[Firewall] Arno with an OpenVPN static link

Intense Red intnsred at golgotha.net
Sat Jun 22 20:55:16 CEST 2013


   I've got 2 machines that run Arno's firewall and I want to connect them with 
an OpenVPN link to allow machines from a LAN to route out via the OpenVPN 
link.

   Here's a description:

   One machine has 1 NIC with a public IP address running Arno for straight 
firewall purposes. I'm using this machine as the OpenVPN server and the VPN 
server is set to 10.10.10.1. (Arno's firewall is also doing a NAT on the 
10.10.10.* network.)

   One machine has 2 NICs, one tied to a ppp ADSL connection, and one NIC set 
to 192.168.1.1. This LAN NIC is using Arno to do IP Masquerading. OpenVPN runs 
on this machine as a persistent tunnel using 10.10.10.5.

   Right now the VPN tunnel works between the 2 machines. I can be on the 
client and can ping the server on 10.10.10.1. I can set up a browser with a 
proxy at 10.10.10.1 and hit that machine with no problem.

   My problem is reaching 10.10.10.1 from the 192.168.1.x LAN clients. I'm 
guessing I need to add a forward or NAT on the DSL/192.168.1.1 server but have 
not stumbled onto the right tweak in Arno's firewall.conf to make this happen.

   Could someone whack me with a clue-bat?


P.S: This is a resend of this message. My first message had a small graphic 
attached illustrating the network setup; I'm guessing the list nuked that one 
as spam.


-- 
"The poor live in conditions determined by the law. The rich change the laws 
by buying new conditions." -- Stan Goff


More information about the Firewall mailing list