Thanks for the fast reply ! I tested both solutions but neither are working :
tunnels: #TYPE ZONE GATEWAY GATEWAY ZONE openvpnserver:1194 net 192.168.70.19 And then Ahmed's solution : deleting the tunnels file and adding the only rule : rules : OpenVPN/ACCEPT net $FW Still, I cannot connect the vpn client to the OpenVPN server when activating Shorewall. Regards, Thomas Gesendet: Mittwoch, 25. März 2015 um 19:24 Uhr Von: "Hesham Ahmed" <[email protected]> An: "Shorewall Users" <[email protected]> Betreff: Re: [Shorewall-users] OpenVPN server with Shorewall not working I don't use tunnels file anymore since everything it does can be done with rules or other files. I understand you're running the OpenVPN Server on the same machine as Shorewall, in that case add the following to your rules file and then try connecting: OpenVPN/ACCEPT net $FW Regards, Hesham Ahmed Gesendet: Mittwoch, 25. März 2015 um 18:56 Uhr Von: "matt darfeuille" <[email protected]> An: "Shorewall Users" <[email protected]> Betreff: Re: [Shorewall-users] OpenVPN server with Shorewall not working If shorewall is on the same box as the openvpn server you need at least to change "openvpnclient" to "openvpnserver". Depending on your shorewall version the rules file is more straightforward! -Matt On Wed, Mar 25, 2015 at 8:09 PM Thomas Winkler <[email protected]> wrote:Hello, I really like Shorewall ! Thanks for this piece of software ! I am using Shorewall on an ARM single computer with two NICs running on Debian 7.8 which runs perfectly. I installed the OpenVPN server on that single computer board and trying to get OpenVPN server running together with Shorewall. Unfortunately, it doesn't work as expected. Once Shorewall is disabled, I can connect an OpenVPN client to my OpenVPN server without any problems. However, after turning Shorewall on, the openvpn client fails to connect or keeping its VPN connection with the OpenVPN server. I tested Shorewall and OpenVPN server on my local LAN. The ARM board has the IP address 192.168.70.19 and its Ethernet cable is plugged to eth0. Shorewall and OpenVPN server running on that board with the following Shorewall configuration : interfaces : net eth0 - dhcp,tcpflags,nosmurfs,routefilter,logmartians,sourceroute=0 loc eth1 - tcpflags,nosmurfs,routefilter,logmartians vpn tun0 zones : fw firewall net ipv4 loc ipv4 vpn ipv4 policy: net fw REJECT warning fw all ACCEPT vpn all ACCEPT net vpn ACCEPT info net loc DROP crit loc all ACCEPT tunnels: #TYPE ZONE GATEWAY GATEWAY ZONE openvpnclient:1194 net 192.168.70.19 I hope anyone can help me out. Thanks in advance ! Regards, Thomas Winkler ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/[http://goparallel.sourceforge.net/] _______________________________________________ Shorewall-users mailing list [email protected][[email protected]] https://lists.sourceforge.net/lists/listinfo/shorewall-users------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/_______________________________________________[http://goparallel.sourceforge.net/_______________________________________________] Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users[https://lists.sourceforge.net/lists/listinfo/shorewall-users] ------------------------------------------------------------------------------ Dive into the World of Parallel Programming The Go Parallel Website, sponsored by Intel and developed in partnership with Slashdot Media, is your hub for all things parallel software development, from weekly thought leadership blogs to news, videos, case studies, tutorials and more. Take a look and join the conversation now. http://goparallel.sourceforge.net/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
