Openvpn Breaks SSH connection

Need help configuring your VPN? Just post here and you'll get that help.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
detofofur
OpenVpn Newbie
Posts: 1
Joined: Wed Mar 22, 2017 10:08 pm

Openvpn Breaks SSH connection

Post by detofofur » Wed Mar 22, 2017 11:02 pm

Hello! I currently have a Raspberry Pi in my house used for sharing a hdd over the net. Whenever I'm away i've always been able to access it using ssh but recently I installed a VPN service (client) so the Rpi also act as as a gateway for my devices in my house. My problem is that whenever I activate the OpenVpn service I can no longer access to my rpi remotely via SSH.

From what I've read the problem is that when I try connect to my RPI while the openvpn service is active, the return packets are being routed over the VPN and that's the reason I'm not being able to establish the ssh connection.
My current setup is as follows:
Main Router 192.168.3.1
RPI: 192.168.3.2 (with Openvpn client service operating as gateway)
Configured iptables routes
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
iptables -A FORWARD -i tun0 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -i eth0 -o tun0 -j ACCEPT
ip route command output
0.0.0.0/1 via 10.35.0.13 dev tun0
default via 192.168.3.1 dev eth0 metric 202
10.35.0.1 via 10.35.0.13 dev tun0
10.35.0.13 dev tun0 proto kernel scope link src 10.35.0.14
128.0.0.0/1 via 10.35.0.13 dev tun0
169.57.0.200 via 192.168.3.1 dev eth0
192.168.3.0/24 dev eth0 proto kernel scope link src 192.168.3.2 metric 202
I'm only able to connect remotely using SSH and with the OpenVpn up and running if I specify the following route:
ip route add x.x.x51.74/32 via 192.168.3.1 dev eth0

Being x.x.x51.74 the ip of my remote laptop location. The problem is that I need to be able to connect to my Rpi no matter where I am and with that route in only allows me to access the RPI from that specific location.

Someone told me I could use a script that run the following routes but still I'm not able to connect
suggested script
ip rule add from <internal IP of SSH server/VPN client> table 10
ip route add default via <internal IP of gateway/router> table 10
If anyone have any suggestion I'd really appreciate it.
Thanks
Top
TinCanTech
OpenVPN Protagonist
Posts: 11137
Joined: Fri Jun 03, 2016 1:17 pm

Re: Openvpn Breaks SSH connection

Post by TinCanTech » Thu Mar 23, 2017 12:07 am

detofofur wrote:any suggestion
The droid you are looking for is called policy based routing
Top
peterpan192
OpenVpn Newbie
Posts: 1
Joined: Sat Jun 24, 2017 1:24 pm

Re: Openvpn Breaks SSH connection

Post by peterpan192 » Sat Jun 24, 2017 1:39 pm

Hello! I did not want to start a new thread since there are a few here in this forum and on the internet. However, I haven't found a solution that works for me, yet.
My installation is similar to this: I have a Raspberry PI3 with OSMC and OpenVPN running on it. I recently got a new router which allows me to use DynDNS. Since I can get my public Router IP now and I have opened port 22 I can SSH to my PI now with the following command: 'ssh -p22 osmc@MyPublicIP. However, as soon as I connect to a VPN with OpenVPN, I cannot reach my Raspberry Pi anymore. I tried some solutions from other forums, but they haven't worked for me. I get that it has something to do with the return packets being routed via the VPN but I'm very inexperienced with scripting etc. so can anyone help me out?
Top
Post Reply

Return to “Configuration”