On 02.01.24 15:31, Peter Davis via Openvpn-users wrote:
My server has a NIC with a local IP address. Clients can connect to
it on the internal network. I want clients from outside to be able
to connect to it, but I can't set a public IP on the server's network
card. On the firewall (Fortinet) that is directly connected to the
Internet, a public IP address is forwarded to the IP address of the
OpenVPN server. For example, on the firewall, IP address 1.2.3.4 is
forwarded to IP address 192.168.1.1.
I want to know, if I replace the IP address 1.2.3.4 instead of
192.168.1.1 in the client configuration file, then the clients should
be able to connect to the server from outside the network?

Assuming that a bunch of other setups¹ is OK as well, yes, that should work. At worst with a bit of fiddling re: server cert verification.

¹ Server's host firewall, firewall config on the Forti, both up to and including the (TCP or UDP?) port the OpenVPN server's using, server has a defaultroute back to the Forti and can in fact reach it, no DPI trying to mess with the connection/crypto, your Internet uplink allows proper pMTU detection and is well-reachable from wherever the clients will be located, ...

Kind regards,
--
Jochen Bern
Systemingenieur

Binect GmbH

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
Openvpn-users mailing list
Openvpn-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-users

Reply via email to