I install OpenVPN on Ubuntu 22.04, it works, I can connect to server with clients, surf the web and access to LAN hosts but I can't access to services on the same server. On the server where is installed openvpn I have also a service running on TCP 8090 and other service un 3478 UDP port. When I connect to my VPN for example with Android client I can access to 8090 service on server but can't access to service on UDP port. Please can you help me. Please?
P.S. if the services run on other host in LAN I'm able to connect to all ports(TCP and UDP)
OpenVPN access services on same host
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
-
gfucka
- OpenVpn Newbie
- Posts: 4
- Joined: Fri Dec 23, 2022 4:23 pm
-
Pippin
- Forum Team
- Posts: 1201
- Joined: Wed Jul 01, 2015 8:03 am
- Location: irc://irc.libera.chat:6697/openvpn
Re: OpenVPN access services on same host
Hi,
This sounds like the firewall on the server is blocking port 3478 and/or UDP protocol.
Or maybe the service on port 3478 is not accepting connections from subnets other then it's own...
Otherwise see here:
viewtopic.php?t=22603#p68963
.
This sounds like the firewall on the server is blocking port 3478 and/or UDP protocol.
Or maybe the service on port 3478 is not accepting connections from subnets other then it's own...
Otherwise see here:
viewtopic.php?t=22603#p68963
.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp
Halton Arp
-
gfucka
- OpenVpn Newbie
- Posts: 4
- Joined: Fri Dec 23, 2022 4:23 pm
Re: OpenVPN access services on same host
Thank you for answering
I don't think service not accept connections because if I access it from wan with port forwarding it works
* Server *
I run it on docker container
Operating system:
Server config file:
port 1194
proto tcp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/MyReq.crt
key /etc/openvpn/MyReq.key
dh /etc/openvpn/dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
duplicate-cn
keepalive 10 120
cipher AES-256-GCM
ncp-ciphers AES-256-GCM:AES-256-CBC
auth SHA512
persist-key
persist-tun
status openvpn-status.log
verb 1
tls-server
tls-version-min 1.2
tls-auth /etc/openvpn/ta.key 0
crl-verify /etc/openvpn/crl.pem
* Client *
Operating system:
Android 12
Client config file:
client
dev tun
proto tcp
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-256-GCM
auth SHA512
verb 3
tls-client
tls-version-min 1.2
key-direction 1
remote-cert-tls server
remote mypublicip 1994
I don't think service not accept connections because if I access it from wan with port forwarding it works
* Server *
I run it on docker container
Operating system:
Code: Select all
# uname -a
Linux thinserver 5.15.0-56-generic #62-Ubuntu SMP Tue Nov 22 19:54:14 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Server config file:
server
port 1194
proto tcp
dev tun
ca /etc/openvpn/ca.crt
cert /etc/openvpn/MyReq.crt
key /etc/openvpn/MyReq.key
dh /etc/openvpn/dh.pem
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 208.67.222.222"
push "dhcp-option DNS 208.67.220.220"
duplicate-cn
keepalive 10 120
cipher AES-256-GCM
ncp-ciphers AES-256-GCM:AES-256-CBC
auth SHA512
persist-key
persist-tun
status openvpn-status.log
verb 1
tls-server
tls-version-min 1.2
tls-auth /etc/openvpn/ta.key 0
crl-verify /etc/openvpn/crl.pem
* Client *
Operating system:
Android 12
Client config file:
client
client
dev tun
proto tcp
resolv-retry infinite
nobind
persist-key
persist-tun
cipher AES-256-GCM
auth SHA512
verb 3
tls-client
tls-version-min 1.2
key-direction 1
remote-cert-tls server
remote mypublicip 1994
-
Pippin
- Forum Team
- Posts: 1201
- Joined: Wed Jul 01, 2015 8:03 am
- Location: irc://irc.libera.chat:6697/openvpn
Re: OpenVPN access services on same host
I have no experience with Docker.
Maybe something with Docker networking setup, selinux, apparmor, .....
Configuration looks ok and it seems OpenVPN is working correctly, therefore moved to off topic.
(I assume your port forward is correct 1994>1194 or you made a typo)
Someone else might have an idea.
.
Maybe something with Docker networking setup, selinux, apparmor, .....
Configuration looks ok and it seems OpenVPN is working correctly, therefore moved to off topic.
(I assume your port forward is correct 1994>1194 or you made a typo)
Someone else might have an idea.
.
I gloomily came to the ironic conclusion that if you take a highly intelligent person and give them the best possible, elite education, then you will most likely wind up with an academic who is completely impervious to reality.
Halton Arp
Halton Arp
-
gfucka
- OpenVpn Newbie
- Posts: 4
- Joined: Fri Dec 23, 2022 4:23 pm
Re: OpenVPN access services on same host
Yes sorry I change host address and I make a typo on port number. The forwarding is on port 1194.
It is possible I must do something on iptables?
It is possible I must do something on iptables?
-
gfucka
- OpenVpn Newbie
- Posts: 4
- Joined: Fri Dec 23, 2022 4:23 pm
Re: OpenVPN access services on same host
Nobody can help me?