I used this tutorial to setup an OpenVPN server on a Debian droplet: https://github.com/Nyr/openvpn-install I’ve also added a floating IP to the droplet, and now I’d like all connections to the VPN to appear as if they are coming from the floating IP, and NOT the primary IP of the server
When SSHing into the server, I managed to use the floating IP with a curl call:
curl --interface [ACNHOR-IP] https://api.ipify.org/
This worked - it gave the floating IP as response
How can it be done?
I saw this tutorial, but not sure what are the correct values, since the netstat -anr
doesn’t give a similar output (I have only one record: eth0
)
Thanks in advance
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
I managed to get both incoming connection and outgoing to occur via the floating ip. In /etc/openvpn/server.conf i added a line local floating-local-ip(10.19.0.6)
after which i restarted openvpn with service openvpn restart
. After that i have removed/added some iptables rules like below:
iptables -t nat -D POSTROUTING -s 10.8.0.0/24 ! -d 10.8.0.0/24 -j SNAT --to-source droplet-ip
iptables -t nat -D POSTROUTING -s 10.0.0.2/32 -o eth0 -j SNAT --to-source 10.19.0.6
iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
iptables-save
root@ghost-s-1vcpu-1gb-fra1-01:~# netstat -anr
Kernel IP routing table
Destination Gateway Genmask Flags MSS Window irtt Iface
0.0.0.0 165.227.144.1 0.0.0.0 UG 0 0 0 eth0
10.8.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0
10.19.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
165.227.144.0 0.0.0.0 255.255.240.0 U 0 0 0 eth0
root@ghost-s-1vcpu-1gb-fra1-01:~# netstat -ltnup | grep 1194
udp 12288 0 10.19.0.6:1194 0.0.0.0:* 829/openvpn
root@ghost-s-1vcpu-1gb-fra1-01:~#
In my user.ovpn i have replaced remote droplet-ip 1194
with remote floating-ip 1194
All of the above was on a clean Ubuntu 18.04 install.
Click below to sign up and get $100 of credit to try our products over 60 days!
This is the answer you are looking for: https://blog.programster.org/openvpn-digitalocean-ip-alias
Heya,
Maybe this will help you with your task.