[CentOS] OpenVPN server and firewalld
Wojciech Łysiak
wojciech at vseits.pl
Fri Dec 29 11:59:25 UTC 2017
W dniu 29.12.2017 o 10:32, Kenneth Porter pisze:
> How do I insert the iptables rule below using firewalld?
>
> I'm moving up from CentOS 6 to 7 on an office gateway and I'm trying
> to get OpenVPN working to allow home workers to access PCs at the
> office. I've got it all working but only by manually inserting an
> ACCEPT rule in the FORWARD iptables chain:
>
> iptables -I FORWARD 3 -i tun+ -j ACCEPT
>
> This rule was extracted from my iptables firewall under CentOS6. The 3
> puts it after the accepts for established connections and loopback
> connections, but before any firewalld sub-chains. With this I can
> connect to an internal Windows 10 system with Remote Desktop.
>
> How can I inject this rule using firewalld, either as a direct rule or
> as some more firewalld-approved kind of rule?
Hi,
firstly check which zone are your interface in :
bash> firewall-cmd --get-active-zones
then all you have to do is add a service to the firewall
firewall-cmd --zone=<INSERT YOUR ZONE> --add-service=openvpn --permanent
assuming that your Openvpn is running on standard port 1194/tcp|udp,
If not then modify firewall-cmd rule and add your port/proto
e.g.
firewall-cmd --zone=<INSERT YOUR ZONE> --add-port=11193/tcp
I hope this will help you,
--
Pozdrawiam / Best regards
Wojciech Łysiak
More information about the CentOS
mailing list