So here is the end result that I want to happen.
Close all ports except 80, 443, and openvpn ports maybe?
Then I will allow all ports to be open if you are connected to the openvpn making the server to be secured.
Lets narrow my example to SSH connection.
So right now I have Server 1 as my website and also a openvpn installed.
All ports are closed except 80,443
I whitelist this IP 172.27.224.0/20 in/out all ports.
So if not connected to VPN, I cannot access SSH.
But if connected, i cannot have it working. I cannot connect to my server using VPN and im not sure why.
Now, I experimented another method.
I have Server 1 as my website. And Server 2 as my openvpn server.
I closed all ports of my Server 1 except 80, 443.. And whitelist the IP address of Server 2.
So when I am connected to the Server 2 via openvpn, I can connect to my Server 1 via SSH
This time it worked.
So what am I doing wrong? Is it possible to have the website and openvpn into 1 server?
Another thing. I have to whitelist the IP address of Server 2. But how come I cannot SSH if I whitelist the IP address of OpenVPN (172.27.224.0/20)?
This forum is for general conversation and user-user networking.
2 posts • Page 1 of 1
- OpenVPN Protagonist
- Posts: 5012
- Joined: Fri Jun 03, 2016 1:17 pm
Of course it is .. even my desktop is running Apache and Openvpn server & clients.
You must ensure openvpn is open otherwise you will lock yourself out completely !
If we assume (because I see no configs or logs) that your VPN uses 10.8.0.0/24 (the example subnet) .. then whitelist the VPN subnet 10.8.0.0/24 for access to SSH and make sure sshd is listening on all interfaces (which it usually is) ..
then over the VPN SSH access you shall have to your server Only if over your VPN you connect