Patrick’s Blog(2)

It took me a bit too long to figure out how to add a masquerade rule to the server’s firewall so openvpn clients can reach the Intarweb too. So here it is in case you are looking to do the same:

# service iptables stop
# iptables -t nat -A POSTROUTING -s <network/cidr> -o <interface> -j MASQUERADE
# service iptables save
# service iptables restart

Example of <ip network/cidr>: 192.168.1.0/24
Example of <ethernet interface>: eth0

You can find the added rule in /etc/sysconfig/iptables

And make sure that you have IP forwarding enabled too or else it will still not work:

# echo “1″ > /proc/sys/net/ipv4/ip_forward

This entry was posted on Tuesday, May 27th, 2008 at 20:29 and is filed under Tips and tricks. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.