How to fix not being able to reach a server remotely while using a VPN
When a VPN is active, all traffic flows through the VPN adapter. This can be a problem if you are trying to reach a server remotely that is running a web server or other service. The reason for this is that the VPN adapter may be assigned a different IP address than your regular network interface. This can cause the server to be unable to reach you.
There is a simple fix for this problem. You can create a separate table for incoming traffic to the server IP address and route it back through the default gateway instead of the VPN network. This can be done using the following commands:
sudo ip rule add from 192.168.1.2 table new sudo ip route add default via 192.168.1.1 dev eth1 table new
The first command creates a new table called
new. The second command adds a route to the default gateway via the
eth1 interface, but only for traffic in the
This will ensure that all incoming traffic to the server IP address is routed through the default gateway, even if the VPN is active.
However, this command needs to be run every time the server is restarted or the VPN network is connected. To automate this process, you can create a script that runs these commands and add it to your startup routine.
#!/bin/bash # Create a new table for incoming traffic to the server IP address sudo ip rule add from 192.168.1.2 table new # Add a route to the default gateway via the eth1 interface, but only for traffic in the new table sudo ip route add default via 192.168.1.1 dev eth1 table new
To add this script to your startup routine, you can place it in the
/etc/rc.local file. This file is executed on startup and has permission to run commands as root.
Once you have added the script to the
/etc/rc.local file, restart your server and the commands will be executed automatically.