I am trying to build a new openvpn server based on CentOS7. Everything
is working fine as long as I disable firewalld. With firewalld enabled,
I can connect to the vpn and ping the machines on the network, but I am
unable to ssh to them.
What I had on my old server with iptables was two simple rules:
-A RH-Firewall-1-INPUT -s <localnet>/255.255.0.0 -d <vpnnet>/255.255.0.0
-j ACCEPT
-A RH-Firewall-1-INPUT -s <vpnnet>/255.255.0.0 -d <localnet>/255.255.0.0
-j ACCEPT
This allowed all traffic to flow between my vpn subnet and the local
network. How can I duplicate this behavior with firewalld?
I even tried using the --direct option to put in these same rules
without success. Although I may not have done it quite right --
firewalld seems to have added 20 extra chains to the rule structure and
I'm not sure exactly where I should put these rules.
Unfortunately, I cannot easily debug this while I'm at the office, but
if you can give me any suggestions, I can try them out when I get home
tonight.
Thanks!
--
Bowie
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
