Open VPN running on a VPS and reverse proxy

redfirebrooks72 · Post by **redfirebrooks72** » Tue Jan 07, 2020 5:51 pm

Hello,

I am running docker OpenVPN on a VPS and I have no problem to access the VPN or the admin interface with its ip on port 9443.
But I'd like to use it through a url like vpn.mydomain.com.
I have found some topics about it but is is not clear to me how to configure a reverse proxy with nginx.

I started with a simple conf :

Code: Select all

server {
  listen 80;
  listen [::]:80;

  server_name vpn.mydomain.com;

  location / {
      proxy_pass https://localhost:9443/;
  }
}

Using the url http://vpn.mydomain.com in my browser returns a 403 page (http://vpn.mydomain.com/__session_start__/)
Using instead https://vpn.mydomain.com:9443 gives me access to the login page.

using :
Distributor ID: Debian
Description: Debian GNU/Linux 9.11 (stretch)
Release: 9.11
Codename: stretch

Sorry if I have posted in the wrong section of the forum.

TinCanTech · Post by **TinCanTech** » Tue Jan 07, 2020 6:40 pm

Are you using Access Server ?

redfirebrooks72 · Post by **redfirebrooks72** » Tue Jan 07, 2020 7:52 pm

Hello,
i am using Access Server version : 2.7.5

I made some change in my config, introducing missing ssl certificate

vpn.mydomaine.com conf file

server {
listen 80;
listen [::]:80;
server_name vpn.mydomaine.com;

include snippets/letsencrypt.conf;
return 301 https://$host$request_uri;

# location / {
# proxy_pass https://localhost:943/;
# }

}

server {
listen 943 ssl http2; <-- I tried here 443 but still a 502 error
server_name vpn.mydomaine.com;

ssl_certificate /etc/letsencrypt/live/vpn.mydomaine.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/vpn.mydomaine.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/vpn.mydomaine.com/chain.pem;
include snippets/ssl.conf;
include snippets/letsencrypt.conf;

location / {
proxy_set_header X-Forwarded-Proto https;
#proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;

proxy_pass http://localhost:943/; <-- I tried here 9443 but still a 502 error
}

redfirebrooks72 · Post by **redfirebrooks72** » Tue Jan 21, 2020 10:04 pm

by the way the error.log shows the message

Code: Select all

2020/01/21 22:57:59 [error] 1207#1207: *18949 upstream prematurely closed connection while reading response header from upstream, client: 90.127.xxx.xxx, server: vpn.mydomain.com, request: "GET / HTTP/2.0", upstream: "http://127.0.0.1:943/", host: "vpn.mydomain.com"

redfirebrooks72 · Post by **redfirebrooks72** » Sun May 10, 2020 11:10 am

So, is there away to access the "webserver" using an url like vpn.mydomain.com ?
and also to connect to the vpn using the same url address instead of using the ip of the server ?

I am restarting from this conf

Code: Select all

server {
  listen 80;
  listen [::]:80;

  server_name vpn.mydomain.com;

  location / {
      proxy_pass https://localhost:943/;
  }
}

redfirebrooks72 · Post by **redfirebrooks72** » Wed May 20, 2020 6:34 am

Did i miss something ?

rovinovic · Post by **rovinovic** » Mon May 25, 2020 12:12 am

redfirebrooks72 wrote: ↑
Wed May 20, 2020 6:34 am
Did i miss something ?

Did you manage to fix this? I'm gtting the same error trying to proxy 943 on a /vpn path.

OpenVPN Support Forum

Open VPN running on a VPS and reverse proxy

Open VPN running on a VPS and reverse proxy

Re: Open VPN running on a VPS and reverse proxy

Re: Open VPN running on a VPS and reverse proxy

Re: Open VPN running on a VPS and reverse proxy

Re: Open VPN running on a VPS and reverse proxy

Re: Open VPN running on a VPS and reverse proxy

Re: Open VPN running on a VPS and reverse proxy