Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1132
  • Last Modified:

Iptables firewall settings for openvpn

I have configured openvpn in fc 6 with routed setup. Now i want to protect my vpn server using iptables firewall.  I have mentioned below my network configuration.

eth0- connected in internet with static ip
eth1- connected in local subnet
tun1- openvpn tunnel interface.

I need some sample iptables rules to protect vpn server from hackers.
0
rajasekarramasamy
Asked:
rajasekarramasamy
1 Solution
 
Gabriel OrozcoSolution ArchitectCommented:
you need to expose your vpn port to the internet, but after that, the tun interface is not available to anybody on the internet unless they are valid openvpn clients :-)

This said, you only need to assure you accept traffic from the tun interface:

# Needed for openvpn to work:
iptables -A INPUT -i eth0 -p udp --dport 1194 -j ACCEPT

# Access from the VPN to the LAN:
iptables -A FORWARD -i tun+ -o eth1 -j ACCEPT
# Access from the VPN to the firewall exposed apps:
iptables -A INPUT -i tun+ -j ACCEPT


that should be all
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Tackle projects and never again get stuck behind a technical roadblock.
Join Now