Network settings in OpenVPN and firewall
by Jason.nix from LinuxQuestions.org on (#6HMV2)
Hello,
1- Is it possible to run all OpenVPN servers on one port? I currently have an OpenVPN server running with an IP address range of 20.20.0.0 on port 2024, now I want to run another server with a different IP address range on the same port as before.
2- Should every OpenVPN server have its own TUN? Can't run all servers on one TUN?
3- I found the following firewall rules on the internet:
Code:# IF_MAIN=NIC_Name
# IF_TUNNEL=tun0
# YOUR_OPENVPN_SUBNET=10.10.0.0/16
# iptables -I INPUT -p udp --dport 2024 -j ACCEPT
# iptables -A FORWARD -i $IF_MAIN -o $IF_TUNNEL -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A FORWARD -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j ACCEPT
# iptables -t nat -A POSTROUTING -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j MASQUERADEDo I have to repeat the above firewall rules for each server?
Thanks.
1- Is it possible to run all OpenVPN servers on one port? I currently have an OpenVPN server running with an IP address range of 20.20.0.0 on port 2024, now I want to run another server with a different IP address range on the same port as before.
2- Should every OpenVPN server have its own TUN? Can't run all servers on one TUN?
3- I found the following firewall rules on the internet:
Code:# IF_MAIN=NIC_Name
# IF_TUNNEL=tun0
# YOUR_OPENVPN_SUBNET=10.10.0.0/16
# iptables -I INPUT -p udp --dport 2024 -j ACCEPT
# iptables -A FORWARD -i $IF_MAIN -o $IF_TUNNEL -m state --state ESTABLISHED,RELATED -j ACCEPT
# iptables -A FORWARD -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j ACCEPT
# iptables -t nat -A POSTROUTING -s $YOUR_OPENVPN_SUBNET -o $IF_MAIN -j MASQUERADEDo I have to repeat the above firewall rules for each server?
Thanks.