OpenVPN3 Cloud Connector on Centos8

Ask questions about your Access Server configuration here.
Post Reply
williamk7
OpenVpn Newbie
Posts: 1
Joined: Wed Jul 08, 2020 11:06 pm

OpenVPN3 Cloud Connector on Centos8

Post by williamk7 » Wed Jul 08, 2020 11:17 pm

Hi, have openvpn3 client cloud connector on centos 8. With firewalld turned off everything connects and routes fine. With firewalld turned on, client still connects and I can ping cloud gateway, but cannot reach any devices on remote networks. firewalld log show traffic being blocked as such:

"[335548.930116] FINAL_REJECT: IN=enp3s0 OUT=tun0 SRC=192.168.113.5 DST=172.16.200.11 LEN=60 TOS=0x00 PREC=0x00 TTL=62 ID=48188 DF PROTO=TCP SPT=53044 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0

So I added Rich rule to allow traffic between 192.168.113.5 and 172.16.200.11:

firewall-cmd --permanent --zone=public --add-rich-rule='rule family=ipv4 source address=192.168.113.5/32 destination address=172.16.200.11/32 port port=80 protocol=tcp accept'

But still being blocked. My firewalld status looks like this:
#firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: enp3s0 tun0
sources:
services: cockpit dhcpv6-client ssh openvpn
ports:
protocols:
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="192.168.113.5/32" destination address="172.16.200.11/32" port port="80" protocol="tcp" accept

Any ideas on what I might be doing wrong? I would like to be able to use firewall rules to restrict traffic allowed to cross the vpn.

Post Reply