I need to fake IP of current webserver using OpenVPN that installed on another server. The problem is it will block all incoming connections to my webserver ( 80, 443, and 22 for example).
First, I need to force the incoming packets to be routed over its public interface:
sudo ip rule add from $(ip route get 1 | grep -Po '(?<=src )(\S+)') table 128 sudo ip route add table 128 to $(ip route get 1 | grep -Po '(?<=src )(\S+)')/32 dev $(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)') sudo ip route add table 128 default via $(ip -4 route ls | grep default | grep -Po '(?<=via )(\S+)')
After that, I need to install OpenVPN client:
sudo apt-get install openvpn
Finally, run OpenVPN as a daemon:
sudo openvpn --config /path/to/client.ovpn --daemon
Please note that you must upload the client.ovpn file that has been provided by the OpenVPN server.
You can check that OpenVPN connection has been established or not:
curl ifconfig.me
Refs:
- https://ifconfig.me/
- https://askubuntu.com/questions/868088/how-can-i-run-openvpn-as-root-in-the-background-in-a-script
- https://serverfault.com/questions/659955/allowing-ssh-on-a-server-with-an-active-openvpn-client
