Access self-hosted sites via public address when on VPN

Simon Taylor simon at
Sat Dec 2 09:20:06 PST 2017

Hi - sorry to bother but I have a problem with my local network that
is proving to be rather annoying when trying to reach my self-hosted
website via it's public address.

I have ocserv 0.11.9 running on an internal Debian host (in tunnel all
traffic mode) and when a Windows 10 client logs on to the vpn, I can
get to internet sites no problem and even internal sites using their
local addresses are served without issue.

However when I try and access my public facing website that I host on
the same internal network (eg., I get 'Your
Internet access is blocked' in chrome and I cannot ping it without
getting 'general failure' messages.  If I ping it's internal ip
address it resolves fine.

The only rule in iptables on the vpn host is: iptables -t nat -A

strange thing is, when logging on to the VPN from my Android tablet,
it works fine. :(

Anyone any ideas?  I suspect it is a routing issue of sorts but it is
really annoying as I can't appear to diagnose the root cause.

Much appreciated.

More information about the openconnect-devel mailing list