VPN stops a webapp from being accessible

I am running a WebApp on port 8080. The server running this app also needs to have an outbound VPN connected at all times. I am using OpenVPN on Ubuntu 20.

Once the VPN is connected I can no longer access the webaapp, for example on https://servername.com:8080

I assume this is because of routing. The web server is responding to my browser via the VPN which makes my browser abort the connection because the response differs from the sending request.

Is there a way in the routing table or something that I can get around this? Somehow if a request is sent directly to my web server it will respond outside of the VPN and go back over the regular NIC?

Solution 1:

This is doable but not trivial to implement.

What you need to implement is "policy based routing" (source based routing) which typically entails setting up a second routing table and then using iptables to mark packets to go out the appropriate table.

Here is a link to do it with netplan - https://serverspace.io/support/help/multiple-network-interfaces-ubuntu-20-04/ which seems the new way to implement this.

Depending on "why a vpn and $$$" it may be easier to get a vpn that provides you a static IP and ensure your webapp binds to all interfaces. Of-course this does mean all traffic will come from "your" vpn IP and be traceable back to that lP.. which may or may not be a problem for your use case.