[Firewall] Arno with an OpenVPN static link

Intense Red intnsred at golgotha.net
Sat Jun 22 19:18:06 CEST 2013

   I've got 2 machines that run Arno's firewall and I want to connect them with 
an OpenVPN link to allow machines from a LAN to route out via the OpenVPN 

   Here's a description:

   One machine has 1 NIC with a public IP address running Arno for straight 
firewall purposes. I'm using this machine as the OpenVPN server and the VPN 
server is set to (Arno's firewall is also doing a NAT on the 
10.10.10.* network.)

   One machine has 2 NICs, one tied to a ppp ADSL connection, and one NIC set 
to This LAN NIC is using Arno to do IP Masquerading. OpenVPN runs 
on this machine as a persistent tunnel using

   Right now the VPN tunnel works between the 2 machines. I can be on the 
client and can ping the server on I can set up a browser with a 
proxy at and hit that machine with no problem.

   My problem is reaching from the 192.168.1.x LAN clients. I'm 
guessing I need to add a forward or NAT on the DSL/ server but have 
not stumbled onto the right tweak in Arno's firewall.conf to make this happen.

   Could someone whack me with a clue-bat?

P.S: This is a resend of this message. My first message had a small graphic 
attached illustrating the network setup; I'm guessing the list nuked that one 
as spam.

"The poor live in conditions determined by the law. The rich change the laws 
by buying new conditions." -- Stan Goff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: lan-openvpn.png
Type: image/png
Size: 16146 bytes
Desc: not available
URL: <http://rocky.eld.leidenuniv.nl/pipermail/firewall/attachments/20130622/cd5c7fc6/attachment-0001.png>

More information about the Firewall mailing list