Page 1 of 1

apf cannot ping other computers on openvpn

Posted: Fri Nov 25, 2011 7:30 pm
by waeking
I have created on openvpn. The only problem is that when apf is running I cannot ping any the 10.8.0.0/24 or the 192.168.0.0/24 network from either end. I can reach the outside world through the vpn from all computers on the network.

Code: Select all

VNET00=(external ip)
VPNNET="10.8.0.0/24"
$IPT -t nat --flush
$IPT -t nat -A POSTROUTING -s $VPNNET -o venet0 -j SNAT --to-source $VNET00
When apf is stopped I can access the computers on both 10.8.0.0/24 and 192.168.0.0/24. So I am assuming that the openvpn conf is correct. and that the iptables need to be corrected. I also read that the tun0 may be an untrusted device for apf. but I do not know how to check or add this device.

Please help

Re: apf cannot ping other computers on openvpn

Posted: Mon Nov 28, 2011 1:45 pm
by Mimiko
Show all other rules.
Tun-device is like an ordinary eth0 device. The rules are made on personal needs.

Re: apf cannot ping other computers on openvpn

Posted: Mon Nov 28, 2011 5:38 pm
by waeking
I have figured out that if I add tun0 to the trusted IFACE in the configuration file that all is good. I would like to change this so that I can regulate the traffic on tun0 just like it could on venet0. Is there a way to do this? because of apf running the iptables there are so many to show.....