Ivan
2017-07-24 15:13:09 UTC
Hello all,
I have an Debian server with shorewall (version 4.6.4.3), on the same server
is installed an OpenVPN Server, on remote site I have a LEDE/OpenWRT router
with an OpenVPN Client connected to previous server.
This is my network:
Office with Debian Server
1. Eth0: internal network with address 192.168.1.1 (subnet
192.168.1.0/24)
2. Eth1: external network with address 192.168.0.2 connected to
provider router;
3. Tun0: OpenVPN Network with subnet 192.168.250.0/24
Home with LEDE/OpenWRT Router
1. The router is connected to internet through an LTE USB key;
2. On the router is running OpenVN Client connected to server with IP
Address: 192.168.250.122
3. The internal network have the subnet 192.168.0.0/24
I need to expose a my home internal Web Server host (running on address
192.168.0.4) through my Office internet network.
I configured Shorewall, OpenWRT and OpenVPN to do it and I'm able to reach
the server from I internal office network connecting to OpenVPN client IP
(192.168.250.122), but I'm not able to reach the web server from internet
following this route:
Internet -> external office IP Address -> 192.168.0.2 -> 192.168.1.1 ->
192.168.250.122 -> 192.168.0.4
I believe that the issue is related to a wrong MASQ/SNAT configuration,
because into OpenWRT router logs I saw the request but the Source IP Address
is the original one instead of the office IP Address, is it true?
I which way should I configure masquerade to solve this issue?
Thanks
Ivan
I have an Debian server with shorewall (version 4.6.4.3), on the same server
is installed an OpenVPN Server, on remote site I have a LEDE/OpenWRT router
with an OpenVPN Client connected to previous server.
This is my network:
Office with Debian Server
1. Eth0: internal network with address 192.168.1.1 (subnet
192.168.1.0/24)
2. Eth1: external network with address 192.168.0.2 connected to
provider router;
3. Tun0: OpenVPN Network with subnet 192.168.250.0/24
Home with LEDE/OpenWRT Router
1. The router is connected to internet through an LTE USB key;
2. On the router is running OpenVN Client connected to server with IP
Address: 192.168.250.122
3. The internal network have the subnet 192.168.0.0/24
I need to expose a my home internal Web Server host (running on address
192.168.0.4) through my Office internet network.
I configured Shorewall, OpenWRT and OpenVPN to do it and I'm able to reach
the server from I internal office network connecting to OpenVPN client IP
(192.168.250.122), but I'm not able to reach the web server from internet
following this route:
Internet -> external office IP Address -> 192.168.0.2 -> 192.168.1.1 ->
192.168.250.122 -> 192.168.0.4
I believe that the issue is related to a wrong MASQ/SNAT configuration,
because into OpenWRT router logs I saw the request but the Source IP Address
is the original one instead of the office IP Address, is it true?
I which way should I configure masquerade to solve this issue?
Thanks
Ivan