Share server's VPN tunnel with other servers in the private network

June 29, 2017 404 views
VPN Networking Ubuntu 16.04

I've got an interesting one. I have been unable to find a solution thus far. Either I'm going about this completely the wrong way, or the private networking DO offers has some restrictions.

ServerA has two ipsec/l2tp tunnels to external networks. It can access these networks fine, and when I access ServerA with OpenVPN, I can traverse these networks.
ServerB in the same datacenter, shares a DO private network with ServerA, and they are both able to ping/ssh eachother.

What I'd like to do is be able to share ServerA's tunneled networks with ServerB, instead of setting up additional VPN connections from ServerB to the external networks (which would mean more VPN connections as my VPS needs grow).

ppp0 routes to
ppp1 routes to

if I attempt to ping to (for example), I'd like this to route/nat/what-have-you through ServerA.

I thought I could achieve this just by using the following route on ServerB
ip route add via (ServerA's private network IP)
ip route add via (ServerA's private network IP)
But I cannot get it to work. I've attempted a few things in iptables per what I could salvage through googled examples, but I don't understand enough about iptables to know if I'm doing any of it right.

Any thoughts? Or do I give up and establish additional VPN tunnels for each VPS I need to spin up?

1 comment
  • I just ran into this same issue. It appears that the backend network drops any packet to or from an IP that is not within the backend subnet itself.

Be the first one to answer this question.