How to configure external firewall to allow OpenVPN tunnel?
Posted: Wed Dec 05, 2012 9:45 pm
So I have my local computer successfully connecting to a remote OpenVPN server. I'm using OpenVPN to route all my traffic through the tunnel out the other side.
I am now adding a dd-wrt router to act as a firewall to ensure than ONLY traffic destined for my VPN-server IP is passed through. My current approach to this is to add these two rules to the router's firewall:
If I add these rules AFTER the OpenVPN connection is already established, then everything works as expected.
However, if I add these rules BEFORE the OpenVPN is established, then OpenVPN is unable to connect, so clearly I need to add/allow something else through the firewall, but I can't fathom what it is. Any tips?
I am now adding a dd-wrt router to act as a firewall to ensure than ONLY traffic destined for my VPN-server IP is passed through. My current approach to this is to add these two rules to the router's firewall:
Code: Select all
# Drop all traffic going out the WAN port
iptables -I FORWARD -o vlan1 -j DROP
# Only allow traffic to the VPN (x.x.x.x = remote server IP)
iptables -I FORWARD -o vlan1 -d x.x.x.x -j ACCEPTHowever, if I add these rules BEFORE the OpenVPN is established, then OpenVPN is unable to connect, so clearly I need to add/allow something else through the firewall, but I can't fathom what it is. Any tips?