How to add rule exceptions for openVPN for a single IP?Route everything through VPN except SSH on Port 22Why...

Minimum distance between holes in inner tube

Do I have any obligations to my PhD supervisor's requests after I have graduated?

Should developer taking test phones home or put in office?

What reason would an alien civilization have for building a Dyson Sphere (or Swarm) if cheap Nuclear fusion is available?

What exactly is the 'online' in OLAP and OLTP?

Why does Linux list NVMe drives as /dev/nvme0 instead of /dev/sda?

What did River say when she woke from her proto-comatose state?

Does this Wild Magic result affect the sorcerer or just other creatures?

Why is it recommended to mix yogurt starter with a small amount of milk before adding to the entire batch?

Who are the remaining King/Queenslayers?

What was the Shuttle Carrier Aircraft escape tunnel?

How to remove this component from PCB

Helping ease my back pain when I'm studying 13 hours everyday, even weekends

What does it mean to "control target player"?

How much will studying magic in an academy cost?

How to draw this center trajectory of rolling ball?

How large would a mega structure have to be to host 1 billion people indefinitely?

How to model a twisted cylinder like this

Can there be an UN resolution to remove a country from the UNSC?

How dangerous are set-size assumptions?

Old sci-fi story: radiation mutated the animals, a boy loses a limb, but it's okay because "humans used to do great with only two arms"

Should I prioritize my 401k over my student loans?

Dates on degrees don’t make sense – will people care?

Is "Busen" just the area between the breasts?



How to add rule exceptions for openVPN for a single IP?


Route everything through VPN except SSH on Port 22Why is ntpd listening on most of 192.168.1.X/192.168.2.XInternet is not working when VPN is upHow does OpenVPN server assign client IP addresses in case of multiclient configuration?How to check server.conf error for OpenVPNHow to create/setup vpn using only SSH?IPTable mangle rule to mark traffic for route tableAdd hops on a single machine and forward some trafic to anotherChanging default ip rule priority for main tableNAT ETH1 PORT 5000 Traffic to PPP0SSID of hostapd is not visible






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







0















I'm having a similar problem to this : Route everything through VPN except SSH on Port 22



But following those tips ended up locking me out of my server for good. I have a private OpenVPN server, to which I'm trying to connect to through another VPS. I only have access to both of these through ssh, so connecting with no extra arguments obviously locked me out of the client server. After having to shutdown the OpenVPN server to force close the connection, I looked into information how to achieve this, leading me to the link above, which blocked the VPS for good because those ip tables cannot be reverted.



I have a single IP on my VPS, here is the result of route -n :



Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0 172.31.1.1 0.0.0.0 UG 0 0 0 eth0
172.31.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0


And here is the result of ifconfig :



eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
inet MY.ONLY.VPS.IP netmask 255.255.255.255 broadcast MY.ONLY.VPS.IP
inet6 xxxx::xxxx:ff:xxxx:xxxx prefixlen 64 scopeid 0x20<link>
inet6 xxxx:xxx:xxxx:xxxx::1 prefixlen 64 scopeid 0x0<global>
ether xx:00:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
RX packets 10994 bytes 14763680 (14.7 MB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2150 bytes 181928 (181.9 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 191 bytes 40527 (40.5 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 191 bytes 40527 (40.5 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0


And here is my .ovpn config :



client

;dev tap
dev tun

;dev-node MyTap

;proto tcp
proto udp

remote MYSERVER 1194
;remote my-server-2 1194

resolv-retry infinite

nobind

# Downgrade privileges after initialization (non-Windows only)
user nobody
group nogroup

# Try to preserve some state across restarts.
persist-key
persist-tun

remote-cert-tls server
key-direction 1

cipher AES-256-CBC

script-security 2
up /etc/openvpn/update-resolv-conf
down /etc/openvpn/update-resolv-conf


What I'm trying to achieve, is to forward every request to the vpn, except ones in specific rules. Like requests coming from a specific server/hostname, or through a specific port like ssh. Thanks.










share|improve this question







New contributor



Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.


























    0















    I'm having a similar problem to this : Route everything through VPN except SSH on Port 22



    But following those tips ended up locking me out of my server for good. I have a private OpenVPN server, to which I'm trying to connect to through another VPS. I only have access to both of these through ssh, so connecting with no extra arguments obviously locked me out of the client server. After having to shutdown the OpenVPN server to force close the connection, I looked into information how to achieve this, leading me to the link above, which blocked the VPS for good because those ip tables cannot be reverted.



    I have a single IP on my VPS, here is the result of route -n :



    Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
    0.0.0.0 172.31.1.1 0.0.0.0 UG 0 0 0 eth0
    172.31.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0


    And here is the result of ifconfig :



    eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
    inet MY.ONLY.VPS.IP netmask 255.255.255.255 broadcast MY.ONLY.VPS.IP
    inet6 xxxx::xxxx:ff:xxxx:xxxx prefixlen 64 scopeid 0x20<link>
    inet6 xxxx:xxx:xxxx:xxxx::1 prefixlen 64 scopeid 0x0<global>
    ether xx:00:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
    RX packets 10994 bytes 14763680 (14.7 MB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 2150 bytes 181928 (181.9 KB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
    inet 127.0.0.1 netmask 255.0.0.0
    inet6 ::1 prefixlen 128 scopeid 0x10<host>
    loop txqueuelen 1000 (Local Loopback)
    RX packets 191 bytes 40527 (40.5 KB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 191 bytes 40527 (40.5 KB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0


    And here is my .ovpn config :



    client

    ;dev tap
    dev tun

    ;dev-node MyTap

    ;proto tcp
    proto udp

    remote MYSERVER 1194
    ;remote my-server-2 1194

    resolv-retry infinite

    nobind

    # Downgrade privileges after initialization (non-Windows only)
    user nobody
    group nogroup

    # Try to preserve some state across restarts.
    persist-key
    persist-tun

    remote-cert-tls server
    key-direction 1

    cipher AES-256-CBC

    script-security 2
    up /etc/openvpn/update-resolv-conf
    down /etc/openvpn/update-resolv-conf


    What I'm trying to achieve, is to forward every request to the vpn, except ones in specific rules. Like requests coming from a specific server/hostname, or through a specific port like ssh. Thanks.










    share|improve this question







    New contributor



    Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.






















      0












      0








      0








      I'm having a similar problem to this : Route everything through VPN except SSH on Port 22



      But following those tips ended up locking me out of my server for good. I have a private OpenVPN server, to which I'm trying to connect to through another VPS. I only have access to both of these through ssh, so connecting with no extra arguments obviously locked me out of the client server. After having to shutdown the OpenVPN server to force close the connection, I looked into information how to achieve this, leading me to the link above, which blocked the VPS for good because those ip tables cannot be reverted.



      I have a single IP on my VPS, here is the result of route -n :



      Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
      0.0.0.0 172.31.1.1 0.0.0.0 UG 0 0 0 eth0
      172.31.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0


      And here is the result of ifconfig :



      eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
      inet MY.ONLY.VPS.IP netmask 255.255.255.255 broadcast MY.ONLY.VPS.IP
      inet6 xxxx::xxxx:ff:xxxx:xxxx prefixlen 64 scopeid 0x20<link>
      inet6 xxxx:xxx:xxxx:xxxx::1 prefixlen 64 scopeid 0x0<global>
      ether xx:00:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
      RX packets 10994 bytes 14763680 (14.7 MB)
      RX errors 0 dropped 0 overruns 0 frame 0
      TX packets 2150 bytes 181928 (181.9 KB)
      TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

      lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
      inet 127.0.0.1 netmask 255.0.0.0
      inet6 ::1 prefixlen 128 scopeid 0x10<host>
      loop txqueuelen 1000 (Local Loopback)
      RX packets 191 bytes 40527 (40.5 KB)
      RX errors 0 dropped 0 overruns 0 frame 0
      TX packets 191 bytes 40527 (40.5 KB)
      TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0


      And here is my .ovpn config :



      client

      ;dev tap
      dev tun

      ;dev-node MyTap

      ;proto tcp
      proto udp

      remote MYSERVER 1194
      ;remote my-server-2 1194

      resolv-retry infinite

      nobind

      # Downgrade privileges after initialization (non-Windows only)
      user nobody
      group nogroup

      # Try to preserve some state across restarts.
      persist-key
      persist-tun

      remote-cert-tls server
      key-direction 1

      cipher AES-256-CBC

      script-security 2
      up /etc/openvpn/update-resolv-conf
      down /etc/openvpn/update-resolv-conf


      What I'm trying to achieve, is to forward every request to the vpn, except ones in specific rules. Like requests coming from a specific server/hostname, or through a specific port like ssh. Thanks.










      share|improve this question







      New contributor



      Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.











      I'm having a similar problem to this : Route everything through VPN except SSH on Port 22



      But following those tips ended up locking me out of my server for good. I have a private OpenVPN server, to which I'm trying to connect to through another VPS. I only have access to both of these through ssh, so connecting with no extra arguments obviously locked me out of the client server. After having to shutdown the OpenVPN server to force close the connection, I looked into information how to achieve this, leading me to the link above, which blocked the VPS for good because those ip tables cannot be reverted.



      I have a single IP on my VPS, here is the result of route -n :



      Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
      0.0.0.0 172.31.1.1 0.0.0.0 UG 0 0 0 eth0
      172.31.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 eth0


      And here is the result of ifconfig :



      eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
      inet MY.ONLY.VPS.IP netmask 255.255.255.255 broadcast MY.ONLY.VPS.IP
      inet6 xxxx::xxxx:ff:xxxx:xxxx prefixlen 64 scopeid 0x20<link>
      inet6 xxxx:xxx:xxxx:xxxx::1 prefixlen 64 scopeid 0x0<global>
      ether xx:00:xx:xx:xx:xx txqueuelen 1000 (Ethernet)
      RX packets 10994 bytes 14763680 (14.7 MB)
      RX errors 0 dropped 0 overruns 0 frame 0
      TX packets 2150 bytes 181928 (181.9 KB)
      TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

      lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
      inet 127.0.0.1 netmask 255.0.0.0
      inet6 ::1 prefixlen 128 scopeid 0x10<host>
      loop txqueuelen 1000 (Local Loopback)
      RX packets 191 bytes 40527 (40.5 KB)
      RX errors 0 dropped 0 overruns 0 frame 0
      TX packets 191 bytes 40527 (40.5 KB)
      TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0


      And here is my .ovpn config :



      client

      ;dev tap
      dev tun

      ;dev-node MyTap

      ;proto tcp
      proto udp

      remote MYSERVER 1194
      ;remote my-server-2 1194

      resolv-retry infinite

      nobind

      # Downgrade privileges after initialization (non-Windows only)
      user nobody
      group nogroup

      # Try to preserve some state across restarts.
      persist-key
      persist-tun

      remote-cert-tls server
      key-direction 1

      cipher AES-256-CBC

      script-security 2
      up /etc/openvpn/update-resolv-conf
      down /etc/openvpn/update-resolv-conf


      What I'm trying to achieve, is to forward every request to the vpn, except ones in specific rules. Like requests coming from a specific server/hostname, or through a specific port like ssh. Thanks.







      ubuntu ssh ip openvpn route






      share|improve this question







      New contributor



      Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.










      share|improve this question







      New contributor



      Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.








      share|improve this question




      share|improve this question






      New contributor



      Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.








      asked 56 mins ago









      ZeeZee

      1011




      1011




      New contributor



      Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.




      New contributor




      Zee is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.
























          0






          active

          oldest

          votes














          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "106"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: false,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: null,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });






          Zee is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f525957%2fhow-to-add-rule-exceptions-for-openvpn-for-a-single-ip%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes








          Zee is a new contributor. Be nice, and check out our Code of Conduct.










          draft saved

          draft discarded


















          Zee is a new contributor. Be nice, and check out our Code of Conduct.













          Zee is a new contributor. Be nice, and check out our Code of Conduct.












          Zee is a new contributor. Be nice, and check out our Code of Conduct.
















          Thanks for contributing an answer to Unix & Linux Stack Exchange!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f525957%2fhow-to-add-rule-exceptions-for-openvpn-for-a-single-ip%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          Popular posts from this blog

          Taj Mahal Inhaltsverzeichnis Aufbau | Geschichte | 350-Jahr-Feier | Heutige Bedeutung | Siehe auch |...

          Baia Sprie Cuprins Etimologie | Istorie | Demografie | Politică și administrație | Arii naturale...

          Nicolae Petrescu-Găină Cuprins Biografie | Opera | In memoriam | Varia | Controverse, incertitudini...