On Sun, Jul 30, 2023 at 6:01 PM, Jochen Bern<jochen.b...@binect.de> wrote: On 29.07.23 16:11, Jason Long via Openvpn-users wrote: > How can OpenVPN recognize that the configuration files Server-1.conf, > Server-2.conf and Server-3.conf should be for IP address "1.2.3.4"?
>By default, a server instance of OpenVPN >listens for incoming >connections on *all* interfaces (respecting the >protocol and port >chosen). In order to make it listen to a specific >IP only, add "local >1.2.3.4" to the config file. > Should I change the name of the NIC to the IP address? > I assume that you're referring to your iptables > setup here? For > iptables, interface( name)s (-i/-o) and IPs (-s/-> d) are *not* > interchangeable. If you cannot nail down >whether the interface forwarded > traffic from the VPN clients uses is considered > to match "-o eth0" or > "-o eth0:0" (and as I said, IIRC you *cannot* if >interfaces might > occasionally get restarted during daily >operation), you might want to > use "-o eth0+", which is a wildcard matching >both. Hello,Thank you so much.I found that I need to add the following iptables rule for virtual NICs to my iptables rules: iptables -t nat -A POSTROUTING -s $YOUR_OPENVPN_SUBNET -j SNAT --to OpenVPN_NIC_IP I have another question. For each public IP address, I must to rewrite all the iptables rules, because each public IP has its own "Tun name", "Port number" and "IP Range" in its configuration. Am I right? > Kind regards, > -- > Jochen Bern > Systemingenieur > Binect GmbH _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
