Skip to content

Instantly share code, notes, and snippets.

@ianchen06
Created July 17, 2015 01:40
Show Gist options
  • Save ianchen06/1460c26686f92d31771e to your computer and use it in GitHub Desktop.
Save ianchen06/1460c26686f92d31771e to your computer and use it in GitHub Desktop.
Configure SSH via public IP when an OpenVPN connection is present
#Hi,
#(First, I assume you've tested the VPN and verified that it's actually working, i.e. you can make connections from your Linode and they're routed over the VPN.)
#This is a classic problem: when you connect to the Linode by its public IP address, the return packets get routed over the VPN. You need to force these packets to be routed over the public eth interface. These route commands should do the trick:
#Code:
ip rule add from x.x.x.x table 128
ip route add table 128 to y.y.y.y/y dev ethX
ip route add table 128 default via z.z.z.z
#Where x.x.x.x is your Linode's public IP, y.y.y.y/y should be the subnet of your Linode's public IP address, ethX should be your Linode's public Ethernet interface, and z.z.z.z should be the default gateway.
#For example:
#Code:
ip rule add from 172.16.9.132 table 128
ip route add table 128 to 172.16.9.0/24 dev eth0
ip route add table 128 default via 172.16.9.1
#Note that this will apply to all ports, not just ssh. If you only want to accept ssh traffic on your public IP address you'll need iptables rules like these:
#Code:
iptables -A INPUT -d x.x.x.x -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -d x.x.x.x -j DROP
#(again, x.x.x.x is your public IP address)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment