Find the answer to your Linux question:
Results 1 to 2 of 2
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    iptables and vpnc

    I'm running VPNC on my wrt54g with DD-WRT vpn firmware. I'm using this script.

    When I telnet in and start VPNC everything runs smooth. I'm not having trouble connecting.

    Now on the page where the script is, it recommends that i add these rules to iptables:

     iptables -A FORWARD -o tun0 -j ACCEPT
     iptables -A FORWARD -i tun0 -j ACCEPT
     iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE
    Now I can access the vpn from every client on my network! That's great but I don't want every client on my internal network broadcasting over the VPN. I want to restrict access the VPN to only two ips.

    I'm am a newb when it comes to iptables. I've been reading docs on it all day, and I still can't figure out the necessary rules to accomplish my aim.

    If any one can shed some light on this, i'd appreciate it

  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    The Keystone State
    You want to use the source and destination for this.
    For example lets say is one of the ip address you want to access the VPN;

    iptables -A FORWARD -o tun0 -s -j ACCEPT
    iptables -A FORWARD -i tun0 -d -j ACCEPT
    This says to forward out tun0 if the packet is from
    And forward in if the packet is going to

    There are many ways you can write your rules. Take a look at this TUTORIAL that explains all the iptables switches.


    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts