hi
I have 2 servers[server1 and server2], my VPN clients are Connected to server1 and I sat up a cascade connection from server2 to server1 [like a reverse tunnel], now the traffic from my VPN clients on server1 is routed through server2's public IP address, everything is fine for me. the only problem I have is that I have a list of IP addresses that when my VPN clients need to access them [as their destination IP address] I need this specific traffic to be routed NOT THROUGH cascade connection, but through server1 public IP address only. how can I do it?
routing rules for vpn clients
-
- Posts: 2
- Joined: Tue Jul 23, 2024 5:54 pm
routing rules for vpn clients
You do not have the required permissions to view the files attached to this post.
-
- Posts: 1454
- Joined: Sun Feb 14, 2021 10:31 am
Re: routing rules for vpn clients
First restructure it:
Then with iptables reroute the traffic wherever you like it https://www.vpnusers.com/viewtopic.php? ... 072#p98381
Code: Select all
VPN clients > SoftEther server 1 > SoftEther VPN client > SoftEther VPN server 2
[------------------VPS1-----------------] [--------VPS2--------]
-
- Posts: 2
- Joined: Tue Jul 23, 2024 5:54 pm
Re: routing rules for vpn clients
Thank you for your answer, I have two questions:solo wrote: ↑Tue Jul 23, 2024 8:12 pmFirst restructure it:Then with iptables reroute the traffic wherever you like it https://www.vpnusers.com/viewtopic.php? ... 072#p98381Code: Select all
VPN clients > SoftEther server 1 > SoftEther VPN client > SoftEther VPN server 2 [------------------VPS1-----------------] [--------VPS2--------]
1. what do you mean by restructure?
2. I have secureNat and virtualDHCP enabled, do i have to disable them for this iptables rules you are saying to implement?
-
- Posts: 1454
- Joined: Sun Feb 14, 2021 10:31 am
Re: routing rules for vpn clients
1. replace the cascade with SE client
2. assuming you did it like this, then no
Look, maybe consider a very simple plan B, which is as follows:
- keep your current setup as is
- on server #1 add a 2nd hub and enable SecureNAT (with all defaults) on it
- give your clients two login options for different IP destinations
2. assuming you did it like this, then no
Look, maybe consider a very simple plan B, which is as follows:
- keep your current setup as is
- on server #1 add a 2nd hub and enable SecureNAT (with all defaults) on it
- give your clients two login options for different IP destinations