I have two VPSs and I'm trying to make a two-step VPN connection as follows:
[start] >> Client <-> OpenVPN on Server A <-> Proxy (ex: SQUID) on Server B <-> Internet
So far:
I set up the OpenVPN server correctly on an interface named
tun0and there is no trouble in connection between the Client and the Server A.I configured a
squidtransparent proxy server which can handleSSLwithssl-bumpusing a self-signed certificate on ther Server B.On the Server A I created some different
NATprerouting routing policies withiptablesto route tcp/udp incoming packets destinated totun0to the Server B each for http and https.
Trouble:
I checked iptables -t nat -L -v results. Obviously, the outgoing packets are going through PREROUTING rule to the desired IP address (Server B), But it seems there will be no response from the Server A back to the Server B. I also inserted the rule -A POSTROUTING -s <Server A's IP> -o tun0 -j MASQUERADE before the OpenVPN masquerading rule in the NAT table. Still no success.
