I am very new in terms of using a vpn. I had made an autoinstall version of a openvpn server in a vps. that is working good.
After that i installed a openvpn client in other vps. when I start the vpn client i lose access to the vps with his external IP.
Can anyone please help me ?? what i should do?? What is missing to have access with external IP access?
THank you
Access with external IP
-
openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: Access with external IP
Hello setau,
Most likely the VPN server is instructing the VPN client to send all Internet-related traffic through the VPN tunnel. If you're trying to now reach that VPN client directly on its public IP, the replies will be redirected through the VPN server. This is what I think is happening.
Before VPN is established, packets follow this path:
Your computer > Your VPS
Your VPS > Your computer
After VPN is established, packets follow this path:
Your computer > Your VPS
Your VPS > VPN server > Your computer
Since this is an unexpected path from the point of view of your computer, it will not work. Basically your computer is talking to a particular system (your VPS) and receiving replies from another system (VPN server). This is called asymmetric routing.
You can:
- SSH into your VPN server, and from there SSH to the VPN IP address of your VPS system, which will work over the VPN link.
- Connect your computer to the VPN server, and from there SSH to the VPN IP address of your VPS system, which will work over the VPN link.
- Add a route to your VPS somehow (either with OpenVPN or just directly in the routing table) that makes an exception for this rule to send all Internet-related traffic through the VPN tunnel. If for example your home IP is a static public IP you can add an exception for that IP address to always go through the default gateway. In OpenVPN directives that would look like: route 123.45.67.89 255.255.255.255 net_gateway - this can be pushed from the server or added into the client connection profile directly.
- Turn off the instruction to redirect all Internet-related traffic through the VPN tunnel, so that only certain private subnets that you need access to get redirected through the VPN tunnel, and any requests coming from the public Internet are responded to as before. On Access Server this function can be turned on/off under VPN Settings > Redirect all client Internet traffic through the VPN tunnel.
Kind regards,
Johan
Most likely the VPN server is instructing the VPN client to send all Internet-related traffic through the VPN tunnel. If you're trying to now reach that VPN client directly on its public IP, the replies will be redirected through the VPN server. This is what I think is happening.
Before VPN is established, packets follow this path:
Your computer > Your VPS
Your VPS > Your computer
After VPN is established, packets follow this path:
Your computer > Your VPS
Your VPS > VPN server > Your computer
Since this is an unexpected path from the point of view of your computer, it will not work. Basically your computer is talking to a particular system (your VPS) and receiving replies from another system (VPN server). This is called asymmetric routing.
You can:
- SSH into your VPN server, and from there SSH to the VPN IP address of your VPS system, which will work over the VPN link.
- Connect your computer to the VPN server, and from there SSH to the VPN IP address of your VPS system, which will work over the VPN link.
- Add a route to your VPS somehow (either with OpenVPN or just directly in the routing table) that makes an exception for this rule to send all Internet-related traffic through the VPN tunnel. If for example your home IP is a static public IP you can add an exception for that IP address to always go through the default gateway. In OpenVPN directives that would look like: route 123.45.67.89 255.255.255.255 net_gateway - this can be pushed from the server or added into the client connection profile directly.
- Turn off the instruction to redirect all Internet-related traffic through the VPN tunnel, so that only certain private subnets that you need access to get redirected through the VPN tunnel, and any requests coming from the public Internet are responded to as before. On Access Server this function can be turned on/off under VPN Settings > Redirect all client Internet traffic through the VPN tunnel.
Kind regards,
Johan
OpenVPN Inc.Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
-
setau
- OpenVpn Newbie
- Posts: 2
- Joined: Thu Aug 26, 2021 8:58 pm
Re: Access with external IP
Thank you for your answer
I ll try as your information
thanks
I ll try as your information
thanks