LinuxQuestions.org
Review your favorite Linux distribution.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Routing a Public IP Address Through a VPN
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 08-21-2009, 04:33 AM   #1
chegers
LQ Newbie
 
Registered: Aug 2009
Posts: 1

Rep: Reputation: 0
Routing a Public IP Address Through a VPN

Morning All,

I have this linux networking problem. Basically what I am trying to do is route a public ip from my webserver which is in colo back into my home network. The setup I have is as follows, On the main DSL line coming into my home there is a BThomehub which dishes out the subnet 192.168.0.0 then behind that I have got a CentOS box which takes the feed from the router into ethernet port 2 (eth1) and then the linux box is setup as a DHCP server and also to masquerade for my subnet in my bedroom which is 192.168.5.0

I am running an openvpn tunnel from my colo server to my home server and have enabled proxyarp on the colo servers main interface. I have then setup a route as follows on the colo server route add -host 87.117.***.30 gw 10.50.0.2 (the ptp ip address for the openvpn connection)

Then I bring up the interface on my home server with the ip address 87.117.***.30 ifconfig tun0:0 87.117.***.30 netmask 255.255.255.255 broadcast 87.117.***.255

Running tcpdump e.g tcpdump -i tun0 icmp shows that there is ICMP traffic arriving on the home linux box but this traffic does not know how to get back to the colo server. How would one go about doing this? Alternatively I would be happy to use a static nat (one to one nat) but I am unsure of the rules I would require on the home gateway to get that data back out through the tunnel rather than my default gateway.

Any help would be much appreciated. My setup is a bit awkward beacuse of the Dual Nat's I have.

Kind Regards
 
Old 08-22-2009, 01:21 AM   #2
settntrenz
Member
 
Registered: Aug 2009
Location: Orlando, Florida
Distribution: RHEL, Ubuntu
Posts: 49

Rep: Reputation: 19
can you post the following:

ifconfig from both vpn endpoints
route -n from both vpn endpoints
sample of relevant tcpdump output from both vpn endpoints so we can see what the source addresses and destination addresses are identified as?
also check /var/log/message for any errors from OpenVPN, it usually will complain if source addresses are bad

of course, please continue to obfuscate at least a portion of any public IP addresses.

I've made a quick diagram of what I gathered your network looks like. The blue line is logical representation of the VPN. (see attachment) This should help others who might want to help get the picture more quickly. Please let me know if there are any relevant errors in the diagram as I had to guess or make up some items to make it somewhat complete (like host IP's etc..).

I'm thinking that static nat at the colo is probably the easiest/best way to get this done.
Attached Thumbnails
Click image for larger version Name: chegers.jpg Views: 45 Size: 51.2 KB ID: 1294  
Last edited by settntrenz; 08-22-2009 at 01:30 AM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Routing with public IPs crontab Linux - Networking 3 02-10-2009 06:11 AM
sharing VPN access with lan + after vpn connected unable to ping lan/public ip xxx_anuj_xxx Linux - Networking 1 03-14-2008 02:50 AM
how to get public ip address openbysource Linux - Networking 1 02-22-2006 11:21 PM
Public IP to Private for VPN type work Saints Linux - Networking 1 04-14-2004 09:25 AM
Public IP routing ^Uri^ Slackware 3 04-29-2003 03:02 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:26 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration