I have an OpenVPN server on Fedora 19 with 2 clients – 1 client on the same LAN as the server, and the other on the internet.
I want the 2 clients to be able to talk to each other thru the tunnel and, if I stop firewalld.service on the server, they can.
How can I configure firewalld to allow this traffic? either with the GUI, or with firewall-cmd.
I think the equivalent iptables commands would be:
iptables -A INPUT -i tun+ -j ACCEPT
iptables -A FORWARD -i tun+ -j ACCEPT
How to do that with firewalld?
Best Answer
I had the same issue, but this finally worked for me:
First, enable forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forwardAnd then authorize your
tun0interface with firewalld:firewall-cmd --zone=trusted --add-interface=tun0Add
--permanentto the last command to make it persistant.I had nothing more to do except the usual OpenVPN configuration.