[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] OpenVPN as tunnel endpoint

  • Subject: Re: [Openvpn-users] OpenVPN as tunnel endpoint
  • From: Mathias Sundman <mathias@xxxxxxxxxx>
  • Date: Sat, 15 Jan 2005 00:06:06 +0100 (CET)

On Fri, 14 Jan 2005, Michael Thomas wrote:

I am  trying to setup the following configuration:

XP machine<--> NAT-Router <--internet--> Linux/OpenVPN server

I would like access services(http,smb) running on the Linux/OpenVPN server over the vpn tunnel. These services are running on the same interface and IP address as the OpenVPN server process. There is no local sub-net behind the vpn server. I can access the server via the tunnel, but have not succeeded in firewalling the services off from the internet. I tried denying access to eth+ interfaces using iptables, but this also caused me to lose connectivity to these services over the vpn tunnel.

Is the configuration I am proposing doable? I have googled around but come up blank.

Yes, sure. Firewall of the services from internet via your physical interface (eth0), but leave them open via the tun/tap interface. Then request the services via the tun/tap IP address instead of your real IP address.

Mathias Sundman                  (^)   ASCII Ribbon Campaign
OpenVPN GUI for Windows           X    NO HTML/RTF in e-mail
http://www.nilings.se/openvpn    / \   NO Word docs in e-mail

------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ Openvpn-users mailing list Openvpn-users@xxxxxxxxxxxxxxxxxxxxx https://lists.sourceforge.net/lists/listinfo/openvpn-users