Ubuntu – Can’t SSH to server with VPN connection


This is quite messed up, I know. Let me explain it all.

I have a dynamic DNS set on my router. I verified that, after port forwarding, I can connect to desired application (if I run something on port 1337 and forward the port to appropriate machine I can connect to it from outside with no issues).

Now, if I connect my Macbook to VPN and run something as described above, it works as expected. BUT, if I connect my machine running Ubuntu Server 16.04 to the VPN and run something or want to connect by ssh, it fails. I forwarded port I'm using for SSH connection on router. I also tried hosting a web server, which also failed.

What can I do about this issue? This doesn't make sense to me.

About Ubuntu Server machine: it's a clean install with openvpn client and ssh server configured, no firewall running, iptables not edited, connected to router via ethernet.

EDIT: Here are the routing tables:

Best Answer

  • OK, I managed to find a solution.

    Using openvpn package without any wrappers:

    Add those 2 lines to your .ovpn file (or .conf if you're auto connecting):

    script-security 2
    up /etc/openvpn/up.sh

    Then, create /etc/openvpn/up.sh with executable permissions (755/700):

    ip rule add from <your-server-ip> table 128
    ip route add table 128 to <your-server-subnet> dev <your-interface>
    ip route add table 128 default via <server-gateway>

    For example, here's my configuration:

    ip rule add from table 128
    ip route add table 128 to dev eno1
    ip route add table 128 default via

    Using a different VPN client/different configuration:

    I can't predict the steps required, but generally you need to run up.sh script (above) everytime your VPN connection is established.

    Hope it helps someone having the same issue. Cheers!

  • Related Question