On Fri, Mar 20, 2020 at 08:39:36AM +0100, Hans-Peter Jansen wrote:
Am Donnerstag, 19. März 2020, 20:06:19 CET schrieb Eric Garver:
I'm not certain what you're trying to accomplish.
Sorry, Eric, for my deficits in expressing my needs.
Are you trying to allow SSH access to the OpenVPN server?
This is working fine.
Your rich rule is using port 8080. Are you trying to forward 8080 to ssh (22)?
Hrmpf. I've tried to eliminate all disturbing elements, but failed. Yes, a service on port 8080 needs be allowed as well, but having it working for ssh is enough to get the rest working in a similar fashion.
It should have read: rule family="ipv4" source address="10.20.30.0/24" destination address="192.168.78.0/24" port port="22" protocol="tcp" accept
I've tried port forwarding and other things, but ultimately, I would like to allow some services coming from the VPN (tun0/10.20.30.0/24) to be routed to the local network (and back).
On the client side is your SSH destination in the 10.20.30.0/24 block of addresses or are you using the OpenVPN's "uplink" address (eth0) ?
[..]