I have my own openvpn server in the cloud. I set up ubuntu 16.04 as openvpn client. I also set this up as a gateway for other computers. The problem is that all traffic goes through the tun0 interface as expected, but I would like to avoid traffic from the openvpn client itself not going through the tunnel, how do I do that?
I set up my openvpn client as gateway with the following commands (copied from web!, other computers send packets to this)
iptables --table nat --flush
iptables --table nat --append POSTROUTING --out-interface tun0 -j MASQUERADE
iptables --append FORWARD --in-interface enp1s0 -j ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
To avoid using the tunnel for any traffic originated in the gateway itself, I tried with source based policy routing based on the my openvpn client node IP address, but it didn't work. I could do this with other computer IP addresses but not the openvpn client gateway itself. Any pointers on how to go about this?
How to customize and extend your OpenVPN installation.
1 post • Page 1 of 1