OpenVPN server only for RDP
Posted: Fri Feb 14, 2020 8:14 am
I would like to connect to my computer from anywhere in the world, on the ip of my ubuntu 18.04 server with OpenVPN.
But at the same time it is necessary that the computer goes online without the participation of VPN.
Client setup:
Server settings:
IPtablesb:
But at the same time it is necessary that the computer goes online without the participation of VPN.
Client setup:
Code: Select all
client
dev tun
proto udp
remote 3.18.*.47 1194
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
cipher AES-256-CBC
ignore-unknown-option block-outside-dns
block-outside-dns
verb 3
Code: Select all
local 172.31.45.153
port 1194
proto udp
dev tun
ca ca.crt
cert server.crt
key server.key
dh dh.pem
auth SHA512
tls-crypt tc.key
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp" ;If you comment, then RDP does not work
push "dhcp-option DNS 172.31.0.2"
keepalive 10 120
cipher AES-256-CBC
user nobody
group nogroup
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify crl.pem
explicit-exit-notify
Code: Select all
*filter
:INPUT ACCEPT [2087:278660]
:FORWARD ACCEPT [302:14972]
:OUTPUT ACCEPT [2096:387787]
-A INPUT -p udp -m udp --dport 1194 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -s 10.8.0.0/24 -j ACCEPT
COMMIT
# Completed on Fri Feb 14 08:03:47 2020
# Generated by iptables-save v1.6.1 on Fri Feb 14 08:03:47 2020
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [6:556]
:POSTROUTING ACCEPT [6:556]
-A PREROUTING -p tcp -m tcp --dport 3389 -j DNAT --to-destination 10.8.0.2:3389
-A POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to-source 172.31.45.153
COMMIT