0

I'm trying to install OpenVpn on a remote Ubuntu 20 server and am following this tut. I'm able to step through it but cannot determine where this source address is in its example:

$ sudo iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE

The table, Appending, outgoing interface I have figured out. But I want to understand what the source addy is supposed to be. If it was the IP addy of the eth0 port, then it would make sense to be a single addy. But this is a range. Perhaps it's a white list of allowed client addy's? Reading other posts here don't include a source address/range but those posts may not be setting up a private VPN server. Thx for reading.

Improve this question
3
  • 1
    MASQUERADE is the source address of the outgoing interface. As you wrote it right now traffic heading from internal 10.8.0.0/24 to any destination via eth0 as the exfil interface will masquerade as the IP address of eth0.
    – Thomas Ward
    Commented Feb 21 at 2:10
  • Thank you, if --source is essentially the same as the IP addy of eth0, would this example work with a single IP addy of the remote server running OpenVpn? This example using a range of IP addy's for its source is throwing me.
    – sam452
    Commented Feb 21 at 23:16
  • I'll write up a diagram and provide an example of things with my VPN configs as to how this works. Especially with a server that has multiple exfil IPs then it gets complicated. Give me some time thoughu.
    – Thomas Ward
    Commented Feb 21 at 23:28

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .