• The APS Catalog has been deprecated and removed from all Plesk Obsidian versions.
    Applications already installed from the APS Catalog will continue working. However, Plesk will no longer provide support for APS applications.
  • Please be aware: with the Plesk Obsidian 18.0.78 release, the support for the ngx_pagespeed.so module will be deprecated and removed from the sw-nginx package.

OpenVPN and Firewall

S

Spok

Guest
Hi,

Plesk 8.4 is running fine with nearly as default settings as it was installed.
Additionally I installed OpenVPN and that machine, following the installation guide of OpenVPN (it's not the VPN Module,hwat i am talking about, just a fresh installation of OpenVPN), which is also doing fine. The Client can connect, the connection is established.
Therefore I needed to change the Firewalll settings so that Port 1194 is open to receive OpenVPN Packages. I made this setting in the firewall module.

So far so good, now, i would like to allow the OpenVPN client to access the internet through eth0. So i followed the instruction to make iptables settings as described in the OpenVPN FaQs. Unfortunately this doesn't work.
What I guess is, that the rerouting from tun0 to eth0 or the nat on eth0 is not working propperly...
Could somebody give me a hint or some suggestions how to solve this issue please?!

thanks
 
Hi,

I was using

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -i tun0 -j ACCEPT
iptables -A FORWARD -i tun0 -j ACCEPT
iptables -A INPUT -i tap+ -j ACCEPT
iptables -A FORWARD -i tap+ -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE


after that I tried, but not working, meaning not able to ping or connect to an internet IP with the client.
After that I tried adding a rule into Plesks Firewall Module, at the forwarding section, saying to allow forwarding connections from OpenVPN IP Range basically 10.10.1.0/24 to anywhere on every port.

Still the client was unable to do a ping to an outside IP.

Any idea?

thanks
 
I recently set up OpenVPN, I just checked the notes I took while I got it to work and I did most of the things you did, too, plus one more:

iptables -A INPUT -p udp --dport 1194 -j ACCEPT


Also if you are using APF on your server, you need to do a couple of other things to make it work.
 
You must log in or register to reply here.

Similar threads

Z
Issue Firewall stopped working after update to Plesk Obsidian v18.0.77 on Debian 11.11
Replies
12
Views
1K
Kaspar
K
3
Issue Can't load PHP curl
Replies
9
Views
7K
32bits
3
L
Resolved Unable to start Web Application Firewall (ModSecurity) – “Failed to download tortix rule set”
Replies
6
Views
3K
jvaron
J
J
Question Plesk Firewall is blocking requests even with configured rules
Replies
2
Views
4K
Johnny9977
J
F
Question IPv4 forwarding rule
Replies
8
Views
4K
alvarezcruz
alvarezcruz
Back
Top