How can I access server localhost ports via OpenVPN connection?

2

1

I have OpenVPN up and running on a server and serving as a gateway to the internet for private browsing.

I also have several apps running on the same server that I would like to access only via OpenVPN.

For example, if I have etherpad active on port 127.0.0.1:8000 on my server, how do I access that website through my OpenVPN connection on my client? Please let me know what setting changes from the standard configurations are required.

Thank you. I have read many OpenVPN posts and have not been able to understand how to do this...and it seems like it should be simple.

bmiller59

Posted 2017-05-08T04:30:53.563

Reputation: 23

All posts about "how do I access my localhost over LAN" apply here. – user1686 – 2017-05-08T05:43:49.167

Answers

0

In the general case you would want to allow the port on all interfaces, then use a firewall to drop all connections on that port except through the VPN IP range (and localhost)

If you can get it to work, the rule would be something like

iptables -t nat -D PREROUTING -i tun+ -p tcp --dport 8000 -j DNAT --to-destination 127.0.0.1

(The tun+ bit means any tun devices)

In order for this to work, you will probably also need to have 2 other things set -

sysctl -w net.ipv4.conf.all.route_localnet=1
echo 1 > /proc/sys/net/ipv4/ip_forward

davidgo

Posted 2017-05-08T04:30:53.563

Reputation: 49 152

1I’m quite sure this wouldn’t work. Packages on lo cannot come from anywhere but 127/8 (or ::1/128). A proxy will definitely work though. – Daniel B – 2017-05-08T05:46:33.347

@DanielB Well, we were both partially correct - the rule I put in will work, however it does, of-course, require ip_forwarding be enabled (which I forgot to mention), and also requires the sysctl call to treat 127.0.0.1 as it would any other address. (I've tested it now that I'm home - and I learnt something today as well !) – davidgo – 2017-05-08T08:43:57.533

Asked: 2017-05-08T04:30:53.563

Viewed: 1 999 times

Active: 2017-05-08T08:39:39.840