Solved

Iptables firewall settings for openvpn

Posted on 2009-04-04
1
1,126 Views
Last Modified: 2013-12-16
I have configured openvpn in fc 6 with routed setup. Now i want to protect my vpn server using iptables firewall.  I have mentioned below my network configuration.

eth0- connected in internet with static ip
eth1- connected in local subnet
tun1- openvpn tunnel interface.

I need some sample iptables rules to protect vpn server from hackers.
0
Comment
Question by:rajasekarramasamy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 19

Accepted Solution

by:
Gabriel Orozco earned 125 total points
ID: 24069844
you need to expose your vpn port to the internet, but after that, the tun interface is not available to anybody on the internet unless they are valid openvpn clients :-)

This said, you only need to assure you accept traffic from the tun interface:

# Needed for openvpn to work:
iptables -A INPUT -i eth0 -p udp --dport 1194 -j ACCEPT

# Access from the VPN to the LAN:
iptables -A FORWARD -i tun+ -o eth1 -j ACCEPT
# Access from the VPN to the firewall exposed apps:
iptables -A INPUT -i tun+ -j ACCEPT


that should be all
0

Featured Post

WordPress Tutorial 1: Installation & Setup

WordPress is a very popular option for running your web site and can be used to get your content online quickly for the world to see. This guide will walk you through installing the WordPress server software and the initial setup process.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question