Common server ip address for multiple openvpn daemons

microwavesafe · Post by **microwavesafe** » Sat Jul 06, 2013 7:27 am

Hi,

I'm not sure if my solutions lies in openvpn routing or iptables, but if i explain what i'd like to do, maybe some can help.

I have two open vpn daemons running on different ports. One on 1194, with server ip 10.8.0.1 and one on 1195, ip address 10.9.0.1. I am using two so I can lock down server port access based on the interface (tun0 and tun1) using iptables. This is all working fine, with the first instance supplying services for trusted users and the other locked down to port 80 for less trusted users. I'm running GitLab on nginx which I need to provide for both sets of people.

Now the problem is inside gitlab I have configured it to show all the git links as git://10.8.0.1 etc. These don't make sense to people connecting on the second vpn daemon where the server will be 10.9.0.1.

So, is there a clever use of route in the server configs that will allow the 10.9.0.1 subnet talk to the server as 10.8.0.1. Or can I create a different common ip address for the server that both can use? Or am I in completely the wrong area and I should be considering some iptables routing / masquerading?

Any ideas?

microwavesafe · Post by **microwavesafe** » Sat Jul 06, 2013 12:06 pm

This turned out to be easier than I thought.

I added

push "route 10.8.0.0 255.255.255.0"

So from the 2nd vpn daemon I can use both 10.9.0.1 or 10.8.0.1 as the server address, so the links in GitLab will work.

OpenVPN Support Forum

Common server ip address for multiple openvpn daemons

Common server ip address for multiple openvpn daemons

Re: Common server ip address for multiple openvpn daemons