networking – How to set up reverse connections through double hop OpenVPN for multiple clients?

I’m trying to organize a workflow for multiple clients to access remote laboritory behind a VPN. The VPN connection is allowed to be initiated from a single machine only, so I’ve set up an intermediate box which runs both OpenVPN server (tun0) and OpenVPN client (tun1):

  • OpenVPN client (tun1) connects to the internal lab (
  • OpenVPN server (tun0) creates a virtual network and serves for giving access to the internal lab for multiple clients tun1.

The traffic is routed from tun0 to tun1 with the following NAT rule:


Currently I’m looking for a solution to make reverse connections possible from machines in the internal lab to outer clients. Thanks!