Hi,
i hope im in the right section. I would like to setup a vpn gateway for some of my clients in my home network, the vpn gateway should just be used for targets with a special port.
I've got running a vpn client in proxmox vm that can be used as a vpn gateway when configuring the clients with the proxmox vm as gateway. I would add a configuration, that only if a special port (e.g. 8080) should be connected from a client, the vpn tunnel is used. Otherwise my "normal" internet connection should be used.
I hope you can understand what im planing to do.
Any proposals about how to do that?
Best Regards
VPN gateway for some targets
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
-
- OpenVpn Newbie
- Posts: 5
- Joined: Thu Jan 31, 2019 2:39 pm
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
-
- OpenVpn Newbie
- Posts: 5
- Joined: Thu Jan 31, 2019 2:39 pm
Re: VPN gateway for some targets
Hi,
whats your point? As you can see my question about the gateway i could resolve. Now i want something more special. So is just nobody here who could answer it or is it not possible?
Regards
whats your point? As you can see my question about the gateway i could resolve. Now i want something more special. So is just nobody here who could answer it or is it not possible?
Regards
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: VPN gateway for some targets
They looked related to me.
I do not understand what you are trying to do, though it sounds similar to a proxy.
I do not understand what you are trying to do, though it sounds similar to a proxy.
- openvpn_inc
- OpenVPN Inc.
- Posts: 1333
- Joined: Tue Feb 16, 2021 10:41 am
Re: VPN gateway for some targets
Hi Gus,gustavson79 wrote: ↑Tue Jan 18, 2022 10:00 ami hope im in the right section. I would like to setup a vpn gateway for some of my clients in my home network, the vpn gateway should just be used for targets with a special port.
I've got running a vpn client in proxmox vm that can be used as a vpn gateway when configuring the clients with the proxmox vm as gateway. I would add a configuration, that only if a special port (e.g. 8080) should be connected from a client, the vpn tunnel is used. Otherwise my "normal" internet connection should be used.
I hope you can understand what im planing to do.
Any proposals about how to do that?
No, it's not entirely clear to me either. Routing is done on the basis of IP addresses, not services/ports. Yes, it does sound like you might want a web proxy, not a VPN.
That said, OpenVPN Access Server has some wonderful kludges which do that, to route only certain specified services through the VPN. TBH I have never messed with that, so I don't know what it looks like, but AS is free (as in beer) to download and play with. If you see how AS does this, you can surely also implement it in community version openvpn(8).
hth, regards, rob0
OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
-
- OpenVpn Newbie
- Posts: 5
- Joined: Thu Jan 31, 2019 2:39 pm
Re: VPN gateway for some targets
First, thanks for your replys. I try again to explain what i'd like to do.
I want to access the internet from a normal client in my lan over the vpn gateway. But the vpn connection of the gateway should only be used, if a special service (e.g. port 8080) is used by the client.
For example the client should connect through the vpn connection to a forum site i dont want to visit without vpn. But when i play a game on the same client the vpn connection should not be used. I dont want to change the default gateway on the client then, the decision should be made by the vpn gateway depending on the port i want to access. I hope it's more clear now, my english doesnt help so much explaining something like this .
Regards
I want to access the internet from a normal client in my lan over the vpn gateway. But the vpn connection of the gateway should only be used, if a special service (e.g. port 8080) is used by the client.
For example the client should connect through the vpn connection to a forum site i dont want to visit without vpn. But when i play a game on the same client the vpn connection should not be used. I dont want to change the default gateway on the client then, the decision should be made by the vpn gateway depending on the port i want to access. I hope it's more clear now, my english doesnt help so much explaining something like this .
Regards
-
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Re: VPN gateway for some targets
Openvpn can "sort of" do what you want but not the way you want it. Openvpn has no idea of services you use over the VPN, it just routes what you configure it to route.
So, with that model, you would need to specify every single route (For games) that you do not want to pass over the VPN and configure them all in your client. The rest would then be routed via the VPN. But that is way too messy to be of value.
Instead, what you probably need is Policy Routing at the server and the client.
You can batter your head against a brick wall over this for as long as you like but the simple answer is, only use the VPN when you need it, otherwise, do not use it.
So, with that model, you would need to specify every single route (For games) that you do not want to pass over the VPN and configure them all in your client. The rest would then be routed via the VPN. But that is way too messy to be of value.
Instead, what you probably need is Policy Routing at the server and the client.
You can batter your head against a brick wall over this for as long as you like but the simple answer is, only use the VPN when you need it, otherwise, do not use it.