Hello Jeff,
I’m using the custom configuration, the configuration is generated by open vpnserver. I simply copy all and paste in the custom configuration field.
It was needed the file with user and password for authentication, I copy to router with WinSCP.
When I configure rules in WebUI, the rules is going to User Input and User Forward chain and that didn’t work, I don’t know why.
After some time I configured via commandline the following rules and worked.
After that, I created script to restore these rules every time it reboots.
iptables -A TUNNELING -p tcp -m tcp -i tun+ -j ACCEPT
iptables -A TUNNELING -p tcp -m tcp -o tun+ -j ACCEPT
iptables -A TUNNELING -p icmp -j ACCEPT
iptables -A OUTPUT -o br0 -p tcp -m tcp -j ACCEPT
iptables -A INPUT -i br0 -p tcp -m tcp -j ACCEPT
iptables -t nat -A POSTROUTING -o tun+ -j MASQUERADE
iptables -A TUNNEL_FORWARD -d 192.168.0.0/24 -i tun+ -p tcp -m tcp -j ACCEPT
iptables -t nat -A PREROUTING -i tun+ -p tcp -m tcp –dport 5000 -j DNAT –to-destination 192.168.0.2:5000
iptables -t nat -A PREROUTING -i tun+ -p tcp -m tcp –dport 6080 -j DNAT –to-destination 192.168.0.2:6080
iptables -t nat -A PREROUTING -i tun+ -p tcp -m tcp –dport 5520 -j DNAT –to-destination 192.168.0.2:5520
It worked after I add this rule
iptables -A INPUT -i tuntunclient -p tcp -m tcp -j ACCEPT
I created script to add this every the router reboots.
How can add this rule through firewall in the webpage?
I supose is in the inbound rule, but I do not know the configurations.
Can somebody give me the equivalent configuration of above rule?