I don't use tunnels file anymore since everything it does can be done with
rules or other files. I understand you're running the OpenVPN Server on the
same machine as Shorewall, in that case add the following to your rules
file and then try connecting:
OpenVPN/ACCEPT net $FW
Regards,
Hesham Ahmed
On Wed, Mar 25, 2015 at 8:09 PM Thomas Winkler <[email protected]>
wrote:
> Hello,
>
> I really like Shorewall ! Thanks for this piece of software !
> I am using Shorewall on an ARM single computer with two NICs running on
> Debian 7.8 which runs perfectly.
>
> I installed the OpenVPN server on that single computer board and trying
> to get OpenVPN server running together with Shorewall.
> Unfortunately, it doesn't work as expected.
>
> Once Shorewall is disabled, I can connect an OpenVPN client to my OpenVPN
> server without any problems. However, after turning Shorewall on, the
> openvpn client fails to connect or keeping its VPN connection with the
> OpenVPN server.
>
>
>
> I tested Shorewall and OpenVPN server on my local LAN.
>
> The ARM board has the IP address 192.168.70.19 and its Ethernet cable is
> plugged to eth0. Shorewall and OpenVPN server running on that board with
> the following Shorewall configuration :
>
>
>
> interfaces :
>
> net eth0 - dhcp,tcpflags,nosmurfs,routefilter,logmartians,
> sourceroute=0
> loc eth1 - tcpflags,nosmurfs,routefilter,logmartians
> vpn tun0
>
>
> zones :
>
> fw firewall
> net ipv4
> loc ipv4
> vpn ipv4
>
>
> policy:
>
>
> net fw REJECT warning
> fw all ACCEPT
> vpn all ACCEPT
> net vpn ACCEPT info
> net loc DROP crit
> loc all ACCEPT
>
>
> tunnels:
>
> #TYPE ZONE GATEWAY GATEWAY ZONE
> openvpnclient:1194 net 192.168.70.19
>
>
>
>
> I hope anyone can help me out. Thanks in advance !
>
>
> Regards,
>
> Thomas Winkler
>
> ------------------------------------------------------------
> ------------------
> Dive into the World of Parallel Programming The Go Parallel Website,
> sponsored
> by Intel and developed in partnership with Slashdot Media, is your hub for
> all
> things parallel software development, from weekly thought leadership blogs
> to
> news, videos, case studies, tutorials and more. Take a look and join the
> conversation now. http://goparallel.sourceforge.net/
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
------------------------------------------------------------------------------
Dive into the World of Parallel Programming The Go Parallel Website, sponsored
by Intel and developed in partnership with Slashdot Media, is your hub for all
things parallel software development, from weekly thought leadership blogs to
news, videos, case studies, tutorials and more. Take a look and join the
conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
