Cisco vpnc nftables on OpenWrt 22.03 - custom iptables firewall rules

Installing and Using OpenWrt Network and Wireless Configuration
1

I just installed OpenWrt 22.03, I use vpnc to connect co cisco firewall, and this VPN works perfectly but only on router, not on the local network

the problem is I don't know how to convert this custom iptables firewall rules to nftables - I tried iptables-translate but the result do not work, vpn-VPN is the name of the interface with with Protocol: VPNC (CISCO 3000 (and others) VPN)

iptables -A forwarding_rule -o vpn-VPN -j ACCEPT
iptables -A forwarding_rule -i vpn-VPN -j ACCEPT
iptables -t nat -A postrouting_rule -o vpn-VPN -j MASQUERADE

g

2

Edit your wan zone and add vpn-VPN as custom covered device within the advanced settings tab.

  1. image
    image1412×277 34.3 KB
  2. image
    image1412×904 171 KB

Explanation: this will make the vpn-VPN device part of the wan zone so that it will inherit the forwarding and masquerade policies. This way no custom rule is needed.

1 Like
3

works perfectly, thx
g

4

Please mark it as solved then

1 Like
5

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.