I been using a VPN on my home server running Ubuntu 14.04. The VPN works great and all is well except that I cannot connect from outside my LAN which is a problem because I like to use Plex, SSH, and other services while not at home.
These are the solutions I have found and the problems associated with them. These all are inside of a on_connect.sh script that runs when the vpn gets connected.
# This worked, but would not let LAN computers connect to the VPN.
ip route add table 42 default via 192.168.1.1
ip rule add from 192.168.1.1/32 table 42
# This worked, but caused annoying issues with Plex being able to not connect at various times
# and forcing me to stop the vpn, restart plexmediaserver, and start the vpn back up.
ip rule add from 192.168.1.150 table 128
ip route add table 128 to 192.168.1.1/24 dev eth1
ip route add table 128 default via 192.168.1.1
# This worked, but after so many hours it disallows access from the internet and I must remote into my local PC and SSH into the server to restart the vpn.
# Table for routing via eth1
ip route add default via 192.168.1.1 table 42
# Mark packets that need special routing
iptables -t mangle -A PREROUTING -p tcp --dport 22 -j MARK --set-mark 99
iptables -t mangle -A PREROUTING -p tcp --dport 32400 -j MARK --set-mark 99
# Add a rule to use a different routing table for marked packets
ip rule add fwmark 99 table 42
I just want to forward select ports via the eth1/eth2 adapter. I want to make it so even if the local server ip changes that it will not affect the script (even though it is on a static IP, just to future proof it). There has to be an easy way to forward select ports around the VPN.
Any help is GREATLY appreciated.