Re: firewall rules for OpenVPN

#51609
zutthich
Member

For the benefit of other users I answer my own question:

In the firewall section, add one rule to the INPUT chain ACCEPTing from the interface connected to the outside world any packet with TCP protocol and Destination Port 1194 (or whatever port number you’ve chosen for OpenVPN)

Add one rule to the OUTPUT chain ACCEPTing to let TCP packets go out of the interface connected to the outside world and Destination Port as per above.

Then one has to add the rule(s) for the VPN packets proper.
If the VPN is considered just like another internal LAN, then the equivalent rule(s) can be added provided one choose the VPN interface.

Induni