I have a Cloud VPS running Ubuntu Server 22 LTS with OpenVPN Server installed. I have multiple client configuration files created from there. One of which is for my Home Server.
All clients have CCD static IP pushed into them
I have following IP table rule running in that server for my home server to allow forward all incoming traffic of Port 80 / 443 to my home server via this VPN tunnel.
Code: Select all
iptables -t nat -A PREROUTING -i enp0s6 -p tcp --dport 80 -j DNAT --to-destination 10.8.0.45:80 && iptables -t nat -A PREROUTING -i enp0s6 -p tcp --dport 443 -j DNAT --to-destination 10.8.0.45:443
Now I wish to ensure that my home server should bypass the VPN getaway for accessing the internet to conserve bandwidth usage of that VPS. Like for example, if I am downloading something in that home server (suppose a Docker contain and such), it should do that via local getaway (bypassing the VPN getaway).
I have tried to add following line in my home server configuration file,
Code: Select all
pull-filter ignore redirect-gateway
Without that line, accessing a URL pointed to my VPS IP address do get forwarded to my home server but when I run that pull-filter ignore rule, URLs stops working.
Following is my client configuration
Code: Select all
client
proto udp
explicit-exit-notify
remote 1xx.xx0.Xx4.Xx 331
dev tun
pull-filter ignore redirect-gateway # This is the issue
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
verify-x509-name server_EAcCWo3G32eRK2sC name
auth SHA256
auth-nocache
cipher AES-128-GCM
tls-client
tls-version-min 1.2
tls-cipher TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256
ignore-unknown-option block-outside-dns
setenv opt block-outside-dns # Prevent Windows 10 DNS leak
verb 3
<ca>
-----BEGIN CERTIFICATE-----
xxx
-----END CERTIFICATE-----
</ca>
<cert>
-----BEGIN CERTIFICATE-----
xxxx
-----END CERTIFICATE-----
</cert>
<key>
-----BEGIN PRIVATE KEY-----
xxxx
-----END PRIVATE KEY-----
</key>
<tls-crypt>
#
# 2048 bit OpenVPN static key
#
-----BEGIN OpenVPN Static key V1-----
xxxx
-----END OpenVPN Static key V1-----
</tls-crypt>
1. I wish to forward port 80/443 from OpenVPN server to my local home server so that my domains continue to work from my local server via that VPN tunnel
2. I wish to route that local home server internet traffic via local internet getaway (For ex. downloading docker containers)
I am unable to do both together.
Can anyone help me out here.
Thanks in advance.