Question about VPN

I have a urbackup server that is inside an intranet. I have several clients in remote locations, that I plan backing up using the “internet” capability of urbackup.

To access the urbackup server, I installed a openVPN server in the same urbackup location and this server gets an external IP address.

To perform a test, I connected one of the remote clients (using openvpn client) to the urbackup server using the “internet” capabilities of urbackup. When looking at urbackup’s web interface I found that the IP address of this client is recognized as the internal IP of the openVPN server.

As many clients will be connected to the urbackup server using openvpn, all this clients will appear as having the same IP address (the internal address of the openVPN server).

My question is: Will this (different clients apearing to have the same IP) cause any issue for urbackup?


Do you want to use the internet option, the VPN is a tunnel?

I found this in the manual.

Client discovery in local area networks

UrBackup clients should be discovered automatically given that server and client reside in the same sub-network. The client discovery works as follows:
The UrBackup server broadcasts a UDP message every 50 seconds on all adapters into the local subnet of this adapter. (On Linux you can configure which network adapters UrBackup should broadcast on.) On receiving such a broadcast message the client answers back with its fully qualified domain name. Thus it may take up to 50 seconds until a client is recognized as online.
If the client you want to backup is not in the same subnet as the server and broadcast packages therefore do not reach the client you can add its IP or host name manually by clicking “add new client” on the status page and then selecting “Discover new client via IP/hostname hint”. The server will then additionally send an UDP message directly to that entered IP or resolved host name allowing switches to forward the message across subnet boundaries. Be aware though that all connections are from server to client. If you have NAT between server and client, you should use “Internet clients" (see section 7). Using “Internet clients” all connections are from client to server.

Good question.

It should differentiate via hostname, if you prepopulate the host names in the server configuration. (I haven’t tested this in your config.)

I’m doing site-to-site IPSec VPN tunnels for my over the WAN backups…

I’m not sure what you mean if the VPN is a tunnel, because as far as I understand all VPN’s are tunnels. So let me try to explain my config:

I have a VPN server located in the same place (but different computer) as the URBackup server.
I have several clients connecting to the VPN, so they have access to the URBackup subnet. URBackup server can not see the clients subnet (It would be possible, changing some routing rules, but I don’t want to do so). Because of this, yes, I’m using the internet option.

Regarding my question, I don’t have an explanation, but it seems that even the clients appear to the server as having the same IP, the backups are working.

are the tunnels in your setup bidirectional? I mean can the server ping the clients and can the clients ping the server in your configuration? In my current configuration, the clients can ping the server, but not the other way around so I had to use internet option.

Sorry, that was a missed type. I meant to type “tunnel with a vpn”, as a possible solution.

@richi are you planning to use that tunnel for something else as well or is it set up for UrBackup exclusively?

@Michal I’m using the tunnel to access an internal web server also.