Including ICMP in access restrictions

Business solution to host your own OpenVPN server with web management interface and bundled clients.
Post Reply
chort1
OpenVPN User
Posts: 27
Joined: Tue Mar 01, 2022 12:24 pm

Including ICMP in access restrictions

Post by chort1 » Mon Nov 14, 2022 1:11 pm

When creating custom access rules, one can limit traffic to certain ports/services, like:

Code: Select all

"access_to.0": "+ROUTE:10.0.0.0/24:https,tcp80"
But it seems that putting any port restrictions on an access rule automatically blocks ICMP. Is there any way to explicitly allow ICMP?
(I tried adding icmp to the list of port/services)

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1333
Joined: Tue Feb 16, 2021 10:41 am

Re: Including ICMP in access restrictions

Post by openvpn_inc » Mon Nov 14, 2022 1:50 pm

Hello chort1,

I believe the name to use is icmp-echo-request (taken from the tooltip that shows up in allow access to section in group permissions).

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

chort1
OpenVPN User
Posts: 27
Joined: Tue Mar 01, 2022 12:24 pm

Re: Including ICMP in access restrictions

Post by chort1 » Mon Nov 14, 2022 2:00 pm

Oh, nice! I did not notice that tooltip. (Almost never use the GUI). I'll try it out.

By the way, is there any documentation that shows the supported ports/protocols/services?

chort1
OpenVPN User
Posts: 27
Joined: Tue Mar 01, 2022 12:24 pm

Re: Including ICMP in access restrictions

Post by chort1 » Mon Nov 28, 2022 2:14 pm

As a follow-up to this, is there any way to specify a range of ports in the access_to rules? Like tcp/5000-5100, or something similar?

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1333
Joined: Tue Feb 16, 2021 10:41 am

Re: Including ICMP in access restrictions

Post by openvpn_inc » Mon Nov 28, 2022 2:30 pm

Hello,

Yeah what you mentioned should work. Works here when I just tried it.

Kind regards,
Johan
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

Post Reply