I have an openSUSE Linux OpenVPN server/client (server to some clients and also client to another server) all setup and working for some time. I recently wanted to add the ability of other computers on the LAN of the openSUSE box to be able to acces the remote OpenVPN server.
I have set up the ccd folder at the remote server, and added the route to the local gateway. If I turn off the openSUSE firewall everything works as expected.
But I cannot get the openSUSE firewall when on to allow the forwarding traffic. The Firewall log is:
Nov 11 11:47:29 harmony-server kernel: [280338.281117] SFW2-FWDint-DROP-DEFLT IN=eth1 OUT=tun3 SRC=192.168.51.1 DST=192.168.52.2 LEN=32 TOS=0x00 PREC=0x00 TTL=254 ID=21768 PROTO=ICMP TYPE=8 CODE=0 ID=24923 SEQ=0
tun3 is the OpenVPN network 10.8.52.0/24. This log was generated by an attempt to ping the computer 192.168.52.2 (which is the remote OpenVPN server - VPN IP is 10.8.52.1).
If instead I add a route on the local router to pass all 10.8.52.0/24 traffic to the Linux box and ping 10.8.52.1 then the firewall lets it through.
openSUSE Firewall issue
Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech
Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
- krzee
- Forum Team
- Posts: 728
- Joined: Fri Aug 29, 2008 5:42 pm
Re: openSUSE Firewall issue
the lan is behind the server or client?djm wrote:I recently wanted to add the ability of other computers on the LAN of the openSUSE box to be able to acces the remote OpenVPN server.
ok... so you found that the firewall is your issue...I have set up the ccd folder at the remote server, and added the route to the local gateway. If I turn off the openSUSE firewall everything works as expected.
ok... and you may have found a workaround (not sure since your above nouns are rather vague)If instead I add a route on the local router to pass all 10.8.52.0/24 traffic to the Linux box and ping 10.8.52.1 then the firewall lets it through.
is there a question regarding openvpn hidden in here?
sounds like you need support from people who support your firewall