[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openconnect-devel
Subject:    Access self-hosted sites via public address when on VPN
From:       Simon Taylor <simon () simontaylor ! net>
Date:       2017-12-02 17:20:06
Message-ID: CAM-4CzPeLkL=6keWvX0dtt8P=qDFATjWnL9+5kxGg=WMLh1yuA () mail ! gmail ! com
[Download RAW message or body]

Hi - sorry to bother but I have a problem with my local network that
is proving to be rather annoying when trying to reach my self-hosted
website via it's public address.

I have ocserv 0.11.9 running on an internal Debian host (in tunnel all
traffic mode) and when a Windows 10 client logs on to the vpn, I can
get to internet sites no problem and even internal sites using their
local addresses are served without issue.

However when I try and access my public facing website that I host on
the same internal network (eg. https://www.myweb.com), I get 'Your
Internet access is blocked' in chrome and I cannot ping it without
getting 'general failure' messages.  If I ping it's internal ip
address it resolves fine.

The only rule in iptables on the vpn host is: iptables -t nat -A
POSTROUTING -s 192.168.1.0/24 -o eth0 -j MASQUERADE

strange thing is, when logging on to the VPN from my Android tablet,
it works fine. :(

Anyone any ideas?  I suspect it is a routing issue of sorts but it is
really annoying as I can't appear to diagnose the root cause.

Much appreciated.

_______________________________________________
openconnect-devel mailing list
openconnect-devel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/openconnect-devel

[prev in list] [next in list] [prev in thread] [next in thread]