Skip to main content

Making a server behind a VPN client remain reachable [Resolved]

I have a server used as a Web and SSH server under Linux. There runs a VPN client, with OpenVPN. If I have properly understood, the VPN changes the routing tables, leading to forwarding all the traffic through the VPN.

Then, when I try to request my Web site hosted on the server, it has become unavailable. I have a very primary knowledge in networking, but what I can assume (feel you free to correct me if I am wrong) is that the request is correctly received by the server through the usual interface, let's name it eth0, but given that the route has changed and passes now through the VPN, the response should be sent on the VPN's interface, which is obviously impossible for security sake.

I looked up the following threads:

Reply on the same interface as incoming with DNATed IP

but unfortunately, they have been unhelpful.

Let's call the VPN's interface tun0. What I would like to do, is to reply to requests on eth0 on the same interface, namely eth0 itself, instead of tun0 as the VPN runs. Another precision, my server is behind a gateway which is different from it (two different IP addresses).

1) Is it possible to do so?

2) What are the different ways to do that?

Thank you in advance for your feedback.

Question Credit: Moth
Question Reference
Asked June 10, 2019
Posted Under: Network
1 Answers

Your Answer