[Firewall] Arno with an OpenVPN static link
intnsred at golgotha.net
Sat Jun 22 19:18:44 CEST 2013
I've got 2 machines that run Arno's firewall and I want to connect them with
an OpenVPN link to allow machines from a LAN to route out via the OpenVPN
Here's a description:
One machine has 1 NIC with a public IP address running Arno for straight
firewall purposes. I'm using this machine as the OpenVPN server and the VPN
server is set to 10.10.10.1. (Arno's firewall is also doing a NAT on the
One machine has 2 NICs, one tied to a ppp ADSL connection, and one NIC set
to 192.168.1.1. This LAN NIC is using Arno to do IP Masquerading. OpenVPN runs
on this machine as a persistent tunnel using 10.10.10.5.
Right now the VPN tunnel works between the 2 machines. I can be on the
client and can ping the server on 10.10.10.1. I can set up a browser with a
proxy at 10.10.10.1 and hit that machine with no problem.
My problem is reaching 10.10.10.1 from the 192.168.1.x LAN clients. I'm
guessing I need to add a forward or NAT on the DSL/192.168.1.1 server but have
not stumbled onto the right tweak in Arno's firewall.conf to make this happen.
Could someone whack me with a clue-bat?
P.S: This is a resend of this message. My first message had a small graphic
attached illustrating the network setup; I'm guessing the list nuked that one
"The poor live in conditions determined by the law. The rich change the laws
by buying new conditions." -- Stan Goff
More information about the Firewall