This forum is for general conversation and user-user networking.
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
christaly
- OpenVpn Newbie
- Posts: 5
- Joined: Fri Jun 10, 2022 9:37 pm
Post
by christaly » Fri Jun 10, 2022 9:45 pm
Hope this is the proper place to post this.
So I setup my openvpn server using openvpn-install and it was fairly easy. The only issue I am having is that I want to set the outgoing IP to a specific IP. The script sets up an file called add-openvpn-rules.sh which creates the following entries for my server:
Code: Select all
#!/bin/sh
iptables -t nat -I POSTROUTING 1 -s 10.8.0.0/24 -o enp6s0f0 -j MASQUERADE
iptables -I INPUT 1 -i tun0 -j ACCEPT
iptables -I FORWARD 1 -i enp6s0f0 -o tun0 -j ACCEPT
iptables -I FORWARD 1 -i tun0 -o enp6s0f0 -j ACCEPT
iptables -I INPUT 1 -i enp6s0f0 -p tcp --dport 58385 -j ACCEPT
The problem is that it forces the use of the main IP address of the server and I would like to specify a specific address. Can anyone help to modify the above entries to specify the IP. Let's say the IP is 57.65.23.56 (Not the real IP) for instance.
By the way, I have already tried settings the interface value to the actual interface of the IP in question, but that does not work at all. I tried:
Code: Select all
#!/bin/sh
iptables -t nat -I POSTROUTING 1 -s 10.8.0.0/24 -o enp6s0f0:iw2 -j MASQUERADE
iptables -I INPUT 1 -i tun0 -j ACCEPT
iptables -I FORWARD 1 -i enp6s0f0:iw2 -o tun0 -j ACCEPT
iptables -I FORWARD 1 -i tun0 -o enp6s0f0:iw2 -j ACCEPT
iptables -I INPUT 1 -i enp6s0f0:iw2 -p tcp --dport 58385 -j ACCEPT
Thanks in advance.
-
christaly
- OpenVpn Newbie
- Posts: 5
- Joined: Fri Jun 10, 2022 9:37 pm
Post
by christaly » Fri Jun 10, 2022 11:22 pm
As A follow up. Here is the ifconfig output. These obviously are not the real IP's but I wanted to show the interfaces where enp6s0f0:iw2 has the IP I want to use.
Code: Select all
enp6s0f0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 173.1.1.2 netmask 255.255.255.224 broadcast 173.1.1.1
inet6 fe80::ca0a:a9ff:fef1:34de prefixlen 64 scopeid 0x20<link>
ether c8:0a:a9:f1:34:de txqueuelen 1000 (Ethernet)
RX packets 3854882 bytes 1543776995 (1.4 GiB)
RX errors 0 dropped 36164 overruns 0 frame 0
TX packets 3713647 bytes 4040609475 (3.7 GiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdf6e0000-df6fffff
enp6s0f1: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
ether c8:0a:a9:f1:34:df txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device memory 0xdf660000-df67ffff
enp6s0f0:iw1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 173.1.1.3 netmask 255.255.255.224 broadcast 173.1.1.1
ether c8:0a:a9:f1:34:de txqueuelen 1000 (Ethernet)
device memory 0xdf6e0000-df6fffff
enp6s0f0:iw2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 173.1.1.4 netmask 255.255.255.224 broadcast 173.1.1.1
ether c8:0a:a9:f1:34:de txqueuelen 1000 (Ethernet)
device memory 0xdf6e0000-df6fffff
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 839863 bytes 205800051 (196.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 839863 bytes 205800051 (196.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.8.0.1 netmask 255.255.255.0 destination 10.8.0.1
inet6 fe80::5b9c:21d9:f2ef:2690 prefixlen 64 scopeid 0x20<link>
unspec 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 txqueuelen 100 (UNSPEC)
RX packets 42318 bytes 3220000 (3.0 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 70256 bytes 82118854 (78.3 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Post
by TinCanTech » Sat Jun 11, 2022 12:54 am
christaly wrote: ↑Fri Jun 10, 2022 11:22 pm
The problem is that it forces the use of the main IP address of the server and I would like to specify a specific address
Which address would that be ..
-
christaly
- OpenVpn Newbie
- Posts: 5
- Joined: Fri Jun 10, 2022 9:37 pm
Post
by christaly » Sat Jun 11, 2022 2:37 am
TinCanTech wrote: ↑Sat Jun 11, 2022 12:54 am
christaly wrote: ↑Fri Jun 10, 2022 11:22 pm
The problem is that it forces the use of the main IP address of the server and I would like to specify a specific address
Which address would that be ..
You can use 173.1.1.4 as the example. Lets assume 173.1.1.2 is the main IP address if you need that. I do not want to give out the actual IP address of the server.
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Post
by TinCanTech » Sat Jun 11, 2022 6:39 pm
This is networking beyond the scope of OpenVPN.
-
christaly
- OpenVpn Newbie
- Posts: 5
- Joined: Fri Jun 10, 2022 9:37 pm
Post
by christaly » Sat Jun 11, 2022 8:14 pm
TinCanTech wrote: ↑Sat Jun 11, 2022 6:39 pm
This is networking beyond the scope of OpenVPN.
Thanks for your input. But I am sure someone may know how this is done. Also, it is in Off Topic now so I am sure it is fine.
-
TinCanTech
- OpenVPN Protagonist
- Posts: 11137
- Joined: Fri Jun 03, 2016 1:17 pm
Post
by TinCanTech » Sat Jun 11, 2022 9:10 pm
There is one OpenVPN thing which may help, a little.
Option: --multihome (It is in the manual)
-
christaly
- OpenVpn Newbie
- Posts: 5
- Joined: Fri Jun 10, 2022 9:37 pm
Post
by christaly » Sun Jun 12, 2022 10:20 pm
So I managed to get this working by just doing a simple line on its own. I left the .sh file as it was and just ran this. It made it work so that is all I need:
Code: Select all
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source 173.1.1.4
