You can config the ovpn client, such as:
- vpn server side static ip is: 192.168.18.116
- in vpn client side, check the route table, as:
route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default * 128.0.0.0 U 0 0 0 tun0
…
192.168.18.116 192.168.18.1 255.255.255.255 UGH 0 0 0 eth0.2
…
find, the pkg destation address is the vpn server static ip, will through the eth0.2(WAN interface), not through the vpn interface. if not find this route rule, you can add it as:
ip route add 192.168.18.116 via 192.168.18.1 dev eth0.2**
- set the iptable, allow lan forward to wan:
iptables -I FORWARD -i br-lan -o eth0.2 -j ACCEPT
or you can forward all:
iptables -I FORWARD -j ACCEPT
Now, in the lan ip, visit the ovpn server side wan ip, Not through the vpn interface.
so, the ovpn server side’s other web server, can b visited through the server static ip.