Routing from VPN to local web application

b.kasymov_wegotrip · October 25, 2023, 4:38pm

Hello,

I’ve recently set up PritunlVPN and a staging web application on the same server. To enhance security, I want to restrict access to the web application based on IP addresses.

Previously, the web application was safeguarded using Nginx’s basic authentication. Now, I aim to limit access using IP restrictions. I’ve configured Nginx to allow access only from the VPN server’s IP address, but the web application still detects my original IP rather than the VPN server’s IP.

Essentially, I’d like to ensure that I can access the web application only through the VPN, given that both the VPN and the web application are on the same server.

Could you guide me on how to configure this properly?

Thank you in advance for your assistance.

zach · October 27, 2023, 10:54am

The IP address of the web application will need to be added to the VPN server routes or the 0.0.0.0/0 to route all public internet traffic.

b.kasymov_wegotrip · October 27, 2023, 2:10pm

0.0.0.0/0 has already added for route all public internet traffic.
I’ve added IP address of application, it does not work too.

zach · October 27, 2023, 7:20pm

If the server has an enterprise subscription verify the route has NAT enabled, if there is no subscription NAT will be enabled by default. Run tracepath with the web application IP address to verify the traffic is going through the VPN server.