Re: OpenVPN on Xen DomU
On Tue, Oct 21, 2014 at 02:51:41PM +0200, Denis Witt wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Hi list,
>
> yay, some non systemd related traffic. ;)
>
> I try to migrate an OpenVPN-Server/Gateway to a Xen DomU (old config is
> working fine). Connection to the VPN works fine, routing doesn't.
>
> On the old machine (bare metal) I used:
>
> iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
>
> On the DomU this doesn't seem to work anymore, so I tried:
>
> iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to-source
> <PUBLIC_VPN_IP>
>
> But it didn't work either.
>
> The DomU network interface is a bridge in Dom0.
>
Why do you want to do nat on the DomU interface?
You should do nat on the vpn interface.
-H
--
Henning Follmann | hfollmann@itcfollmann.com
Reply to: