All:
After reviewing the iptables chains workflow, I discovered that the Nginx
Worker (100.64.8.236:12345) outside interface was associated with the OUTPUT
chain.
(192.168.0.2:12345) OUTPUT ==>
(192.168.0.154:$port) PREROUTING ==>
(100.64.8.236:12345) POSTROUTING ==>
Windows Client (192.168.0.154:$port) ==> Nginx Master (192.168.0.2:443) |
Nginx Worker (100.64.8.236:12345) ==> Upstream Desination Server
(104.27.161.206:443)
<== POSTROUTING (192.168.0.2:443)
<== PREROUTING (104.27.161.206:443)
Once adding the appropriate iptables OUTPUT rule, using the correct
interface (vlan2), the packets leaving the Nginx Worker (100.64.8.236:12345)
were then appropriately MARKed and routed to the OpenVPN Tunnel.
# iptables -t mangle -I OUTPUT -o vlan2 -p tcp -m multiport --sport 12345 -j
MARK --set-mark 0x2000/0x2000
Now, I just need to figure out the Nginx SSL Client CA Trust configuration
and we should be in business.
Hope this helps someone in the future.
Respectfully,
Gary
Posted at Nginx Forum:
https://forum.nginx.org/read.php?2,289823,289847#msg-289847
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
