OVH Firewall – How to Setup for OpenVPN Server

firewallnetworkingopenvpnovhrouting

I got my OpenVPN server running, by using this script: https://github.com/angristan/openvpn-install

I can connect to VPN network, ping local and external IP addresses, access HTTP server (by using local and external IP).

DNS is not working on clients, when I try pinging google.com/any-other-domain it displays IP resolve error.
When I try nslookup on all domains, it retries few times and returns dns timeout.

  • My external IP: 147.135.XXX.XXX
  • My VPN network: 10.8.0.0/24
  • My internal IP: 10.8.0.1

I tried

  • Default and non default VPN server port
  • TCP and UDP
  • Adguard, Google, and local hosted DNS server (on VPN)
  • Opening port 53 UDP on VPN server

None worked so far.

Then I disabled OVH firewall. After that, DNS stared working on VPN clients.

So, how should I configure OVH firewall?
I don't want to disable it completely, because I'm hosting many other things on that server.

I know, that rules are applied from the lowest priority to highest.
So if rule 0 is matched, then rules 1-19 are not executed.

My current configuration:
Click here for screenshot

Hidden ports are set up exactly like 80 and 443. Established TCP connections are accepted, connections on specific ports are accepted and TCP/UDP on 1194 is also accepted.

Thanks for help.
Also, please post comment, if I missed something.

Best Answer

Maybe this is a bit late but I answer. For my openvpn server to forward properly I had to open UDP SOURCE port 53.

So, the rule is not:

  • [Protocol: UDP, Source IP: Any, Source port: Any, Target port: 53],

but:

  • [Protocol: UDP, Source IP: Any, Source port: 53, Target port: any].
Related Topic