Hello Everyone,
I am new here but I am sure that I will get support on my use case.
I have seen people reporting this issue but my case is slightly different
use case:
I have setup an openvpn in GCP from marketplace, done setup and started using it.
I am able to reach internal load balancers while I am on VPN which is expected.
in my OpenVPn I have set `Should client Internet traffic be routed through the VPN?` as NO because if it is yes then my internet stop working.
Now problem is that I have a bastion host which I have been using as a tunnel to connect with DB in private network earlier. I whitelist IP in firewall of bastion to connect with the DB, I whitelist the IP of openvpn in firewall so that I can ssh only while I am on VPN but it is not working and requests get timeout. in same way when I try to connect with DB while I am on VPN from cli it also time out .
I am expecting that I should be able to ssh in bastion and I should be able login to DB while I am on vpn.
if any logs are required please let me know I can share the related logs here .
Ssh to bastion host While being on OpenVPN
-
- OpenVpn Newbie
- Posts: 1
- Joined: Fri Mar 01, 2024 8:07 am
- openvpn_inc
- OpenVPN Inc.
- Posts: 1332
- Joined: Tue Feb 16, 2021 10:41 am
Re: Ssh to bastion host While being on OpenVPN
Hi mir,
This seems to be OpenVPN Access Server, so I moved this post to the appropriate subforum.
Best way to get support is with the link in my signature, below. Even a free-tier (2 connections) AS user can open a Support ticket.
If you're changing the firewall on your AS host, that is strongly not recommended. AS needs to manage its own firewall.
Also sounds like there could be routing vs. NAT issues here. By default AS uses NAT to connect to VPN destinations, but you might want to configure routing on yours.
HTH, regards, rob0
This seems to be OpenVPN Access Server, so I moved this post to the appropriate subforum.
Best way to get support is with the link in my signature, below. Even a free-tier (2 connections) AS user can open a Support ticket.
If you're changing the firewall on your AS host, that is strongly not recommended. AS needs to manage its own firewall.
Also sounds like there could be routing vs. NAT issues here. By default AS uses NAT to connect to VPN destinations, but you might want to configure routing on yours.
HTH, regards, rob0
OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support
-
- OpenVpn Newbie
- Posts: 4
- Joined: Tue Nov 26, 2024 11:19 am
Re: Ssh to bastion host While being on OpenVPN
- Routing Table: Ensure that the VPN client is configured to route traffic to the bastion host and the database through the VPN tunnel. Check the routing table on your VPN client to verify this.
- DNS Resolution: Make sure that your VPN client is configured to resolve DNS requests through the VPN tunnel. This is crucial for accessing internal resources by their hostnames.
- Firewall Rules: Verify that the firewall rules on the bastion host and the database server allow traffic from the VPN client's IP address.
- SSH Configuration: Ensure that SSH is ZYNRewards configured to allow connections from the VPN client's IP address.
- Firewall Rules: Check the firewall rules on the bastion host to allow traffic from the VPN client's IP address.
- Network Address Translation (NAT): If NAT is involved in your network setup, ensure that the VPN client's IP address is translated correctly.
- IP Routing: Verify that the network routing is configured correctly to route traffic from the VPN client to the bastion host and the database.
- DNS Settings: Ensure that the VPN client is configured to use the correct DNS servers.
- Routing Table: Check the VPN client's routing table to verify that traffic is being routed through the VPN tunnel.