I'm trying to setup a vpn to restrict access for some parts of our website, like admin interface, kibana, ...
I use the openvpn inside a docker container with the following config.
When I do `curl v4.ifconfig.co` from a connected client it shows me the ip from my server as expected.
When I send a request to my own webserver running in another container the logs show me a connection from my clients public ip.
What i would have expected is a connection from the clients vpn internal ip (192.168.155.x) or from the server ip.
How can I change that behavior?
I would then restrict access to certain parts to connections from 192.168.155.0/24 or the server ip.
Is that how you do this?
Sorry I'm new to that stuff
Thank You for your help.
server
server 192.168.255.0 255.255.255.0
verb 3
management 0.0.0.0 2080
key /etc/openvpn/pki/private/vpn.semantify.it.key
ca /etc/openvpn/pki/ca.crt
cert /etc/openvpn/pki/issued/vpn.semantify.it.crt
dh /etc/openvpn/pki/dh.pem
tls-auth /etc/openvpn/pki/ta.key
key-direction 0
keepalive 10 60
persist-key
persist-tun
proto udp
# Rely on Docker to do port mapping, internally always 1194
port 1194
dev tun0
status /tmp/openvpn-status.log
user nobody
group nogroup
comp-lzo no
### Push Configurations Below
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
push "comp-lzo no"
push "block-outside-dns"
push "route 172.40.0.0 255.255.255.0"
push "route 172.42.0.0 255.255.0.0"
EDIT:
I've tried to setup an iptables rule to change the source of the requests like this (inside of the container):
iptables -t nat -A POSTROUTING -j SNAT --to-source 127.0.0.1