I have setup everything like in this thread: Public IP via VPN - #12 by faser This means that I have a home server available via public IP through VPN, as the public IP is associated to VPS. Everything works fine, except one thing: I am unable to access server with public IP from another machine in LAN. As a workaround, I added entries to /etc/hosts on the router and dnsmasq resolves the domain name with private IP instead if my laptop is connected to home network. Unfortunately, the problem begins, when I connect from my laptop to another VPN (i.e. to my corporate network). This VPN overrides my DNS servers and thus domain name of my server resolves to public IP once again and I am unable to connect.
Could you tell me, what am I supposed to do with routing tables, to make the traffic go from local network to the router and then a) directly to server as if I connect with private IP, or b) via VPN to VPS like any connections from the internet and then back to router and server?
The vpn should manage this. To redirect all traffic via vpn on openvpn on the client you should use the redirect-gateway local def1 directive in your config. Same as here: https://serverfault.com/questions/480069/how-to-force-all-traffic-through-vpn
To route the trafic the old way, you can remove the directive and the traffic will not go over VPN tunnel, e.g. will use the default route.
I do not want to route all traffic via VPN.
I have got a VPN set between VPS and my router. VPS has two public IP addresses and traffic that comes to one of them is forwarder to my router via VPN and then goes to the server. Also all outgoing traffic from the server goes via router and VPN to the VPS and is being send to the internet with VPS's public IP.
VPS (public IP address) -------- router ======= server
---- VPN between VPS and router
=== LAN
Now behind the router I got also my laptop. When I try to access the server with it's private IP address then everything works fine, but when I try to do that by using VPS's public IP, I cannot access the server. I would like to fix that.
config redirect
option name 'DNAT from LAN to Server'
option src 'lan'
option src_ip '$LAN_NET/$PREFIX_LENGTH'
option src_dip '$VPS_PUBLIC_IP'
option dest_ip '$SERVER_IP'
option target 'DNAT'
option reflection '0'
list proto 'all'
option dest 'lan'
config nat
option name 'SNAT from LAN'
option target 'SNAT'
option src 'lan'
option src_ip '$LAN_NET/$PREFIX_LENGTH'
option snat_ip '$ROUTER_LAN_IP'
list proto 'all'
This should redirect all the traffic from lan destined for the VPS public IP to the local server. Better specify the protocols and ports of the services you use.