Ssh to bastion host While being on OpenVPN

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
mirwasim0
OpenVpn Newbie
Posts: 1
Joined: Fri Mar 01, 2024 8:07 am

Ssh to bastion host While being on OpenVPN

Post by mirwasim0 » Fri Mar 01, 2024 8:15 am

Hello Everyone,
I am new here but I am sure that I will get support on my use case.
I have seen people reporting this issue but my case is slightly different

use case:
I have setup an openvpn in GCP from marketplace, done setup and started using it.
I am able to reach internal load balancers while I am on VPN which is expected.

in my OpenVPn I have set `Should client Internet traffic be routed through the VPN?` as NO because if it is yes then my internet stop working.

Now problem is that I have a bastion host which I have been using as a tunnel to connect with DB in private network earlier. I whitelist IP in firewall of bastion to connect with the DB, I whitelist the IP of openvpn in firewall so that I can ssh only while I am on VPN but it is not working and requests get timeout. in same way when I try to connect with DB while I am on VPN from cli it also time out .

I am expecting that I should be able to ssh in bastion and I should be able login to DB while I am on vpn.

if any logs are required please let me know I can share the related logs here .

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: Ssh to bastion host While being on OpenVPN

Post by openvpn_inc » Thu Mar 07, 2024 6:45 pm

Hi mir,

This seems to be OpenVPN Access Server, so I moved this post to the appropriate subforum.

Best way to get support is with the link in my signature, below. Even a free-tier (2 connections) AS user can open a Support ticket.

If you're changing the firewall on your AS host, that is strongly not recommended. AS needs to manage its own firewall.

Also sounds like there could be routing vs. NAT issues here. By default AS uses NAT to connect to VPN destinations, but you might want to configure routing on yours.

HTH, regards, rob0
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply