Hello.
I think the title captures my question.
This works "out of the box" on AWS.
But, when I setup an openvpn instance behind a UDP Network Load Balancer on GCP, I can't get my client to connect -
Thanks for any pointers.
Best answer by cba
Note that the question was incomplete: “OpenVPN server” can mean the proprietary Access Server software or the open source community version, and being specific does matter, because the answers differ.
That said, community version openvpn(8) should have no problem at all behind a GCP NLB. It is a single-threaded application, VPN only, not doing all the extra stuff that Access Server does.
Access Server, on the other hand, can only work with a single-core VM node behind the NLB. If using multiple CPU cores, Access Server distributes the client load using iptables DNAT rules. Apparently GCP queries the OS to determine what ports are bound, and in the multi-CPU case, Access Server does not bind the ports. But we do not know the details of how the GCP NLB decides what packets to forward.