Description: The customer would like to audit 1 of the system by who is accessing It and currently the customer sees that all logs are from the Network Connector private IP Address.
Network Connector (Ubuntu OS)
VPN IP Address: 100.96.1.214/30
Private IP Address: 172.31.14.149/20
Application System (CentOS OS)
Private IP Address: 172.31.9.88/20
Connected VPN User (Windows OS)
VPN IP Address: 100.96.1.34/28
Cause: When SNAT is enabled source IP address of all inbound traffic from CloudConnexa will be set to the VPN Gateway IP address.
SNAT is enabled by default in CloudConnexa Portal.
Resolution: Step 1) You need to disable SNAT from your CloudConnexa Portal > Settings > VPN > Edit > Disable: SNAT > Update.
Step 2) After disabling SNAT in CloudConnexa Portal, next is deleting the configured NAT in iptables of the Network Connector.
# sudo iptables -t nat -D POSTROUTING 1
Step 3) Execute the below commands to save permanently the iptables.
# sudo iptables-save | sudo tee /etc/iptables/rules.v4
# sudo iptables-save | sudo tee /etc/sysconfig/iptables
Step 4) Add routing in the Application System to have reachability for all the connected VPN users and the next hop is the network connector.
# sudo ip route add 100.96.0.0/11 via 172.31.14.149 dev eth0
Step 5) From the connected VPN user confirm the VPN IP Address of who is accessing the Application System.
Verify from the Application System If It's showing now the VPN IP Address of who accessed the system instead of the Network Connector IP Address.
Please sign in to leave a comment.