Answer the question
In order to leave comments, you need to log in
D
D
DimiDr0lik2016-07-14 15:27:44
DimiDr0lik, 2016-07-14 15:27:44
How to wrap VPN traffic?
Good afternoon.
there is a server 192.168.1.2 with two vpn interfaces
tun0 - server vpn for connecting users to it 10.10.10.0
tun1 - client of another vpn server 10.10.20.0
How to wrap all traffic from tun0 to tun1 and all traffic from 192.168.1.0/24 to tun0 .to. will act as a gateway
2 answer(s)
@DimiDr0lik
@xarek1986
you also need to allow the network 192.168.1.0/24 to go to tun1
After that, simple routing:
all clients behind tun0 need to register route add default gw 10.10.10.1 (ip address tun0), or push this route to them using the VPN server (push "redirect-gateway" in OpenVPN)
For server 192.168.1.2, you need to specify default gw the one behind tun1, and additionally set the route to the server where the external VPN server is located
Somehow, maybe I made a mistake, but I have about the same configuration
D
DimiDr0lik, 2016-07-21 @DimiDr0lik
I found an article on Habré, made it according to it, everything works https://habrahabr.ru/sandbox/78897/
I
Igor S, 2016-07-14 @xarek1986
It will be problematic to turn all
traffic from 192.168
.
iptables -A FORWARD -i tun0 -o tun1 -j ACCEPT
iptables -A FORWARD -i tun1 -o tun0 -j ACCEPTyou also need to allow the network 192.168.1.0/24 to go to tun1
iptables -A FORWARD -s 192.168.1.0/24 -o tun1
iptables -A FORWARD -i tun1 -d 192.168.1.0/24After that, simple routing:
all clients behind tun0 need to register route add default gw 10.10.10.1 (ip address tun0), or push this route to them using the VPN server (push "redirect-gateway" in OpenVPN)
For server 192.168.1.2, you need to specify default gw the one behind tun1, and additionally set the route to the server where the external VPN server is located
Somehow, maybe I made a mistake, but I have about the same configuration
Similar questions
E
B
J
I
S
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question