• We value your experience with Plesk during 2025
    Plesk strives to perform even better in 2026. To help us improve further, please answer a few questions about your experience with Plesk Obsidian 2025.
    Please take this short survey:
    https://survey.webpros.com/

OpenVPN and Firewall

S

Spok

Guest
Hi,

Plesk 8.4 is running fine with nearly as default settings as it was installed.
Additionally I installed OpenVPN and that machine, following the installation guide of OpenVPN (it's not the VPN Module,hwat i am talking about, just a fresh installation of OpenVPN), which is also doing fine. The Client can connect, the connection is established.
Therefore I needed to change the Firewalll settings so that Port 1194 is open to receive OpenVPN Packages. I made this setting in the firewall module.

So far so good, now, i would like to allow the OpenVPN client to access the internet through eth0. So i followed the instruction to make iptables settings as described in the OpenVPN FaQs. Unfortunately this doesn't work.
What I guess is, that the rerouting from tun0 to eth0 or the nat on eth0 is not working propperly...
Could somebody give me a hint or some suggestions how to solve this issue please?!

thanks
 
Hi,

I was using

echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -A INPUT -i tun0 -j ACCEPT
iptables -A FORWARD -i tun0 -j ACCEPT
iptables -A INPUT -i tap+ -j ACCEPT
iptables -A FORWARD -i tap+ -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE


after that I tried, but not working, meaning not able to ping or connect to an internet IP with the client.
After that I tried adding a rule into Plesks Firewall Module, at the forwarding section, saying to allow forwarding connections from OpenVPN IP Range basically 10.10.1.0/24 to anywhere on every port.

Still the client was unable to do a ping to an outside IP.

Any idea?

thanks
 
I recently set up OpenVPN, I just checked the notes I took while I got it to work and I did most of the things you did, too, plus one more:

iptables -A INPUT -p udp --dport 1194 -j ACCEPT


Also if you are using APF on your server, you need to do a couple of other things to make it work.
 
You must log in or register to reply here.

Similar threads

3
Issue Can't load PHP curl
Replies
9
Views
4K
32bits
3
L
Resolved Unable to start Web Application Firewall (ModSecurity) – “Failed to download tortix rule set”
Replies
6
Views
2K
jvaron
J
J
Question Plesk Firewall is blocking requests even with configured rules
Replies
2
Views
3K
Johnny9977
J
F
Question IPv4 forwarding rule
Replies
8
Views
2K
alvarezcruz
alvarezcruz
J
Question Enable DNS Caching with Plesk Firewall extension in use
Replies
1
Views
2K
Kaspar
K
Back
Top