All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Setting Up OpenVPN Server on OpenVZ (3 IP Address)
Hi,
I want to ask for help, how to configure openvpn on OpenVZ using Centos 6 with 3 IP address.
I have a vps with 3 ip address. But I only want to use one of these IP addresses to run openvpn.
Because two other IP addresses will be used to run a webserver using the same listen port (TCP 80 and 443).
If 3 ip address I have is as follows (just an example):
123.45.6.100 (as main ip address)
123.45.6.101
123.45.6.102
How to configure openvpn to listen on ip address 123.456.101 only?
ifconfig output:
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
venet0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:127.0.0.1 P-t-P:127.0.0.1 Bcast:0.0.0.0 Mask:255.255.255.255
venet0:0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:123.45.6.100 P-t-P:123.45.6.100 Bcast:123.45.6.100 Mask:255.255.255.255
venet0:1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:123.45.6.101 P-t-P:123.45.6.101 Bcast:123.45.6.101 Mask:255.255.255.255
venet0:2 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:123.45.6.102 P-t-P:123.45.6.102 Bcast:123.45.6.102 Mask:255.255.255.255
Thanks
Comments
nano /etc/openvpn/config-default.conf
local x.x.x.x #- your_server_ip
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -s 1.2.3.0/24 -j SNAT --to YOURIP
@Taz_NinjaHawk
Thanks for help.
and how to set iptables?
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0 -j SNAT --to 127.0.0.1
or
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o venet0:1 -j SNAT --to 123.45.6.101
Second one that reflects your servers ip.
thanks for help, it's works fine
Sorry for bumping up old thread, but I want to ask..
Currently I'm using OpenVPN with Ubuntu 12.04 on KVM VPS, how to set iptables?
root@myvps:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:16:3e:f6:11:0e
inet addr:202.xxx.15.143 Bcast:202.xxx.15.255 Mask:255.255.255.0
................
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
..................
tun0 Link encap:UNSPEC HWaddr
inet addr:10.9.8.1 P-t-P:10.9.8.2 Mask:255.255.255.255
................
OpenVPN config:
port 443
proto tcp
dev tun
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/server.crt
key /etc/openvpn/keys/server.key
dh /etc/openvpn/keys/dh1024.pem
plugin /usr/lib/openvpn/openvpn-auth-pam.so /etc/pam.d/login
client-cert-not-required
username-as-common-name
server 10.9.8.0 255.255.255.0
ifconfig-pool-persist ipp.txt
push "redirect-gateway def1"
push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"
keepalive 5 30
comp-lzo
persist-key
persist-tun
status server-tcp.log
verb 3
Because I can't access internet after vpn connected, thanks for help.
/sbin/iptables -A POSTROUTING -t nat -o eth0 -s 172.16.0.0/12 -j MASQUERADE
172.16.0.0 reflects the internal ip (openvpn) that you want to forward
Still can't access internet
-- update --
already fixed with:
iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -o eth0 -j SNAT --to [vps ip]
thanks.
http://safesrv.net/install-openvpn-on-centos/
I've always used that and it has a set of OpenVZ/Xen/KVM iptables rules which work very well (just installed a VPN with it today).