[CentOS] FirewallD issue

Fri Apr 22 02:55:00 UTC 2016
Chandran Manikandan <tech2mani at gmail.com>

Hi Marcin,
Please check your openvpn config file of Port number then check your
firewalld config on the same port allowed or not.

On Fri, Apr 22, 2016 at 6:28 AM, Marcin Trendota <moonwolf.rh at gmail.com>
wrote:

> On Thursday 21 of April 2016 2:37:49 PM Gordon Messmer wrote:
> > On 04/21/2016 01:33 PM, Marcin Trendota wrote:
> > > It's OpenVPN on chamber.
> > What port is it using?  I don't see the standard port listed in your
> > firewalld rules in either zone.
>
> 1194/udp. I added service openvpn and port 1194/udp (just to be sure) to
> both zones - no change.
>
> [root at chamber openvpn]# firewall-cmd --list-all
> home (default, active)
>   interfaces: enp3s0 tun0 vbr0 virbr0 vnet0 vnet1
>   sources:
>   services: dhcp dhcpv6-client dns http https imaps ipp-client mdns nfs
> openvpn samba samba-client vnc-server
>   ports: 143/tcp 26666/tcp 1194/udp
>   masquerade: no
>   forward-ports:
>   icmp-blocks:
>   rich rules:
>
> [root at chamber openvpn]# firewall-cmd --list-all --zone=external
> external (active)
>   interfaces: enp1s0
>   sources:
>   services: openvpn
>   ports: 26666/tcp 1194/udp
>   masquerade: yes
>   forward-ports:
>   icmp-blocks:
>   rich rules:
>
> > Also, you probably should specify tun+ instead of tun0, even if you
> > think there will only be one tunnel up at any given time.
>
> Specify where?
>
> Despite the fact than i can't scan their ports, i'm able to ping those
> hosts.
>
> Maybe it's not firewalld related? I can scan ports from chamber (home
> router). I'll try tcpdump maybe, to see what is going on with packets?
>
> --
> Over And Out
> MoonWolf
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



-- 
*Thanks,*
*Manikandan.C*
*System Administrator*