Page 1 of 1

openvpn client as gateway

Posted: Tue Jan 03, 2017 7:05 pm
by malahal
I have my own openvpn server in the cloud. I set up ubuntu 16.04 as openvpn client. I also set this up as a gateway for other computers. The problem is that all traffic goes through the tun0 interface as expected, but I would like to avoid traffic from the openvpn client itself not going through the tunnel, how do I do that?

I set up my openvpn client as gateway with the following commands (copied from web!, other computers send packets to this)
iptables --flush
iptables --table nat --flush
iptables --table nat --append POSTROUTING --out-interface tun0 -j MASQUERADE
iptables --append FORWARD --in-interface enp1s0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward

To avoid using the tunnel for any traffic originated in the gateway itself, I tried with source based policy routing based on the my openvpn client node IP address, but it didn't work. I could do this with other computer IP addresses but not the openvpn client gateway itself. Any pointers on how to go about this?