Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

OpenVPN + CSF
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

OpenVPN + CSF

nikcnikc Member
in Help

Hola

Does anyone have any experience with running OpenVPN behind CSF ?

I have a working OpenVPN (when I add a NAT rule manually), but when I stick CSF in front of it (with UDP 1194 open), I can connect but can't route beyond the gateway.

Just trying to figure out if I am missing something above and beyond making sure the NAT rule is in and the port is open.

Cheers

Comments

  • budi1413budi1413 Member

    You need add some iptables rules in csfpre.sh

    I'm on mobile now. I will share the rules later.

    Thanked by 1nikc
  • budi1413budi1413 Member
    edited December 2013

    nano /etc/csf/csfpre.sh

    iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 192.168.1.0/29 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 192.168.1.0/29 -o eth0 -j MASQUERADE // for kvm or xen
iptables -t nat -A POSTROUTING -s 192.168.1.0/29 -j SNAT --to xxx.xxx.xxx.xxx (server ip) // for openvz

    csf -r

    ps: In the last 2 line, just use the one depending on your vps virtualization.

    Thanked by 3nikc myshahrul AlwaysSkint
  • nikcnikc Member

    Perfect, thanks @budil413 :)

  • budi1413budi1413 Member

    @nikc said:
    Perfect, thanks budil413 :)

    No problem. :)

Sign In or Register to comment.