OpenVPN Routing & Firewall
Posted: Thu Jul 20, 2023 12:45 pm
Hello folks,
I have setup a new OpenVPN server on my Windows Server 2022 Standard machine (located in a data center). It is fully working.
On my Windows Server I have a port 7089 that I want to reach when I am connected to the VPN via my Open VPN client (Windows 11).
The windows firewall on the server there is a rule to allow the port via Public, Privat and Domain. When I not remove the Public rule, I can NOT reach the port when I am still connected to the VPN server.
Shouldn't this be successful?
My server config:
port 1194
proto udp
dev tun
dev-node "openvpn_dtr9999"
topology subnet
cipher AES-256-CBC
dh "C:\\DTR\\Install\\easy-rsa\\pki\\dh.pem"
ca "C:\\DTR\\Install\\easy-rsa\\pki\\ca.crt"
cert "C:\\DTR\\Install\\easy-rsa\\pki\\issued\\Server.crt"
key "C:\\DTR\\Install\\easy-rsa\\pki\\private\\Server.key"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist "C:\\Program Files\\OpenVPN\\ipp.txt"
client-to-client
client-config-dir "C:\\Program Files\\OpenVPN\\ccd"
keepalive 10 120
persist-key
persist-tun
status "C:\\Program Files\\OpenVPN\\log\\vpn_server_client_status.log"
log "C:\\Program Files\\OpenVPN\\log\\vpn_server_client.log"
log-append "C:\\Program Files\\OpenVPN\\log\\vpn_server_client.log"
verb 3
Client:
client
dev tun
proto udp
remote ********
resolv-retry infinite
nobind
persist-key
persist-tun
ca "ca.crt"
cert "Client01.crt"
key "Client01.key"
cipher AES-256-CBC
remote-cert-tls server
verb 3
I have setup a new OpenVPN server on my Windows Server 2022 Standard machine (located in a data center). It is fully working.
On my Windows Server I have a port 7089 that I want to reach when I am connected to the VPN via my Open VPN client (Windows 11).
The windows firewall on the server there is a rule to allow the port via Public, Privat and Domain. When I not remove the Public rule, I can NOT reach the port when I am still connected to the VPN server.
Shouldn't this be successful?
My server config:
Server
port 1194
proto udp
dev tun
dev-node "openvpn_dtr9999"
topology subnet
cipher AES-256-CBC
dh "C:\\DTR\\Install\\easy-rsa\\pki\\dh.pem"
ca "C:\\DTR\\Install\\easy-rsa\\pki\\ca.crt"
cert "C:\\DTR\\Install\\easy-rsa\\pki\\issued\\Server.crt"
key "C:\\DTR\\Install\\easy-rsa\\pki\\private\\Server.key"
server 10.8.0.0 255.255.255.0
ifconfig-pool-persist "C:\\Program Files\\OpenVPN\\ipp.txt"
client-to-client
client-config-dir "C:\\Program Files\\OpenVPN\\ccd"
keepalive 10 120
persist-key
persist-tun
status "C:\\Program Files\\OpenVPN\\log\\vpn_server_client_status.log"
log "C:\\Program Files\\OpenVPN\\log\\vpn_server_client.log"
log-append "C:\\Program Files\\OpenVPN\\log\\vpn_server_client.log"
verb 3
Client:
Client
client
dev tun
proto udp
remote ********
resolv-retry infinite
nobind
persist-key
persist-tun
ca "ca.crt"
cert "Client01.crt"
key "Client01.key"
cipher AES-256-CBC
remote-cert-tls server
verb 3