How to add rule exceptions for openVPN for a single IP?Route everything through VPN except SSH on Port 22Why...
Minimum distance between holes in inner tube
Do I have any obligations to my PhD supervisor's requests after I have graduated?
Should developer taking test phones home or put in office?
What reason would an alien civilization have for building a Dyson Sphere (or Swarm) if cheap Nuclear fusion is available?
What exactly is the 'online' in OLAP and OLTP?
Why does Linux list NVMe drives as /dev/nvme0 instead of /dev/sda?
What did River say when she woke from her proto-comatose state?
Does this Wild Magic result affect the sorcerer or just other creatures?
Why is it recommended to mix yogurt starter with a small amount of milk before adding to the entire batch?
Who are the remaining King/Queenslayers?
What was the Shuttle Carrier Aircraft escape tunnel?
How to remove this component from PCB
Helping ease my back pain when I'm studying 13 hours everyday, even weekends
What does it mean to "control target player"?
How much will studying magic in an academy cost?
How to draw this center trajectory of rolling ball?
How large would a mega structure have to be to host 1 billion people indefinitely?
How to model a twisted cylinder like this
Can there be an UN resolution to remove a country from the UNSC?
How dangerous are set-size assumptions?
Old sci-fi story: radiation mutated the animals, a boy loses a limb, but it's okay because "humans used to do great with only two arms"
Should I prioritize my 401k over my student loans?
Dates on degrees don’t make sense – will people care?
Is "Busen" just the area between the breasts?
How to add rule exceptions for openVPN for a single IP?
Route everything through VPN except SSH on Port 22Why is ntpd listening on most of 192.168.1.X/192.168.2.XInternet is not working when VPN is upHow does OpenVPN server assign client IP addresses in case of multiclient configuration?How to check server.conf error for OpenVPNHow to create/setup vpn using only SSH?IPTable mangle rule to mark traffic for route tableAdd hops on a single machine and forward some trafic to anotherChanging default ip rule priority for main tableNAT ETH1 PORT 5000 Traffic to PPP0SSID of hostapd is not visible
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
I'm having a similar problem to this : Route everything through VPN except SSH on Port 22
But following those tips ended up locking me out of my server for good. I have a private OpenVPN server, to which I'm trying to connect to through another VPS. I only have access to both of these through ssh, so connecting with no extra arguments obviously locked me out of the client server. After having to shutdown the OpenVPN server to force close the connection, I looked into information how to achieve this, leading me to the link above, which blocked the VPS for good because those ip tables cannot be reverted.
I have a single IP on my VPS, here is the result of route -n :
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.31.1.1 0.0.0.0 UG 0 0 0 eth0
172.31.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
And here is the result of ifconfig :
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet MY.ONLY.VPS.IP netmask 255.255.255.255 broadcast MY.ONLY.VPS.IP
inet6 xxxx::xxxx:ff:xxxx:xxxx prefixlen 64 scopeid 0x20<link>
inet6 xxxx:xxx:xxxx:xxxx::1 prefixlen 64 scopeid 0x0<global>
ether xx:00:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
RX packets 10994 bytes 14763680 (14.7 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2150 bytes 181928 (181.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 191 bytes 40527 (40.5 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 191 bytes 40527 (40.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
And here is my .ovpn config :
client
;dev tap
dev tun
;dev-node MyTap
;proto tcp
proto udp
remote MYSERVER 1194
;remote my-server-2 1194
resolv-retry infinite
nobind
# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
remote-cert-tls server
key-direction 1
cipher AES-256-CBC
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
What I'm trying to achieve, is to forward every request to the vpn, except ones in specific rules. Like requests coming from a specific server/hostname, or through a specific port like ssh. Thanks.
ubuntu ssh ip openvpn route
asked 56 mins ago
ZeeZee
1011
New contributor
Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I'm having a similar problem to this : Route everything through VPN except SSH on Port 22
But following those tips ended up locking me out of my server for good. I have a private OpenVPN server, to which I'm trying to connect to through another VPS. I only have access to both of these through ssh, so connecting with no extra arguments obviously locked me out of the client server. After having to shutdown the OpenVPN server to force close the connection, I looked into information how to achieve this, leading me to the link above, which blocked the VPS for good because those ip tables cannot be reverted.
I have a single IP on my VPS, here is the result of route -n :
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.31.1.1 0.0.0.0 UG 0 0 0 eth0
172.31.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
And here is the result of ifconfig :
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet MY.ONLY.VPS.IP netmask 255.255.255.255 broadcast MY.ONLY.VPS.IP
inet6 xxxx::xxxx:ff:xxxx:xxxx prefixlen 64 scopeid 0x20<link>
inet6 xxxx:xxx:xxxx:xxxx::1 prefixlen 64 scopeid 0x0<global>
ether xx:00:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
RX packets 10994 bytes 14763680 (14.7 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2150 bytes 181928 (181.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 191 bytes 40527 (40.5 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 191 bytes 40527 (40.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
And here is my .ovpn config :
client
;dev tap
dev tun
;dev-node MyTap
;proto tcp
proto udp
remote MYSERVER 1194
;remote my-server-2 1194
resolv-retry infinite
nobind
# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
remote-cert-tls server
key-direction 1
cipher AES-256-CBC
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
What I'm trying to achieve, is to forward every request to the vpn, except ones in specific rules. Like requests coming from a specific server/hostname, or through a specific port like ssh. Thanks.
ubuntu ssh ip openvpn route
asked 56 mins ago
ZeeZee
1011
New contributor
Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I'm having a similar problem to this : Route everything through VPN except SSH on Port 22
But following those tips ended up locking me out of my server for good. I have a private OpenVPN server, to which I'm trying to connect to through another VPS. I only have access to both of these through ssh, so connecting with no extra arguments obviously locked me out of the client server. After having to shutdown the OpenVPN server to force close the connection, I looked into information how to achieve this, leading me to the link above, which blocked the VPS for good because those ip tables cannot be reverted.
I have a single IP on my VPS, here is the result of route -n :
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.31.1.1 0.0.0.0 UG 0 0 0 eth0
172.31.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
And here is the result of ifconfig :
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet MY.ONLY.VPS.IP netmask 255.255.255.255 broadcast MY.ONLY.VPS.IP
inet6 xxxx::xxxx:ff:xxxx:xxxx prefixlen 64 scopeid 0x20<link>
inet6 xxxx:xxx:xxxx:xxxx::1 prefixlen 64 scopeid 0x0<global>
ether xx:00:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
RX packets 10994 bytes 14763680 (14.7 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2150 bytes 181928 (181.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 191 bytes 40527 (40.5 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 191 bytes 40527 (40.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
And here is my .ovpn config :
client
;dev tap
dev tun
;dev-node MyTap
;proto tcp
proto udp
remote MYSERVER 1194
;remote my-server-2 1194
resolv-retry infinite
nobind
# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
remote-cert-tls server
key-direction 1
cipher AES-256-CBC
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
What I'm trying to achieve, is to forward every request to the vpn, except ones in specific rules. Like requests coming from a specific server/hostname, or through a specific port like ssh. Thanks.
ubuntu ssh ip openvpn route
asked 56 mins ago
ZeeZee
1011
New contributor
Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I'm having a similar problem to this : Route everything through VPN except SSH on Port 22
But following those tips ended up locking me out of my server for good. I have a private OpenVPN server, to which I'm trying to connect to through another VPS. I only have access to both of these through ssh, so connecting with no extra arguments obviously locked me out of the client server. After having to shutdown the OpenVPN server to force close the connection, I looked into information how to achieve this, leading me to the link above, which blocked the VPS for good because those ip tables cannot be reverted.
I have a single IP on my VPS, here is the result of route -n :
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.31.1.1 0.0.0.0 UG 0 0 0 eth0
172.31.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
And here is the result of ifconfig :
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet MY.ONLY.VPS.IP netmask 255.255.255.255 broadcast MY.ONLY.VPS.IP
inet6 xxxx::xxxx:ff:xxxx:xxxx prefixlen 64 scopeid 0x20<link>
inet6 xxxx:xxx:xxxx:xxxx::1 prefixlen 64 scopeid 0x0<global>
ether xx:00:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
RX packets 10994 bytes 14763680 (14.7 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2150 bytes 181928 (181.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 191 bytes 40527 (40.5 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 191 bytes 40527 (40.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
And here is my .ovpn config :
client
;dev tap
dev tun
;dev-node MyTap
;proto tcp
proto udp
remote MYSERVER 1194
;remote my-server-2 1194
resolv-retry infinite
nobind
# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup
# Try to preserve some state across restarts.
persist-key
persist-tun
remote-cert-tls server
key-direction 1
cipher AES-256-CBC
script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf
What I'm trying to achieve, is to forward every request to the vpn, except ones in specific rules. Like requests coming from a specific server/hostname, or through a specific port like ssh. Thanks.
ubuntu ssh ip openvpn route
ubuntu ssh ip openvpn route
asked 56 mins ago
ZeeZee
1011
New contributor
Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 56 mins ago
ZeeZee
1011
New contributor
Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 56 mins ago
ZeeZee
1011
New contributor
Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 56 mins ago
ZeeZee
1011
asked 56 mins ago
ZeeZee
1011
1011
New contributor
Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Zee is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f525957%2fhow-to-add-rule-exceptions-for-openvpn-for-a-single-ip%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Zee is a new contributor. Be nice, and check out our Code of Conduct.
Zee is a new contributor. Be nice, and check out our Code of Conduct.
Zee is a new contributor. Be nice, and check out our Code of Conduct.
Zee is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f525957%2fhow-to-add-rule-exceptions-for-openvpn-for-a-single-ip%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
