I have two linux machines connected to same router at home. I installed ssh-server on machineA and I am able to connect locally to machineA from machineB. However I am not able to do that when machineA has a vpn connection. The ip I am connecting to is the 'wlp2s0/inet' in the output of ifconfig
of machineA. Output of ifconfig
(of machineA) has additional 'tun0' block when it is connected to vpn. MachineB does not (at least as of now) have vpn connection. My goal is to have vpn connection on machineA and be able to ssh machineB->machineA (locally only) so alternate solutions are also welcome if some virtual machine trick is easier.
Edit:
machineA is 192.168.0.108
machineB is 192.168.0.102
So I am trying to access address 192.168.0.108 but I fail when I turn on vpn on machineA (and using the same port). Even ping from machineB to 192.168.0.108 does not respond. Ping from machineA to 192.168.0.102 gives ping: sendmsg: Operation not permitted
. However ping machineA <-> machineB works both ways when vpn is off.
machineA$ route
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.13.10.5 128.0.0.0 UG 0 0 0 tun0
default gateway 0.0.0.0 UG 20600 0 0 wlp2s0
10.13.10.1 10.13.10.5 255.255.255.255 UGH 0 0 0 tun0
10.13.10.5 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
128.0.0.0 10.13.10.5 128.0.0.0 UG 0 0 0 tun0
link-local 0.0.0.0 255.255.0.0 U 1000 0 0 wlp2s0
14.95.40.192.st gateway 255.255.255.255 UGH 0 0 0 wlp2s0
192.168.0.0 0.0.0.0 255.255.255.0 U 600 0 0 wlp2s0
machineA$ ip route
0.0.0.0/1 via 10.42.10.5 dev tun0
default via 192.168.0.1 dev wlp2s0 proto static metric 20600
10.42.10.1 via 10.42.10.5 dev tun0
10.42.10.5 dev tun0 proto kernel scope link src 10.42.10.6
128.0.0.0/1 via 10.42.10.5 dev tun0
169.254.0.0/16 dev wlp2s0 scope link metric 1000
192.40.95.2 via 192.168.0.1 dev wlp2s0
192.168.0.0/24 dev wlp2s0 proto kernel scope link src 192.168.0.108 metric 600
machineA$ ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
machineB$ ip route get 192.168.0.108
192.168.0.108 dev wlp2s0 src 192.168.0.102
cache
Edit2: I noticed that address 192.40.95.2 changes in last position between vpn reboots. For example 14->2->7
Edit3: I feel a bit ashamed. I had a switch "disable local connections" enabled on my vpn client. I can't seem to find any noticeable differences in route
, ip route
or ip rule
outputs.
route
:ip route
;ip rule
;iptables-save -c
. TheOperation not permitted
can also come from firewalling.ip get 192.168.0.108
and see if it goes where it should go. If that's ok, next step is to check all firewall tables.