this post was submitted on 19 Dec 2023
20 points (85.7% liked)

Selfhosted

39937 readers
400 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 1 year ago
MODERATORS
 

I want to set up a VPN that uses the client's IP when sending data out of the VPN server. I am able to use either OpenVPN (open-source edition), or Wireguard.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 10 months ago (2 children)

I think that it's similar to the "Normal VPN without NAT", but I want it to preserve the client IP all the way through to the server that the client wants to connect to (in other words, the website that the client wants to access will receive the IP of the client, not the VPN server).

[–] [email protected] 4 points 10 months ago

So there's three problems you are very likely to encounter.

  1. Most providers now almost certainly filter their egress for netblocks under their control to prevent ip spoofing. So it's likely the packets would never make it out at all.

2: if it does work the return path would be over the normal Internet route and not via the vpn. Only the sent packets would go via the vpn host.

3: if the client is behind nat the router will not recognise the response packets as belonging to an open connection and will drop them.

I'm really not sure what your intention is.

[–] [email protected] 1 points 10 months ago
  1. Where is the server located? Are you looking at an intranet location or internet?

  2. Is the client connected to the VPN concentrator via IPv4 or IPv6?

  3. Is the VPN concentrator connected to the server via IPv4 or IPv6?

What you ask may be possible depending on those answers.