[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

[Openvpn-users] Firewall workaround


  • Subject: [Openvpn-users] Firewall workaround
  • From: "Benjamin Dickgiesser" <benjamin@xxxxxxxxxxxxxxx>
  • Date: Fri, 16 Jan 2004 17:02:29 +0100

It would be realy nice if someone could help me with this:

Situation:
I am useing a Windows XP PC at a student hall. To connect to the internet I
am useing the university connection. Unfortunatly there are only around 5
open ports (80,21,22,23,6667).
My aim is to make a work around to this firewall.

Plan:
Create a VPN with an outside suse linux 9 server with a static ip on an open
port and use this pc as a gateway.


                 144.82.201.0/23
User --------> |FIREWALL| --->(  Internet   )
 |                                                        /\ | |
 |                                                        | | \/
 |-----------------VPN----------> Linux Server
                     10.3.0.0/32

User:
[VPN]
IP:           10.3.0.2/32
Gateway: 10.3.0.1

[Uni net]
IP:                 144.82.200.116/23
Nameserver:  144.82.100.1
                     144.82.100.41


Linux Server:
[VPN]interface tun0
IP: 10.3.0.1/32

[Internet] - interface eth0:
IP:   217.172.172.111/32
Nameserver:  217.172.166.7
  217.172.191.7
Gateway:  217.172.172.1

What I have done:
I created a tunnel between the 2 pc's with openvpn

Problem:
How do I setup the Suse Linux PC in order that it works properly as a
gateway and is there anything else to do on the Windows pc (route add?).

I tried the following without a success:
I have to add that I'm a total linux nub and that I got this information
from:
http://www.yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.html
   On Linux PC:
   iptables --flush            - Flush all the rules in filter and nat
tables
   iptables --table nat --flush
   iptables --delete-chain     - Delete all chains that are not in default
filter and nat table
   iptables --table nat --delete-chain

   iptables --table nat --append POSTROUTING --out-interface eth0 -j
MASQUERADE
   iptables --append FORWARD --in-interface tun0 -j ACCEPT

   echo 1 > /proc/sys/net/ipv4/ip_forward

   route add  -net 10.3.0.0 netmask 255.255.255.0 gw 217.172.172.1 dev tun0
   > SIOCADDRT:: Network not reachable.

Could someone help me with this?
Thanks alot!

Benjamin Dickgießer