• The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

OpenVPN and Firewall

S

Spok

Guest
Hi,

Plesk 8.4 is running fine with nearly as default settings as it was installed.
Additionally I installed OpenVPN and that machine, following the installation guide of OpenVPN (it's not the VPN Module,hwat i am talking about, just a fresh installation of OpenVPN), which is also doing fine. The Client can connect, the connection is established.
Therefore I needed to change the Firewalll settings so that Port 1194 is open to receive OpenVPN Packages. I made this setting in the firewall module.

So far so good, now, i would like to allow the OpenVPN client to access the internet through eth0. So i followed the instruction to make iptables settings as described in the OpenVPN FaQs. Unfortunately this doesn't work.
What I guess is, that the rerouting from tun0 to eth0 or the nat on eth0 is not working propperly...
Could somebody give me a hint or some suggestions how to solve this issue please?!

thanks
 
Hi,

I was using

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -i tun0 -j ACCEPT
iptables -A FORWARD -i tun0 -j ACCEPT
iptables -A INPUT -i tap+ -j ACCEPT
iptables -A FORWARD -i tap+ -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE


after that I tried, but not working, meaning not able to ping or connect to an internet IP with the client.
After that I tried adding a rule into Plesks Firewall Module, at the forwarding section, saying to allow forwarding connections from OpenVPN IP Range basically 10.10.1.0/24 to anywhere on every port.

Still the client was unable to do a ping to an outside IP.

Any idea?

thanks
 
I recently set up OpenVPN, I just checked the notes I took while I got it to work and I did most of the things you did, too, plus one more:

iptables -A INPUT -p udp --dport 1194 -j ACCEPT


Also if you are using APF on your server, you need to do a couple of other things to make it work.
 
You must log in or register to reply here.

Similar threads

J
Question Plesk Firewall is blocking requests even with configured rules
Replies
2
Views
1K
Johnny9977
J
F
Question IPv4 forwarding rule
Replies
8
Views
478
alvarezcruz
alvarezcruz
J
Question Enable DNS Caching with Plesk Firewall extension in use
Replies
1
Views
620
Kaspar
K
A
Resolved Plesk Firewall and Samba
2
Replies
22
Views
3K
Raul A.
R
M
Issue Upgrade Debian 11.9 to 12 fails
Replies
0
Views
729
MartinT
M
Back
Top