What I have is
A
in my region, and B
in another region (both servers are CentOS 7).
The reason of this question is
I can connect from A
to B
and from B
to A
, but the final goal is to have internet via B
, because it has limitless internet (by limitless I mean no 403 errors).
I'm thinking of this
- create connection from
B
toA
, then I connect to OpenVPN inA
andA
sends the packets and grants me a limitless internet overtun0
device toB
.
What I am trying to achieve
create a
tun0
device inA
with subnet10.8.0.1/24
(which is done so far by this link), and create anothertun0
device inB
with subnet10.9.0.1/24
(it doesn't matter if it should be in the same subnet ofA
.then connect these two
tun
devices viassh
(I think they should be able to ping each other private IPs with command lineping -c1 -I tun0 10.8.0.2
) (in this case,B
should connect toA
).Add an
iptables masquerade
rule in both servers, so they can mask.Finally,
What I think should be done
Create a persistent connection from
B
toA
andA
toB
viatun0
device (I googled but didn't find good results).Running these two commands in both servers (both main interfaces are
eth0
(I think I'm missing something here):
iptables -A FORWARD -i tun0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
If other configurations should be done that I don't know, they're here I believe.
Then I should change the final
OpenVPN
's client config file like this (from the server trying to connect to another one):
client
dev tun
proto tcp
remote A Port
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
auth SHA512
...
What I have done so far
Installed OpenVPN via given link in
A
Added new
tun0
device inB
:
ip addr add 10.9.0.1/24 dev tun0
- Ran the
masquerade
in both servers:
iptables -A FORWARD -i tun0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
- Enable
ipv4.forwarding
in both servers and disabled firewall in both servers to be sure that wouldn't cause any problems.
Can you help me how can I do this scenario and have a multihop OpenVPN for myself?
SuperUser
andServerFault
both, but couldn't find any question title relating to what I want. Can you help me which question it was to see your answer.