Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Setting up VPN on a remote server
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Setting up VPN on a remote server

Hi guys I'm trying to setup a VPN on a remote server. Everytime I enable it, I'm throw out of the ssh session. How do I route some apps through the VPN while other services through the normal IP?

«1

Comments

  • @BarkingIron said:
    How do I route some apps through the VPN while other services through the normal IP?

    Keep Solid has this function. $13 will save a lot of your and ours time

  • @SpeedTest said:

    @BarkingIron said:
    How do I route some apps through the VPN while other services through the normal IP?

    Keep Solid has this function. $13 will save a lot of your and ours time

    What's the point of the forum if not help someone out? :)

    I picked up keepsolid. I'll check it out!

  • risharderisharde Patron Provider, Veteran

    This is a question I also had after experiencing the same, getting a tutorial on how to do this has been very hard to come across.

  • @BarkingIron said: What's the point of the forum if not help someone out?

    You even did not explain details about your type of connection at first

  • @SpeedTest said:

    @BarkingIron said:
    How do I route some apps through the VPN while other services through the normal IP?

    Keep Solid has this function. $13 will save a lot of your and ours time

    Bit of my time wasted? ;)

    From keepsolid FAQs

    Such a feature is currently available in the VPN Unlimited app for Android. It’s called App Exceptions and it allows you to choose apps that will not be covered with VPN connection. You can find this feature on the Settings screen (learn more in our guide on how to use VPN Unlimited on Android).

  • @jenkki said:

    @BarkingIron said: What's the point of the forum if not help someone out?

    You even did not explain details about your type of connection at first

    How do you mean? It's a remote dedi that I ssh into. I'm trying to stop the server from kicking me out as soon as I enable VPN, which I'm assume happens because all traffic is routed through the VPNs IP and not the server.

    Let me know what else I can provide!

  • mcgreemcgree Member
    edited December 2021

    You can insert this script into the VPN startup process, such as WireGuard Post-Up process, and of course the Post-Down process should be reversed.

    Of course WireGuard can also use the table=off option.

    PostUp = ip rule add from [your ipv4] lookup main
    PostDown = ip rule delete from [your ipv4] lookup main
    

    You can still manage the server through your server IPv4, and all other traffic to the server goes through the VPN.

    Full example:

    [Interface]
    PrivateKey = kCtbc4UIo3SewafC98ZFbaBZZ1G1pc1xzUQWMf2HDmc=
    PostUp = ip rule add from 3.4.2.1 lookup main
    PostDown = ip rule delete from 3.4.2.1 lookup main
    
    [Peer]
    PublicKey = 65Pa5Oqiv243YEkRpgCiT1C75SrWxLa1HxMAIzUG3zk=
    AllowedIPs = 0.0.0.0/0, ::/0
    Endpoint = myserver.dyndns.org:51820
    
    Thanked by 2Astro MannDude
  • @BarkingIron said: How do you mean?

    What type of VPN connection you use? Did you know something about it?

  • @jenkki said:

    @BarkingIron said: How do you mean?

    What type of VPN connection you use? Did you know something about it?

    Tried this with OpenVPN. I am open to using wireguard as well.

  • @mcgree said:
    You can insert this script into the VPN startup process, such as WireGuard Post-Up process, and of course the Post-Down process should be reversed.

    Of course WireGuard can also use the table=off option.

    PostUp = ip rule add from [your ipv4] lookup main
    PostDown = ip rule delete from [your ipv4] lookup main
    

    You can still manage the server through your server IPv4, and all other traffic to the server goes through the VPN.

    Full example:

    [Interface]
    PrivateKey = kCtbc4UIo3SewafC98ZFbaBZZ1G1pc1xzUQWMf2HDmc=
    PostUp = ip rule add from 3.4.2.1 lookup main
    PostDown = ip rule delete from 3.4.2.1 lookup main
    
    [Peer]
    PublicKey = 65Pa5Oqiv243YEkRpgCiT1C75SrWxLa1HxMAIzUG3zk=
    AllowedIPs = 0.0.0.0/0, ::/0
    Endpoint = myserver.dyndns.org:51820
    

    I'll give this a shot, thank you!

  • jenkkijenkki Member
    edited December 2021

    @BarkingIron said: Tried this with OpenVPN. I am open to using wireguard as well.

    Original applications do not allow you to do Not sure that you manually set up it

  • I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

  • @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

  • @OsirisBlack said:

    @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

    Seedbox

  • OsirisBlackOsirisBlack Member
    edited December 2021

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

    Seedbox

    You must be using some shitty public trackers then.

  • @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

    Seedbox

    You must be using some shitty public trackers then.

    Just trying to play it safe. And possibly. I'm new to the private tracker scene. Care to send an invite to some decent ones?

  • @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

    Seedbox

    You must be using some shitty public trackers then.

    Just trying to play it safe. And possibly. I'm new to the private tracker scene. Care to send an invite to some decent ones?

    Nope :smile:

  • @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

    Seedbox

    You must be using some shitty public trackers then.

    Just trying to play it safe. And possibly. I'm new to the private tracker scene. Care to send an invite to some decent ones?

    Nope :smile:

    No worries! 🙂

  • Run the apps you want to use VPN and the VPN client itself in a network namespace (systemd NetworkNamespacePath helps)

    Or you might find it easier to use a container (systemd-nspawn etc)

  • @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

    Seedbox

    You must be using some shitty public trackers then.

    Just trying to play it safe. And possibly. I'm new to the private tracker scene. Care to send an invite to some decent ones?

    Nope :smile:

    No worries! 🙂

    If you're serious about entering decent privates - I'd refrain from asking on public forums.

    Just a heads up. Take as you will :smiley:

  • @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

    Seedbox

    You must be using some shitty public trackers then.

    Just trying to play it safe. And possibly. I'm new to the private tracker scene. Care to send an invite to some decent ones?

    Nope :smile:

    No worries! 🙂

    If you're serious about entering decent privates - I'd refrain from asking on public forums.

    Just a heads up. Take as you will :smiley:

    Just trying my luck! It's hard when just starting out

  • @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

    Seedbox

    You must be using some shitty public trackers then.

    Just trying to play it safe. And possibly. I'm new to the private tracker scene. Care to send an invite to some decent ones?

    Nope :smile:

    No worries! 🙂

    If you're serious about entering decent privates - I'd refrain from asking on public forums.

    Just a heads up. Take as you will :smiley:

    Just trying my luck! It's hard when just starting out

    Yup - but worth the effort :smile:

  • @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    @OsirisBlack said:

    @BarkingIron said:

    I'm not trying to route my traffic through my server.

    I'm trying to route my servers traffic through a VPN but still be able to SSH into it

    Why

    Seedbox

    You must be using some shitty public trackers then.

    Just trying to play it safe. And possibly. I'm new to the private tracker scene. Care to send an invite to some decent ones?

    Nope :smile:

    No worries! 🙂

    If you're serious about entering decent privates - I'd refrain from asking on public forums.

    Just a heads up. Take as you will :smiley:

    Just trying my luck! It's hard when just starting out

    Yup - but worth the effort :smile:

    Agreed! Finally have the server and the time to get a sick Plex server going

  • In simple words OP looking for route their Pornhub traffic trough VPN and his Bank account traffic trough Home ISP at the same time. Without switching on off VPN every time.

  • @jenkki said:
    In simple words OP looking for route their Pornhub traffic trough VPN and his Bank account traffic trough Home ISP at the same time. Without switching on off VPN every time.

    lol

  • @jenkki said:
    In simple words OP looking for route their Pornhub traffic trough VPN and his Bank account traffic trough Home ISP at the same time. Without switching on off VPN every time.

    Sounds like he just want's to route his (whatever torrent client he's using) through a vpn. Sounds like a lot of messing about considering his server is on OVH network and half the servers on there are torrenting :smiley:

  • Have a look a talescale with a exit node easy to setup and bind the torrent client to the talescale network.

  • @BarkingIron said:

    @mcgree said:
    You can insert this script into the VPN startup process, such as WireGuard Post-Up process, and of course the Post-Down process should be reversed.

    Of course WireGuard can also use the table=off option.

    PostUp = ip rule add from [your ipv4] lookup main
    PostDown = ip rule delete from [your ipv4] lookup main
    

    You can still manage the server through your server IPv4, and all other traffic to the server goes through the VPN.

    Full example:

    [Interface]
    PrivateKey = kCtbc4UIo3SewafC98ZFbaBZZ1G1pc1xzUQWMf2HDmc=
    PostUp = ip rule add from 3.4.2.1 lookup main
    PostDown = ip rule delete from 3.4.2.1 lookup main
    
    [Peer]
    PublicKey = 65Pa5Oqiv243YEkRpgCiT1C75SrWxLa1HxMAIzUG3zk=
    AllowedIPs = 0.0.0.0/0, ::/0
    Endpoint = myserver.dyndns.org:51820
    

    I'll give this a shot, thank you!

    The solution is having the postup/postdown set a couple route rules so that traffic sent to the original IP gets returned by the original IP and not the VPN. I don't have it handy, but shouldn't be more than 5 minutes of googling.

  • farsighterfarsighter Member
    edited December 2021

    Using a VPN client on VPS is a kinda rare goal I never bothered to try but it's possible using the right IP routing configs.

    What I actually tried in the past was routing my VPS traffic through a VPN client on my Android phone (using a SSH tunnel in Termux app) which was funny to see working, but that doesn't really answer your question.

    To your question, start from this page and the links that come out of it:
    https://www.digitalocean.com/community/questions/tunneling-vps-traffic-through-vpn-using-vps-as-openvpn-client

    Thanked by 1Astro
Sign In or Register to comment.