Use OpenVPN for server but keep incoming connections

by Posted on

I need to fake IP of current webserver using OpenVPN that installed on another server. The problem is it will block all incoming connections to my webserver ( 80, 443, and 22 for example).

First, I need to force the incoming packets to be routed over its public interface:

sudo ip rule add from $(ip route get 1 | grep -Po '(?<=src )(\S+)') table 128
sudo ip route add table 128 to $(ip route get 1 | grep -Po '(?<=src )(\S+)')/32 dev $(ip -4 route ls | grep default | grep -Po '(?<=dev )(\S+)')
sudo ip route add table 128 default via $(ip -4 route ls | grep default | grep -Po '(?<=via )(\S+)')

After that, I need to install OpenVPN client:

sudo apt-get install openvpn

Finally, run OpenVPN as a daemon:

sudo openvpn --config /path/to/client.ovpn --daemon

Please note that you must upload the client.ovpn file that has been provided by the OpenVPN server.

You can check that OpenVPN connection has been established or not:

curl ifconfig.me

Refs:

  • https://ifconfig.me/
  • https://askubuntu.com/questions/868088/how-can-i-run-openvpn-as-root-in-the-background-in-a-script
  • https://serverfault.com/questions/659955/allowing-ssh-on-a-server-with-an-active-openvpn-client
0 0 votes
Article Rating

Published by Jared Chu

Full-time Freelancer | Web Developer (WordPress / Magento / Laravel)

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments