OpenVPN + SNAT = broken pipe (IP proxy?)

Use this forum to share your network setup and what's been working for you.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Post Reply
clouseau
OpenVpn Newbie
Posts: 1
Joined: Sat Mar 28, 2015 12:50 pm

OpenVPN + SNAT = broken pipe (IP proxy?)

Post by clouseau » Sat Mar 28, 2015 12:59 pm

Hi,

I have a pool of public IP addresses. OpenVPN listens on the 1st one via UDP.
I have some people working for me, they need to have a static IP in my realm.

Anyway, so the idea was to install an OpenVPN server (routing mode), which I did, make it a default route and SNAT their IP to one of the other IPs on one of my public network.

Example:
OpenVPN listening on 1.2.3.1 (public) eth0, clients comming into 192.168.240.6 - .10,14,18...etc

then I SNAT them to one of the other IPs in the public range, like:
iptables -t nat -A POSTROUTING -o eth0 -s 192.168.240.6 -j SNAT --to-source 1.2.3.2 <- the next public IP address
and so on

But I get broken pipe(s), so I guess I'm postrouting something that I shouldn't. I have only one ETH port on the server, eth0 (with 126 aliases in the public pool).
Is this doable at all with one interface?

User avatar
maikcat
Forum Team
Posts: 4200
Joined: Wed Jan 12, 2011 9:23 am
Location: Athens,Greece
Contact:

Re: OpenVPN + SNAT = broken pipe (IP proxy?)

Post by maikcat » Sun Mar 29, 2015 1:36 pm

broken pipe?

can you post the exact rule and the output you get?

Michael.

Post Reply