RE: openvpn question
Hi Gregory,
> Gregory Nowak wrote:
>>> The public address assigned to the laptop would actually be
>>> configured on the VPS,
>>
>> Hmm... No. Sorry. Doesn't make sense. The public address assigned
>> to the laptop would probably be yet another private address behind a
>> NAT somewhere.
>
> Ok, some confusion here it seems. Both you and I are right in that the laptop's
> public address is assigned to the VPS, and is also in reality yet another
> private address behind a NAT somewhere like you said. I'll explain below,
> since I do in fact have this going as I mentioned in my latest post to
> the VPS crashing thread.
I have been following this and I think it is getting clear what you are doing but I have lost what the problem is we are trying to resolve.
If I understand it right your setup is something like:
VPS has network 1.2.3.0/24 (mask 255.255.255.0)
Uplink ip 1.2.3.1
VPS public ip 1.2.3.2
Laptop wants to use 1.2.3.3
dns vps
vps.company.org A 1.2.3.2
vps interfaces file
iface eth0
address 1.2.3.2
netmask 255.255.255.0
gateway 1.2.3.1
iface eth0:0
address 1.2.3.3
netmask 255.255.255.0
openvpn server config
port 1194
proto udp
dev tun
server 10.1.1.0/24 255.255.255.0
etc.
openvpn client config
client
dev tun
proto udp
remote vps.company.org 1194
etc.
Somehow you have made sure client always gets same 10.1.1.x number, for instance 10.1.1.3
Via iptables you make sure any traffic coming in on the VPS server with destination 1.2.3.3 is going to the VPN ip of the laptop
And vice versa any traffic coming from the laptop vpn ip get sent out with the source 1.2.3.3
openvpn server iptables
iptables -t nat -A PREROUTING -d 1.2.3.3 -j DNAT --to 10.1.1.3
iptables -t nat -A POSTOUTING -s 10.1.1.3 -j SNAT --to 1.2.3.3
What is it that is not working? If you think we can solve the problem better by supplying the real configs then please do so.
Bonno Bloksma
Reply to: