How to allow SSH into Terminal after connecting to VPN server using NordVPN servers through OpenVPN?

linux centos ssh networking openvpn

21,463

Solution 1

I were able to find a solution for my issue by:

when you connect to the Server by its public IP address, the return packets get routed over the VPN. You need to force these packets to be routed over the public eth0 interface. These route commands should do the trick:

ip rule add from x.x.x.x table 128
ip route add table 128 to y.y.y.y/y dev eth0
ip route add table 128 default via z.z.z.z

Where x.x.x.x is your Server public IP, y.y.y.y/y should be the subnet of your Server public IP address, eth0 should be your Server public Ethernet interface, and z.z.z.z should be the default gateway.

Solution 2

When using the NordVPN Linux client, iptables are used to change traffic instead of modifying the routes. To allow SSH to go through, you need to whitelist the SSH port.

nordvpn whitelist add port 22

21,463

αԋɱҽԃ αмєяιcαη

White Hat Hacker Youtube/Facebook/Google Hall oF Flame Google Developer Cloud Area & CAPTCHA Core Team Developer SQL Expert. Linux And Windows Servers Administrator. Web Scraping. Sometimes Black Hat :) depending Mood!

Updated on September 18, 2022

Comments

αԋɱҽԃ αмєяιcαη over 1 year

I'm using Linux CentOS 7 Server and I already installed OpenVPN and NordVPN servers which I use to connect my Linux to.

After establishing the VPN Connection, immediately my SSH access got disconnected.

How to allow SSH access to the server while it's connected to VPN Server? And how to make it work whenever the server is rebooted?

I used this tutorial on my setup: https://nordvpn.com/tutorials/linux/openvpn/
chw21 over 4 years

Hi, Thanks for the answer, but could you elaborate? When I'm running (on the server) nordvpn connect ; nordvpn whitelist add port 22 I still can't ssh into the server afterwards using the servers real IP address, and I don't know the remote IP address.
Jamesernator over 4 years

This doesn't seem to be working for me and I'm not sure how to go about debugging it. Anyone got any suggestions?
soupdiver over 3 years

cool, that worked for me too
Thiago about 3 years

Thank you very much! This worked for me, but I had to change eth0 to the proper interface. And I had to whitelist port 22 as described before.
yarek over 2 years

How do you find x.x.x.x y.y.y.y and z.z.z.z ?
Admin almost 2 years

This doesn't seem to persist at least some of the updates of the norvpn client. Just took me half an hour to diagnose why ssh was not working. You may need to repeat this after nordvpn updates.