I have been having one hell of a time trying to setup a OpenVPN server on my media server. I am running Fedora 29 Server edition. I setup a network team with 4 Intel NICs. It is called team0. The Team IP is 192.168.1.76/24
I want to set it up so that all VPN traffic goes over team0.
I want to setup OpenVPN for my media server (Plex/Jellyfin) so that I can be like as if I am on my LAN when I am hundreds of miles away.
I have a DDNS with SSL with DeDyn.io
well i would start with testing the route / traffic, use tcpdump on the port and check that wan traffic is passed to that port on the server. assuming that it is, what interface / IP do you have OVPN bound to?
are logs showing issues in auth or errors?
I want to bind OVPN to team0
Every time I tried to start it with team0 set to bind, it crashed
Do you mean you have a
option in your openvpn config?
i have been considering switching to Algo, StrongSWAN, SoftEther or Wiregaurd.
I do recommend Algo. It also sets up wireguard for you, which is what everybody should be using. OpenVPN is a pig.
When you leave out the local command, openvpn binds to every available interface, which presumably would include your bonded interface team0.
Just drop all traffic try to connect to your openvpn service that doesn’t come over team0 (assuming your server is listening on udp port 1194)-:
iptables -A INPUT ! -i team0 -p udp -dport 1194 -j DROP
im running Firewalld. It is Fedora 29 Server. It comes with FirewallD
Do you suppose firewalld also has the ability to drop traffic for specific protocols and ports? My bet is that iptables is not the only firewall with that technology.
im aware that they do. im just pointing out that you provided an iptables command