All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
How do I add muliple ips to my created vpn server?
Hi guys I started a project of learning how to set up my own vpn server. I'm using a ohv small vps. I know the very very basics of linux and my networking skills are minimal unfortunately so I need some help.
I followed a youtube video on installing and using openvpn. I basically used "the roadwarrior" script https://github.com/Nyr/openvpn-install to make it easy as possible to set up.
Now I got it working and it works great, but the roadwarrior script doesn't give me an option to add more than 1 ip. I ordered 1 extra ip from ovh to test with, so I should have 2 ips on the server. And this is where I'm stuck.
How am I supposed to make my server aware that it has this extra ip? That road warrior script was easy, how would i just add an extra ip to it?
Comments
So you need to make openvpn listen on all interfaces. Try out this guide. Let me know if you need help. serverfault.com/questions/516098/two-ips-one-openvpn-instance-impossible
thanks cam, but im still unsure what i'm supposed to do after reading that.
says i need to add a "--multihome" option, but how do i do that? Also i did that" netstat -nlp" command but it doesn't show my server ip address, not even the extra ip i ordered. I hate linux!
Hello, first use: ifconfig -a in the terminal as root to check if you really have 2 IP's assigned to your interface. Also, you need the iptables rule for the secondary IP like:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j SNAT --to-source
Thanks. Yeah I did the ifconfig-a command, its there alright. I also pinged from my laptop at home to the vps's 2nd ip, and i get a response.
as for the iptables command, should i enter that exact line or replace the 10.8.0.0/24 with my own 2nd ip?
No, 10.8.0.0/24 is the internal ip block, don't touch that.
Type ifconfig and see which interfaces there are, for each eth interface type that iptables commamd e.g. for eth0:0, eth0:1 etc.
I got 2 eth's, first is
eth0
that one is my main original ip, then the 2nd is
eth0:1
which I created when I got my ip emailed to me and has the 2nd ip address in it
So I'll just enter:
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0:1 -j SNAT --to-source
Does that look good? I"d test it out but I know linux very little and have no idea to back track if i screw it up
Yep, looks fine to me.
I get "iptables v1.4.14: option "--to-source" requires an argument
Whats linux bickering about now
edit: i added my 2nd ip to the end of that command line and it accepted it. How do i check if the iptables thing accepted it haha
If you haven't got an error it went through.
Looks good? So if my ip tables are correct, now I move on with the openvpn problem yes?
Is 10.8.0.0/24 your local ovpn subnet ? If yes then the rule is ok. If you want you can separate the subnets, make a new subnet for the secondary ip, that depends on how do you want to use this IP's.