Solved

Iptables firewall settings for openvpn

Posted on 2009-04-04
1
1,122 Views
Last Modified: 2013-12-16
I have configured openvpn in fc 6 with routed setup. Now i want to protect my vpn server using iptables firewall.  I have mentioned below my network configuration.

eth0- connected in internet with static ip
eth1- connected in local subnet
tun1- openvpn tunnel interface.

I need some sample iptables rules to protect vpn server from hackers.
0
Comment
Question by:rajasekarramasamy
1 Comment
 
LVL 19

Accepted Solution

by:
Gabriel Orozco earned 125 total points
ID: 24069844
you need to expose your vpn port to the internet, but after that, the tun interface is not available to anybody on the internet unless they are valid openvpn clients :-)

This said, you only need to assure you accept traffic from the tun interface:

# Needed for openvpn to work:
iptables -A INPUT -i eth0 -p udp --dport 1194 -j ACCEPT

# Access from the VPN to the LAN:
iptables -A FORWARD -i tun+ -o eth1 -j ACCEPT
# Access from the VPN to the firewall exposed apps:
iptables -A INPUT -i tun+ -j ACCEPT


that should be all
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Which is more secure: EAP or machine certificate for IKEv2 VPN? 1 135
LINUX backups with VEEAM 8 121
lunix and unix command 21 86
CentOS 7 Linux for HP DL380 G4 32Bits 7 47
I am a long time windows user and for me it is normal to have spaces in directory and file names. Changing to Linux I found myself frustrated when I moved my windows data over to my new Linux computer. The problem occurs when at the command line.…
Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question