Scribd Logo
Carica

Benvenuto in Scribd!

  • Cant SSH To Server With VPN Connection

    Caricato da

    leonard1971
    65 visualizzazioni2 pagine
    rwe

    Titolo originale

    Cant SSH to Server With VPN Connection

    Copyright

    © © All Rights Reserved

    Formati disponibili

    DOCX, PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    rwe

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    65 visualizzazioni2 pagine

    Cant SSH To Server With VPN Connection

    Caricato da

    leonard1971
    rwe

    Copyright:

    © All Rights Reserved
    Scarica in formato DOCX, PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 2

    Can't SSH to server with VPN connection

    Ask Question

    8
    5
    This is quite messed up, I know. Let me explain it all.

    I have a dynamic DNS set on my router. I verified that, after port forwarding, I can connect to desired
    application (if I run something on port 1337 and forward the port to appropriate machine I can connect to it
    from outside with no issues).

    Now, if I connect my Macbook to VPN and run something as described above, it works as expected. BUT, if I
    connect my machine running Ubuntu Server 16.04 to the VPN and run something or want to connect by ssh, it
    fails. I forwarded port I'm using for SSH connection on router. I also tried hosting a web server, which also
    failed.
    What can I do about this issue? This doesn't make sense to me.

    About Ubuntu Server machine: it's a clean install with openvpn client and ssh server configured, no firewall
    running, iptables not edited, connected to router via ethernet.

    EDIT: Here are the routing tables: http://pastebin.com/ay6fpLcL


    networking server ssh dns vpn

    shareimprove this question


    edited Mar 19 '17 at 0:48
    asked Mar 16 '17 at 19:08

    Krzysztof Kraszewski
    20127
     What are the differences in the routing tables with and without the VPN (for IPv4 only, ip -4 r on
    ubuntu, netstat -f inet -rn on mac) ? – user4556274 Mar 16 '17 at 19:18
     @user4556274 here are the tables: pastebin.com/ay6fpLcL – Krzysztof Kraszewski Mar 16 '17 at 19:41
    add a comment
    1 Answer
    activeoldest votes

    6
    OK, I managed to find a solution.

    Using openvpn package without any wrappers:


    Add those 2 lines to your .ovpn file (or .conf if you're auto connecting):
    script-security 2
    up /etc/openvpn/up.sh
    Then, create /etc/openvpn/up.sh with executable permissions (755/700):
    #!/bin/sh
    ip rule add from <your-server-ip> table 128
    ip route add table 128 to <your-server-subnet> dev <your-interface>
    ip route add table 128 default via <server-gateway>
    For example, here's my configuration:

    #!/bin/sh
    ip rule add from 192.168.1.26 table 128
    ip route add table 128 to 192.168.1.0/24 dev eno1
    ip route add table 128 default via 192.168.1.1
    Using a different VPN client/different configuration:
    I can't predict the steps required, but generally you need to run up.sh script (above) everytime your VPN
    connection is established.
    Hope it helps someone having the same issue. Cheers!

    Potrebbero piacerti anche