Openvpn nat and iptables
good day good people
first to tell that firewall and vpn is working as expected, but I notice something strange.
I have host system 184.108.40.206(local ip) firewall is blocking everything except port to vpn.
I have vpn on virtualized system 220.127.116.11 (CentOS both host and virtual). They are behind MikroTik router and then to my ISP router. This is a home setup I'm just experimenting.
PREROUTING 18.104.22.168:1194 to 22.214.171.124:1194 all other is blocked by iptables.
POSTROUTING 126.96.36.199 to 188.8.131.52
I noticed with Wireshark from host 184.108.40.206 that while I'm connected to vpn from another pc that 220.127.116.11 is connecting to ip addresses of websites I visit while in same time is connected to vpn. like:
18.104.22.168 XX.XX.XX public ip
22.214.171.124 tcp udp sites i visit
but 126.96.36.199 is unnecessarily making connections to website ip addresses. She cannot make the reqests because DNS and ports for that are blocked. So this is because postrouting command my best guess. Can this somehow be disabled? First this is a security issue, second its unnecessary.
Someone told me that this is because NAT setup. but I believe that this can be disabled somehow, I didn't find solution yet so maybe someone know how.
Last edited by Scrutinizer; 11-05-2016 at 04:48 AM.. Reason: Spelling
|Thread Tools||Search this Thread|
|More UNIX and Linux Forum Topics You Might Find Helpful|
|Thread||Thread Starter||Forum||Replies||Last Post|
|OpenVPN and NAT||nickb1976||Solaris||0||08-05-2015 05:27 PM|
|iptables for openvpn||sdnix||UNIX for Dummies Questions & Answers||0||08-15-2014 01:38 PM|
|iptables in a NAT scenario||capri_guy84||Security||1||05-17-2013 05:12 PM|
|NAT Loopback and iptables||6765656755||Red Hat||0||04-07-2013 12:18 PM|
|Iptables/TC: how to make masqueraded traffic go through an openVPN tun0?||theVOID||IP Networking||2||08-28-2008 12:46 AM|