This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Next revisionBoth sides next revision | ||
computing:vpnserver-debian [2023/05/21 22:57] – oemb1905 | computing:vpnserver-debian [2023/05/22 02:04] – oemb1905 | ||
---|---|---|---|
Line 95: | Line 95: | ||
ssh root@192.168.122.1 | ssh root@192.168.122.1 | ||
| | ||
- | Next, I need to add routes to a different subnet on a virtual bridge I use for my VMs. Then, I can disable public facing ssh on all of VMs theoretically and access them through the vpnserver only. Again, even this is overkill since I am already using ssh keypairs, however, I might just do it to learn about pushing routes/ | + | For traffic redirection, do the following: |
- | --- // | + | nano / |
+ | < | ||
+ | nano / | ||
+ | < | ||
+ | <: | ||
+ | <-A POSTROUTING -s 192.168.123.0/ | ||
+ | < | ||
+ | nano / | ||
+ | < | ||
+ | sysctl -p | ||
+ | |||
+ | This enables masquerading, | ||
+ | |||
+ | redirect-gateway def1 | ||
+ | |||
+ | My next goal is to add some routes to a different subnet on a virtual bridge I use for my VMs, and that's also on the physical host. Then, I can disable public facing ssh on all of VMs theoretically and access them through the vpnserver only. Again, even this is overkill since I am already using ssh keypairs, however, I might just do it to learn about pushing routes/ | ||
+ | |||
+ | --- // | ||
| | ||