OPEN VPN support

v7
openvpn

(ch312131) #1

Hi,

it’s really amazing that Transparent SSL mode without installing Certificate to client,this is first firewall i have seen, nethserver dev guys you are doing a amazing work !! for saving time.

but i do have more confuse areas of this firewall. just like OPEN VPN .as i was work previous with PFsense. by comparing both.configuration part of open vpn pf sense is easy than nethserver,

so someone pls explain how to success below points,i have already configured OPENVPN and mobiles can authenticate without any issue.

My setup is

1 red card internet - 192.168.1.5 (WAN)
1 green card - 192,168.54.40 ( LAN)
1 grean card - 192.168.2.1 ( Wifi network )

01.how to add routing to my Lan network as i want to access VNC pc clients( Currently i can ping Nethserver IP address only.)

02.Active directory authentication for OPENVPN

cheers.


(Markus Neuberger) #2

Hello @Chathura_Priyasad,

Normally green networks should be able to reach each other by default AFAIK…for connecting via VNC from WAN you’ll need to configure port forwarding on Nethserver and as it seems you have a router because of private IP WAN address you have to configure it on your router too.

Did you see this?

https://community.nethserver.org/t/openvpn-and-ad-users/1859


(ch312131) #3

i have missed some Ip table configurations,blow is solution

cat /proc/sys/net/ipv4/ip_forward

result should be 1

then,

iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE

you will be able to ping interface ens3 from different subnet