[strongSwan] road worrior IP - can it also be used by services/daemons to listen onto?

Dirk Hartmann dha at heise.de
Fri Nov 10 15:34:04 CET 2017


--On Friday, November 10, 2017 02:21:09 PM +0000 lejeczek 
<peljasz at yahoo.co.uk> wrote:

> I've a working roadwarrior which links up to a server(not mine,
> meaning - no control over it) and I wonder - can that IP my
> roadworrior gets other things use?
>  From that other(server) end, the network behind the server sees that
> IP my roadworrior gets, can ping it but, how to make, eg. apache etc,
> use and serve on that IP?
> If I do nmap from server's net on my roadwarrior IP it says port is
> closed.
> Is it something I can do at my end? Which would be great if possible.

without a firewall either on your RW or on the Gateway side there is no 
reason you should not be able to reach any port on your RW.

The question is, does your service bind itself to your RW-IP.

What does netstat report for your apache?

netstat -tulpn | grep apache

Mostly you configure apache in /etc/apache2/ports.conf on which IPs it 
should listen or if it should listen on all IPs.

Some services don't bind to interfaces added after the service startet, 
so maybe you have to restart it after the VPN connection is up.


More information about the Users mailing list