OpenVPN Support Forum

Community Support Forum
https://forums.openvpn.net/

Connection to OpenVPN server using its own tunnel

https://forums.openvpn.net/viewtopic.php?t=43154

Page 1 of 1

Connection to OpenVPN server using its own tunnel

Posted: Thu Dec 21, 2023 11:09 am
by Markus7
Goal: I want to be able to access the LAN behind our company firewall.

Server configuration
  • IP address: 132.x.x.5/27
  • Hostname: server.somedomain.net
  • LDAP server (ports blocked in company firewall, only accessible from company LAN)
  • OpenVPN server (port 1194/UDP opened in company firewall, uses 10.8.0.1/24 to assign IPs to connecting clients)
Behavior on Windows 11 (using OpenVPN Community Client)
  • Route "132.x.x.0/27 gateway=<tun adapter>" is added to my routing table
  • I can access any host behind the company firewall through the OpenVPN tunnel by using its public IP or hostname
Behavior on Ubuntu 22.04 (using NetworkManager OpenVPN client)
  • Route "132.x.x.0/27 gateway=<tun adapter>" is added to my routing table
  • Additionally, route "132.x.x.5/32 gateway=<ethernet adapter>" is added to my routing table
  • I can access almost any host behind the company firewall through the OpenVPN tunnel by using its public IP or hostname
  • Trying to access the LDAP server using its public IP or hostname does not use the OpenVPN tunnel, it uses the normal internet gateway and gets blocked by the company firewall
  • I can still access the LDAP using IP 10.8.0.1, but authentication fails because the SSL certificate is issued to "server.somedomain.net" and not to "10.8.0.1"
Is there any way to make the Linux client behave the same way the Windows client does? (= do not add that additional route and route the whole 132.x.x.0/27 subnet through the OpenVPN tunnel)
All times are UTC
Page 1 of 1
Powered by phpBB® Forum Software © phpBB Limited
https://www.phpbb.com/