Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Two nics, two ISP's, one for internet, one for SSL server

    This linux box is not a router, and with its two nics it serves as a OpenVPN server (on eth0) and an SSL server (on eth1).

    eth0: connected via internet modem

    eth1:, public address should serve an ssl server (no other traffic).

    When enabling both nics, I get two default gateways, and the default gateway of ( gets precedence. This is bad, because then the OpenVPN server on eth0 is no longer accessible from the internet. That is why I have disabled eth1 for the moment.

    So I want to have only traffic on port 443 to go through eth1. I have read the howto's on Linux Advanced Routing & Traffic Control HOWTO and LiNUX Horizon - Linux Advanced Routing mini HOWTO but none of the examples fits. I get all kinds of problems trying the solutions.

    I have installed iptables2, and tried some ip route commands but it does not work. Still, it should be pretty simple! The only thing I want is SSL (port 443) traffic to go through eth1 and the rest through eth0. Any ideas?

  2. #2
    This is a difficult one because you can only get Linux to make routing choices based on the IP portion not the TCP/UDP port.

    I'm reaching wildly with this suggestion but you could try to multinet your SSL interface (eth1) and then use NAT and port forwarding between the 2 IP's to restrict the traffic to just the single port. Creating a blackhole for SSL which only has one way out.
    This may also involve getting the NAT to 'source route' the IP. Not a big problem because this will only be done internally. Though some applicatons may not allow this...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts