Openvpn nat and iptables
good day good people
first to tell that firewall and vpn is working as expected, but I notice something strange.
I have host system 22.214.171.124(local ip) firewall is blocking everything except port to vpn.
I have vpn on virtualized system 126.96.36.199 (CentOS both host and virtual). They are behind MikroTik router and then to my ISP router. This is a home setup I'm just experimenting.
PREROUTING 188.8.131.52:1194 to 184.108.40.206:1194 all other is blocked by iptables.
POSTROUTING 220.127.116.11 to 18.104.22.168
I noticed with Wireshark from host 22.214.171.124 that while I'm connected to vpn from another pc that 126.96.36.199 is connecting to ip addresses of websites I visit while in same time is connected to vpn. like:
188.8.131.52 XX.XX.XX public ip
184.108.40.206 tcp udp sites i visit
but 220.127.116.11 is unnecessarily making connections to website ip addresses. She cannot make the reqests because DNS and ports for that are blocked. So this is because postrouting command my best guess. Can this somehow be disabled? First this is a security issue, second its unnecessary.
Someone told me that this is because NAT setup. but I believe that this can be disabled somehow, I didn't find solution yet so maybe someone know how.
Last edited by Scrutinizer; 11-05-2016 at 03:48 AM.. Reason: Spelling
|Thread Tools||Search this Thread|
|More UNIX and Linux Forum Topics You Might Find Helpful|
|Thread||Thread Starter||Forum||Replies||Last Post|
|OpenVPN and NAT||nickb1976||Solaris||0||08-05-2015 04:27 PM|
|iptables for openvpn||sdnix||UNIX for Dummies Questions & Answers||0||08-15-2014 12:38 PM|
|iptables in a NAT scenario||capri_guy84||Security||1||05-17-2013 04:12 PM|
|NAT Loopback and iptables||6765656755||Red Hat||0||04-07-2013 11:18 AM|
|Iptables/TC: how to make masqueraded traffic go through an openVPN tun0?||theVOID||IP Networking||2||08-27-2008 11:46 PM|