1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Allowing SSH on a server with an active OpenVPN client

Discussion in 'Main Forum' started by odie5533, Sep 12, 2018.

  1. odie5533

    odie5533 Guest

    I have a VPS running CentOS 7 that I connect to with SSH. I would like to run an OpenVPN client on the VPS so that internet traffic is routed through the VPN, but still allow me to connect to the server via SSH. When I start up OpenVPN, my SSH session gets disconnected and I can no longer connect to my VPS. How can I configure the VPS to allow incoming SSH (port 22) connections to be open on the VPS's actual IP (, but still route outgoing traffic (like from a web browser on the VPS) through the VPN?

    The OpenVPN service I use is PrivateInternetAccess, and an example config.ovpn file is:

    dev tun
    proto udp
    remote nl.privateinternetaccess.com 1194
    resolv-retry infinite
    ca ca.crt
    remote-cert-tls server
    verb 1
    reneg-sec 0
    crl-verify crl.pem

    VPS's ip addr:

    1: lo: mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
    valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
    valid_lft forever preferred_lft forever
    2: ens33: mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:50:56:be:16:f7 brd ff:ff:ff:ff:ff:ff
    inet brd scope global ens33
    valid_lft forever preferred_lft forever
    inet6 fe80::250:56ff:febe:16f7/64 scope link
    valid_lft forever preferred_lft forever
    4: tun0: mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 100
    inet peer scope global tun0
    valid_lft forever preferred_lft forever

    VPS's ip route: via dev tun0
    default via dev ens33 proto static metric 1024 via dev tun0 dev tun0 proto kernel scope link src dev ens33 proto kernel scope link src via dev ens33 via dev tun0

    Login To add answer/comment

Share This Page