Openvpn nat and iptables
good day good people
first to tell that firewall and vpn is working as expected, but I notice something strange.
I have host system 188.8.131.52(local ip) firewall is blocking everything except port to vpn.
I have vpn on virtualized system 184.108.40.206 (CentOS both host and virtual). They are behind MikroTik router and then to my ISP router. This is a home setup I'm just experimenting.
PREROUTING 220.127.116.11:1194 to 18.104.22.168:1194 all other is blocked by iptables.
POSTROUTING 22.214.171.124 to 126.96.36.199
I noticed with Wireshark from host 188.8.131.52 that while I'm connected to vpn from another pc that 184.108.40.206 is connecting to ip addresses of websites I visit while in same time is connected to vpn. like:
220.127.116.11 XX.XX.XX public ip
18.104.22.168 tcp udp sites i visit
but 22.214.171.124 is unnecessarily making connections to website ip addresses. She cannot make the reqests because DNS and ports for that are blocked. So this is because postrouting command my best guess. Can this somehow be disabled? First this is a security issue, second its unnecessary.
Someone told me that this is because NAT setup. but I believe that this can be disabled somehow, I didn't find solution yet so maybe someone know how.
Last edited by Scrutinizer; 11-05-2016 at 04:48 AM.. Reason: Spelling
|Thread Tools||Search this Thread|
|More UNIX and Linux Forum Topics You Might Find Helpful|
|Thread||Thread Starter||Forum||Replies||Last Post|
|OpenVPN and NAT||nickb1976||Solaris||0||08-05-2015 05:27 PM|
|iptables for openvpn||sdnix||UNIX for Dummies Questions & Answers||0||08-15-2014 01:38 PM|
|iptables in a NAT scenario||capri_guy84||Security||1||05-17-2013 05:12 PM|
|NAT Loopback and iptables||6765656755||Red Hat||0||04-07-2013 12:18 PM|
|Iptables/TC: how to make masqueraded traffic go through an openVPN tun0?||theVOID||IP Networking||2||08-28-2008 12:46 AM|