Configuration question for accessing port-forwarding resources.

[josh.l...@gmail.com]

I have a Synology Diskstation set up with an OpenVPN server at my custom URL (let's say it's myurl.com).  I can connect to this server using Tunnelblick and access all the local resources on my home LAN (using their 192.168.x.x addresses), no problem.

I have several applications set up to use internet-accessible WebDAV resources that point to that custom url (e.g., OmniFocus uses a WebDAV pointing to myurl.com at an appropriately-forwarded port number), which don't work when Tunnelblick is connected (the client configuration points to myurl.com, and uses TCP over port 443, due to port blocking on my work internet connection).

When Tunnelblick is not connected, and I'm not using my work internet connection, those WebDAV resources work properly.  

When Tunnelblick is connected, however (whether from work or anywhere else), those WebDAV resources are not found.

Is there a configuration change I can make to either the client or the server that will address this problem?  I want, when connected to the OpenVPN server at myurl.com, to be able to access WebDAV resources at myurl.com:12345, where port 12345 is forwarded by my router to the internal device (192.168.1.101).  I can connect to those resources while Tunnelblick is active by using the 192.168.1.101:12345 address, but not the myurl.com:12345 address.

Thank you!

[jkbull...gmail.com]

This is really an OpenVPN configuration question – Tunnelblick is "just" an interface to OpenVPN. You might want to try the resources on Tunnelblick's Support page.

I'm not a routing expert, but I think what is happening is as follows: the WebDAv port forwarding on the Synology is being ignored because packets for WebDAV come into port 1194 (or whatever) for OpenVPN, not on the WebDAV port. It *might* be possible to have Synology box do the port forwarding after the OpenVPN packets are dealt with, but that's a Synology question.

One thing you could try – when you are connected to the VPN – is accessing the WebDAV resources using the local LAN IP address of the resource, instead of myurl.com. That way it will be sent to the proper device on the LAN. In other words, send the requests to 192.168.x.y:1234 or something like that, instead of myurl.com:1234.