:55:00
openvpn
My_Second_Nickname, 2021-04-20 16:55:00

How to set up a tunnel?

Hello.
I'm interested in this question

. Let's say there is a server, on linux, which periodically connects to client servers (there are a couple of dozen of them) on port 1433, and takes certain data from sql. But the fact that port 1433 looks outward on these servers does not suit. As a solution, it was proposed to raise OpenVPN on the server, on the client by itself - OpenVPN clients, and connect to local addresses. But here's the catch - these remote servers can have the same local IP. We cannot influence this. Is it possible to somehow route packets so that there is no confusion with addresses? Or is it basically impossible, and you need to look for another way?

About the fact that on remote servers you can whitelist a server on Linux, I also thought, but for now they want VPN

Answer the question

In order to leave comments, you need to log in

2 answer(s)
H
hint000, 2021-04-20
@hint000

But here's the catch - these remote servers can have the same local IP. We cannot influence this.
You can influence. Your OpenVPN server will give them different addresses (gray) on tun interfaces. Here also address to servers to these different addresses. What addresses they have on the lan interfaces should be indifferent to you, unless you need access to the local network behind these servers.

M
Maxim Grishin, 2021-04-20
@vesper-bot

I understand the scheme as follows:
- There is one server that should consolidate some data
- There are several SQL servers located in different LANs
- There are several VPN servers that you can connect to, gaining access to SQL servers
- Addressing remote LAN is not under the control of the OP, as a result, different logical servers can have the same private IP addresses.
Then the best thing to do would be:
- Create several different OpenVPN connections from the consolidator in the network of SQL servers;
- Raise them one at a time, bypassing the problem of different IP addresses of the target servers;
- While one connection is up, process the data from the servers located behind it by the consolidator, for this, organize some kind of data structure;
- When processing is complete, drop the connection and move on to the next one in order.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question