Page 1 of 1
Route public IP from openVPN Server through VPN
Posted: Tue Feb 16, 2016 5:06 pm
by nudeltabak
Hi there,
I have a server which has an apache webserver and openVPN Server installed. So my openVPN connection works fine. All Traffic is tunneld through it. But if I want to access my Webserver via https and via the puplic IP form the server, my traffic will not go through the VPN connection. So i guess the problem occurs, because of the routing for the puplic IP from the server.
How to solve that?
My config files for a client and the server:
server.conf
Code: Select all
port 10434
proto udp
dev tun
sndbuf 0
rcvbuf 0
ca ca.crt
cert server.crt
key server.key
dh dh.pem
topology subnet
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.5.1"
keepalive 10 120
comp-lzo
persist-key
persist-tun
status openvpn-status.log
verb 3
crl-verify /etc/openvpn/easy-rsa/pki/crl.pem
user nobody
group nogroup
log-append /var/log/openvpn.log
tun-mtu 1460
mssfix 1420
client.ovpn
Code: Select all
client
dev tun
proto udp
pull
sndbuf 0
rcvbuf 0
remote dns.example.com 10434
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
comp-lzo
verb 3
<ca>
...
Re: Route public IP from openVPN Server through VPN
Posted: Tue Feb 16, 2016 10:07 pm
by Traffic
nudeltabak wrote:But if I want to access my Webserver via https and via the puplic IP form the server, my traffic will not go through the VPN connection
Do you mean
from the client ?
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 12:19 am
by nudeltabak
Traffic wrote:Do you mean from the client ?
No I don't. I mean I want to connect as a Client to the Servers puplic Ip / DNS. If I do that it will not go through the VPN tunnel.
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 12:32 am
by Traffic
No it will not ..
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 1:38 am
by nudeltabak
Traffic wrote:No it will not ..
So is there no way to route this through the vpn?
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 1:55 am
by Traffic
From your VPN server ~ To your VPN server ~ To your HTTP(s) server ... all on the same IP ?
Am I missing something ?
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 2:11 am
by nudeltabak
Traffic wrote:From your VPN server ~ To your VPN server ~ To your HTTP(s) server ... all on the same IP ?
Am I missing something ?
From my Client, which is connected to the VPN server. The HTTP server is on the same IP.
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 2:29 am
by Traffic
Traffic wrote:nudeltabak wrote:But if I want to access my Webserver via https and via the puplic IP form the server, my traffic will not go through the VPN connection
Do you mean
from the client ?
nudeltabak wrote:From my Client, which is connected to the VPN server
because of --
redirect-gateway def1 you
cannot make
HTTP/s go over the tunnel to the
same IP as the VPN server unless you use
policy based routing .. which is beyond the scope of this Forum.
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 10:35 am
by nudeltabak
nudeltabak wrote:But if I want to access my Webserver via https and via the puplic IP form the server, my traffic will not go through the VPN connection.
I meant "puplic IP" <-- from the server
Even a traceroute to my servers puplic IP does not go through the VPN.
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 11:24 am
by Traffic
Traffic wrote:because of --redirect-gateway def1 you cannot make HTTP/s go over the tunnel to the same IP as the VPN server unless you use policy based routing .. which is beyond the scope of this Forum
If HTTP/s packets were sent to the server public IP over the VPN then the VPN data packets would also go over the VPN .. which breaks the VPN.
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 12:07 pm
by nudeltabak
Traffic wrote:If HTTP/s packets were sent to the server public IP over the VPN then the VPN data packets would also go over the VPN .. which breaks the VPN.
Could you explain this point a bit more?
Re: Route public IP from openVPN Server through VPN
Posted: Wed Feb 17, 2016 12:31 pm
by Traffic
See
--redirect-gateway step(1) in
The Manual v23x
You cannot connect to the public IP of your VPN server with HTTP/s unless you use
policy based routing .. which is probably not available to your windows client.
So just use the private IP 10.8.0.1
