Connecting to a client from the host machine

[DimaK-tracxpoint]

Hi all and thanks for the great product. I have to call a service listening on a TCP port - on the OVPN client machine. There is no issue to do so from OVPN server container - but I want to be able to connect from hosting it machine. Is it possible and how the routing has to be set up? I got the following configuration:

• Docker host
  • eth0: 10.0.0.199
  • docker0: 172.17.0.1
• OVPN container
  • eth0: 172.17.0.2
  • tun0-00: 192.168.255.1
• OVPN client
  • tun0-00: 192.168.255.6

Thanks!

[1070148808]

sorry,i want to use server ping client,but not success,why????

[jcberthon]

I'm also trying to solve that issue. I will answer this issue when I've found a solution.

I'm currently trying to configure the host routes to redirect packets to the OVPN container which should do the routing. No success yet, but trying...

The other alternative would be that the tun0 device is not created with the network namespace of the container but in the one of the host (e.g. --net=host) . But I don't like the idea of running the OpenVPN container within the same namespace as the host.

[lukecyca]

1. Ensure that you have ip forwarding enabled in the docker-openvpn container:

root@vps9:~/server-ops/docker# docker-compose exec openvpn /bin/bash
bash-4.4# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

2. Configure a new static route in your docker host so that traffic for the vpn network is sent via the docker-openvpn container:

ip route add 192.168.255.0/24 via 172.18.0.11

3. Ensure your clients get a static route for the docker network so they know to reach it via the VPN server. There are a few ways to do this, but I did it with:

push "route 172.18.0.0 255.255.0.0 192.168.255.1"