Hello all,
I think I have the firewall settings incorrect. Hopefully someone can help.
My configuration:
- OpenVPN server on the router, which is itself a client in my home network using IP 192.168.8.54. I can make a connection successfully from outside (tested via mobile hotspot, so I am out of my home network)
- VPN server uses tun0 as interface, here some settings I use:
proto tcp-server
dev tun
topology subnet
server 192.168.21.0 255.255.255.0
push "redirect-gateway def1 bypass-dhcp"
push "dhcp-option DNS 192.168.8.1"
...
- since the firewall config complains there are no devices connected to tun0, I have created an OVPN interface, my config/network looks like this:
config interface 'tun0'
option proto 'none'
config interface 'ovpn'
option proto 'none'
option ifname 'tun0'
- my config/firewall looks like this
config zone
option network 'ovpn'
option name 'OpenVPN'
option mtu_fix '1'
option input 'ACCEPT'
option forward 'REJECT'
option masq '1'
option output 'ACCEPT'
config forwarding
option dest 'lan'
option src 'OpenVPN'
config nat
list proto 'all'
option name 'OpenVPN'
option src_ip '192.168.21.0/24'
option target 'MASQUERADE'
option src 'lan'
with these settings, I cannot even ping the openVPN server at 192.168.21.1.
Before I was directly using tun0 in the firewall settings without the ovpn device, there I could ping the openVPN server but also not reach anything in the LAN.
any hint? thanks a lot!
Roger