fsociety3765
New Member
Hi all,
I have been battling trying to get something working for a while now. I'm close to just giving up as I just can't seem to make it work exactly how I want.
I am trying to set up iptables on an Ubuntu Server 20.04 LTS to accept traffic from the LAN and route through a VPN tunnel that is running on the server. Just to be clear, the Ubuntu Server is running the OpenVPN client and connecting up to NordVPN. It is not acting as a VPN server, just a client. There seems to be some confusion with terminology when trying to explain this, but the way I would explain it is that it's an Ubuntu Server, running an OpenVPN client with a connection to NordVPN (could be any other VPN provider), and acting as an optional "VPN Gateway" for my LAN.
The server running the OpenVPN client lives at 192.168.10.91/24. I would like to refer to this as "The VPN Gateway".
The idea is that on an ad-hoc basis, I can decide that another device on the LAN requires an encrypted and private connection to the internet, and so reconfigure that device's IP configuration accordingly to use the "VPN Gateway" as its default gateway, rather than the router (Unifi UDM-PRO).
For example, I have a device on 192.168.10.61/24. If I leave it on DHCP, its default gateway would be 192.168.10.1 which is my router. Its connection to the internet is not tunnelled through the VPN. However, if I were to set the IP config to static and assign the default gateway to 192.168.10.91 ("The VPN Gateway"), its connection to the internet should be tunnelled through the VPN.
There are lots of articles out there on this subject, all of which differ slightly in approaches. I have tried a lot and also a mixture of them all with varying levels of success.
I'm at a stage where I can make it work, but when the VPN tunnel is connected, I lose all SSH access to the VPN Gateway. I also lose SSH access to any devices that are configured to use the VPN Gateway as its default gateway. I also lose access to any web services these devices may be running.
Any help would be greatly appreciated. Please ask for any config details. I can provide whatever is required.
Thanks,
FS
I have been battling trying to get something working for a while now. I'm close to just giving up as I just can't seem to make it work exactly how I want.
I am trying to set up iptables on an Ubuntu Server 20.04 LTS to accept traffic from the LAN and route through a VPN tunnel that is running on the server. Just to be clear, the Ubuntu Server is running the OpenVPN client and connecting up to NordVPN. It is not acting as a VPN server, just a client. There seems to be some confusion with terminology when trying to explain this, but the way I would explain it is that it's an Ubuntu Server, running an OpenVPN client with a connection to NordVPN (could be any other VPN provider), and acting as an optional "VPN Gateway" for my LAN.
The server running the OpenVPN client lives at 192.168.10.91/24. I would like to refer to this as "The VPN Gateway".
The idea is that on an ad-hoc basis, I can decide that another device on the LAN requires an encrypted and private connection to the internet, and so reconfigure that device's IP configuration accordingly to use the "VPN Gateway" as its default gateway, rather than the router (Unifi UDM-PRO).
For example, I have a device on 192.168.10.61/24. If I leave it on DHCP, its default gateway would be 192.168.10.1 which is my router. Its connection to the internet is not tunnelled through the VPN. However, if I were to set the IP config to static and assign the default gateway to 192.168.10.91 ("The VPN Gateway"), its connection to the internet should be tunnelled through the VPN.
There are lots of articles out there on this subject, all of which differ slightly in approaches. I have tried a lot and also a mixture of them all with varying levels of success.
I'm at a stage where I can make it work, but when the VPN tunnel is connected, I lose all SSH access to the VPN Gateway. I also lose SSH access to any devices that are configured to use the VPN Gateway as its default gateway. I also lose access to any web services these devices may be running.
Any help would be greatly appreciated. Please ask for any config details. I can provide whatever is required.
Thanks,
FS