Page 1 of 1
NAT/masquerading is enabled, how to disable?
Posted: Thu Jun 25, 2020 2:57 pm
by EBCF
I set up OpenVPN using the Turnkey Linux appliance. It works, but the appliance uses NAT/masquerading by default, meaning VPN clients aren't directly visible to the corporate network. I'd like to change this. I think what I want is a routed setup without NAT (and with the addition of an appropriate static route on our office's default gateway). I'm not familiar with iptables and masquerading and since the distro set things up I'm not sure what needs to be looked at and changed.
Re: NAT/masquerading is enabled, how to disable?
Posted: Thu Jun 25, 2020 4:56 pm
by TinCanTech
EBCF wrote: ↑Thu Jun 25, 2020 2:57 pm
the corporate network
Have you considered hiring a professional ?
Re: NAT/masquerading is enabled, how to disable?
Posted: Fri Jun 26, 2020 3:00 pm
by EBCF
Following on from this superuser post,
https://superuser.com/questions/974327/ ... in-openvpn , I found where the iptables rules were being set. In /etc/iptables.up.rules on this appliance, others might differ. I commented out all the lines in the nat section and rebooted and after adding the static route on the office router it appears to be working.