|
|
On 4/13/07, Willy Offermans <Willy@xxxxxxxxxxxxxxxxxxx> wrote: > Hello Manish, > > On Thu, Apr 12, 2007 at 01:11:57PM +0530, Manish Gajbhiye wrote: > > Hello, > > > > I an running OpenVPN 2.1 on my Centos 4.4.Linux Box and its working fine . With the help of Windows base openvpn client we are able to connect my OpenVPN Server . Now i have configured the Linix Firewall in Same OpenVPN Box and with the help of Windwows base openvpn client try to connect the OpenVPN Server . But due to Firewall we are unbale to login the openvpn server . We don't want to open the OpenVPN port in LInux Firewall . Is any way to bypass the Linix Firewall and connect to OpenVPN Windows Client to OpenVPN Server. > > > > Do you have any idea what the Linux Firewall is for? I think and hope > that there is no way to bypass the Linix Firewall, because that would > be a huge security hole. No, you have to incorporate the right rules to > allow the connection via the firewall, e.g. no bypass, but total control. > So there is no other way than to open the firewall on the specific > port, but if you do that in a controlled manner, you can still restrict > the traffic coming in (and going out). > > I hope this helps, I'm guessing that you want to filter the OpenVPN users traffic with the firewall. You would need to let UDP 1194 in through the external firewall interface. Since OpenVPN is running on the firewall you would then create firewall rules for the OpenVPN interface to manage that traffic. Otherwise you could put OpenVPN on another server placed in a DMZ and restrict traffic that way. HTH -- Leonard Isham, CISSP Ostendo non ostento. ______________________ OpenVPN mailing lists https://lists.sourceforge.net/lists/listinfo/openvpn-users |