[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Web openvpn.net

Re: [Openvpn-users] Using OpenVPN to assign public IPs

  • Subject: Re: [Openvpn-users] Using OpenVPN to assign public IPs
  • From: Lindsay Haisley <fmouse@xxxxxxx>
  • Date: Wed, 07 Nov 2007 09:42:40 -0600

On Wed, 2007-11-07 at 09:26 -0500, Cirroc wrote:
> Essentially, since all the traffic passes through the server, I can use 
> iptables to restict the traffic to only the few known-good ports that 
> the application needs.

I do similar things here, and make good use of the nat table in the
kernel netfilter to rewrite both the destination (DNAT) and source
(SNAT) addresses as necessary so that packets go where I want them and
appear to come from wherever I say they do in the nat table.

Without addressing your problem specifically, my approach would be to
explore creative address rewriting :-)  You can get _very_ creative with
it, and if you do it right, it'll just work.

> I'd love any help or thoughts in setting this up.. It feels so close, 
> yet so frustratingly far away.

I know the feeling well .... ;-)

Lindsay Haisley       | "In an open world,    |     PGP public key
FMP Computer Services |    who needs Windows  |      available at
512-259-1190          |      or Gates"        | http://pubkeys.fmp.com
http://www.fmp.com    |                       |

Openvpn-users mailing list