From: Michele P. - U. <mic...@un...> - 2010-06-21 10:32:03
|
Hi list, I have a firewall setup where I have installed a openvpn server with multiple clients. Vpn establishment and client <-> server communication works well but now I want to allow client <-> client talk so, since I see that the fw show me on the logs "Shorewall:FORWARD:REJECT:IN=tap0 OUT=tap0 ...and so on..." I add a policy: vpn vpn ACCEPT. Shorewall create me correctly the chain vpn2vpn but on vpn_frwd it "forgot" to add the rule for the inter-vpn traffic! If I create by myself with the rule "iptables -A vpn_frwd -o tap+ -j vpn2vpn", all works like a charm. Is this a shorewall problem or I'm wrong somewhere? Thanks, Michele My conf on fw: - zones: vpn ipv4 - interfaces: vpn tap+ detect - policy: vpn vpn ACCEPT |