Find the answer to your Linux question:
Results 1 to 1 of 1
Hi. I'm trying to secure a virtual lab environment i have, but i'm having some problems. The environment consists of a couple of servers and clients behind a router/fw that's ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Apr 2013
    Posts
    1

    iptables and vpn traffic


    Hi.
    I'm trying to secure a virtual lab environment i have, but i'm having some problems. The environment consists of a couple of servers and clients behind a router/fw that's running ClearOS 6.3. I have also installed a PPTP VPN server on the ClearOS machine.

    My plan was to configure the fw so that no traffic could get out or in to the environment unless it was over the VPN connection. As it is right now i can connect to the network without a problem with VPN, but from the network i can also get out. I have tried blocking connections with iptables, but only end up blocking all traffic.

    My thought was to block all traffic going through the forward chain in the table filter. That will block all traffic through the router, but I’m struggling to find the commands to let VPN traffic through.
    To block forward traffic I have used:

    iptables -I FORWARD -j DROP

    Any help on how to let VPN traffic through would be greatly appreciated.

    Edit:
    Got the solution on another forum, for those interested here is the solution:

    iptables -P FORWARD DROP
    ...
    iptables -A FORWARD -p all -s 10.84.3.0/24 -i ppp0 -o eth0 -j ACCEPT
    iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
    ...
    Last edited by Neznix; 04-30-2013 at 08:45 AM. Reason: solved

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •