Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-user

From: Michael Orlitzky <mjo@g.o>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Routing issue with OpenVPN and internal DNS
Date: Mon, 03 Dec 2018 14:50:02
Message-Id: de6ad0d7-2aa7-2d56-5e99-17d2397dc204@gentoo.org
In Reply to: [gentoo-user] Routing issue with OpenVPN and internal DNS by Andrew Udvare
1 On 12/3/18 5:55 AM, Andrew Udvare wrote:
2 >
3 > iptables on server:
4 > -A FORWARD -s 10.100.0.0/24 -i tun0 -o enp1s0f0 -m conntrack --ctstate NEW -j ACCEPT
5 >
6
7 Is that only forwarding packets for new (i.e. not existing) connections?
8
9 Ours looks like,
10
11 iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
12 iptables -A FORWARD -s $INSIDE_NET -j ACCEPT
13 iptables -A FORWARD -i $VPN_INTERFACE -j ACCEPT
14
15 (and you need to enable the net.ipv4.ip_forward sysctl)

Replies

Subject Author
Re: [gentoo-user] Routing issue with OpenVPN and internal DNS Andrew Udvare <audvare@×××××.com>
Report Message
Find on MARC Find on Google Groups