the1ts
commented
2 years ago Quite often an OpenVPN server is setup to NAT traffic from VPN clients not route them on with their 10.x.x.x addresses, so the IP you may be seen as is the IP of the OpenVPN server or even the IP of the container host, not the 10.x.x.x address given as your VPN address.
Quickest way to find out is to remove the access list, and see the address your VPN clients use from the proxy logs. Then you can create a valid IP based access list that captures the VPN traffic. Or look to alter the functionality of the OpenVPN server if the IP you see isn't what you want/expect.
github-actions[bot]
Hi, I wanted to create access list that I can only go to a domain name over VPN. Can't really work it out because when I create a access list for openvpn and enter the IP of the VPN it denies the access to the site. Anyone done this before and can help me out?