Results 1 to 1 of 1
Hi. I'm trying to secure a virtual lab environment i have, but i'm having some problems. The environment consists of a couple of servers and clients behind a router/fw that's ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 04-29-2013 #1
- Join Date
- Apr 2013
iptables and vpn traffic
I'm trying to secure a virtual lab environment i have, but i'm having some problems. The environment consists of a couple of servers and clients behind a router/fw that's running ClearOS 6.3. I have also installed a PPTP VPN server on the ClearOS machine.
My plan was to configure the fw so that no traffic could get out or in to the environment unless it was over the VPN connection. As it is right now i can connect to the network without a problem with VPN, but from the network i can also get out. I have tried blocking connections with iptables, but only end up blocking all traffic.
My thought was to block all traffic going through the forward chain in the table filter. That will block all traffic through the router, but I’m struggling to find the commands to let VPN traffic through.
To block forward traffic I have used:
iptables -I FORWARD -j DROP
Any help on how to let VPN traffic through would be greatly appreciated.
Got the solution on another forum, for those interested here is the solution:
iptables -P FORWARD DROP
iptables -A FORWARD -p all -s 10.84.3.0/24 -i ppp0 -o eth0 -j ACCEPT
iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
Last edited by Neznix; 04-30-2013 at 09:45 AM. Reason: solved