How can I setup 2 VPS can connect without using VPN which those VPS has already setup the ListenAddress to the VPN

Question

I have 2 VPS, and those 2 VPS are setup OpenVPN, and we only can access it by connect to VPN, then ssh it to VPN gateway itself. I set it up from sshd_config by adding ListenAddress.

here's the example of my 2 VPS IP Address

First Server
IP Address: 192.168.0.1
VPN Address: 192.170.0.1

sshd_config
ListenAddress 192.170.0.1

Second Server
IP Address: 170.168.0.1
VPN Address: 170.192.0.1

sshd_config
ListenAddress 170.192.0.1

now if I want to connect to the First Server, I need to connect to my OpenVPN in First Server, then ssh it using VPN Address which I have set in ListenAddress so it should, [email protected] and I can't connect using the original IP Address.
Also for Second Server I did same to connect to the VPS. And All good with it, it's like what I want.

but, the issue now, I want to connect to my First Server from Second Server without need to connect to VPN of my First Server and maybe can directly connect to the server directly using the original IP Address

How can I do that?

Answer 1

You cannot use the original IP address, because you told sshd to not accept connections on it. That's what ListenAddress achieves – using it doesn't add addresses (the default is to listen on everything), using it limits inbound connections to only the specific addresses listed. So if your VPN address is the only one listed in ListenAddress, then you must use the VPN address.

To make both addresses usable, remove ListenAddress.

---

You may be able to make a direct connection using the VPN address as long as the target host is connected to the VPN (and its VPN interface is up) even if the source host isn't connected yet, but that needs a route "to 170.192.0.1 via 170.168.0.1".