Hi Gregory, > Gregory Nowak wrote: >>> The public address assigned to the laptop would actually be >>> configured on the VPS, >> >> Hmm... No. Sorry. Doesn't make sense. The public address assigned >> to the laptop would probably be yet another private address behind a >> NAT somewhere. > > Ok, some confusion here it seems. Both you and I are right in that the > laptop's > public address is assigned to the VPS, and is also in reality yet another > private address behind a NAT somewhere like you said. I'll explain below, > since I do in fact have this going as I mentioned in my latest post to > the VPS crashing thread.
I have been following this and I think it is getting clear what you are doing but I have lost what the problem is we are trying to resolve. If I understand it right your setup is something like: VPS has network 1.2.3.0/24 (mask 255.255.255.0) Uplink ip 1.2.3.1 VPS public ip 1.2.3.2 Laptop wants to use 1.2.3.3 dns vps vps.company.org A 1.2.3.2 vps interfaces file iface eth0 address 1.2.3.2 netmask 255.255.255.0 gateway 1.2.3.1 iface eth0:0 address 1.2.3.3 netmask 255.255.255.0 openvpn server config port 1194 proto udp dev tun server 10.1.1.0/24 255.255.255.0 etc. openvpn client config client dev tun proto udp remote vps.company.org 1194 etc. Somehow you have made sure client always gets same 10.1.1.x number, for instance 10.1.1.3 Via iptables you make sure any traffic coming in on the VPS server with destination 1.2.3.3 is going to the VPN ip of the laptop And vice versa any traffic coming from the laptop vpn ip get sent out with the source 1.2.3.3 openvpn server iptables iptables -t nat -A PREROUTING -d 1.2.3.3 -j DNAT --to 10.1.1.3 iptables -t nat -A POSTOUTING -s 10.1.1.3 -j SNAT --to 1.2.3.3 What is it that is not working? If you think we can solve the problem better by supplying the real configs then please do so. Bonno Bloksma -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/89d1798a7351d040b4e74e0a043c69d7594e7...@einexch-01.tio.nl