Iptables firewall settings for openvpn

I have configured openvpn in fc 6 with routed setup. Now i want to protect my vpn server using iptables firewall.  I have mentioned below my network configuration.

eth0- connected in internet with static ip
eth1- connected in local subnet
tun1- openvpn tunnel interface.

I need some sample iptables rules to protect vpn server from hackers.
rajasekarramasamyAsked:
Who is Participating?
 
Gabriel OrozcoConnect With a Mentor Solution ArchitectCommented:
you need to expose your vpn port to the internet, but after that, the tun interface is not available to anybody on the internet unless they are valid openvpn clients :-)

This said, you only need to assure you accept traffic from the tun interface:

# Needed for openvpn to work:
iptables -A INPUT -i eth0 -p udp --dport 1194 -j ACCEPT

# Access from the VPN to the LAN:
iptables -A FORWARD -i tun+ -o eth1 -j ACCEPT
# Access from the VPN to the firewall exposed apps:
iptables -A INPUT -i tun+ -j ACCEPT


that should be all
0
All Courses

From novice to tech pro — start learning today.