openvpn - One IP per one client VPN -


i'm trying give specific clients individual external ip addresses.

main config:

local main_ip port 1194 dev tun user nobody group $nogroup persist-key persist-tun keepalive 10 120 topology subnet server 10.8.0.0 255.255.0.0 client-config-dir /etc/openvpn/ccd ifconfig-pool-persist ipp.txt push "dhcp-option dns 80.67.169.12" push "dhcp-option dns 80.67.169.40" push "redirect-gateway def1 bypass-dhcp" 

client config dir, i_client | /etc/openvpn/ccd/i_client:

ifconfig-push 10.8.33.1 10.8.33.2 iroute 10.8.33.0 255.255.255.0 

from client client change subnet - 10.8.*.0

rules iptables:

accept - iptables -i forward -s 10.8.0.0/16 -j accept

for clients, config not defined in ccd directory - iptables -t nat -a postrouting -o ens3 -s 10.8.0.0/24 -j snat --to-source primary_external_ip

for 1 individual client - iptables -t nat -a postrouting -s "10.8.33.0/255.255.255.0" -o ens3 -j snat --to-source individual_external_ip

client:

client proto udp remote remote_ip 1194 dev tun resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server auth sha256 cipher aes-128-cbc tls-client tls-version-min 1.2 tls-cipher tls-dhe-rsa-with-aes-128-gcm-sha256 setenv opt block-outside-dns 

when try connect usual client primary ip - ok.

when try connect client individual ip - success auth, can not load sites.


Comments

Popular posts from this blog

resizing Telegram inline keyboard -

command line - How can a Python program background itself? -

php - "cURL error 28: Resolving timed out" on Wordpress on Azure App Service on Linux -