Firewall-Rule for 2nd Gateway needed

little_falter · 7 December 2020 15:51

Hi,
I need help for creating a firewall rule, if needed. So, what I want to do. I want to add a vpn connection to my network. But I don’t want to use the IPFire for so I added a Raspberry PI with a vpn client (vpn gateway). After that, I added a static route in IP Fire, to route all packets for the the oposite network to the vpn gateway. But only ping and traceroute worked. SSH and FTP connections timed out. So, I think, I need a futher firewall rule, right?
Environment
local network: 192.168.11.0
vpn gateway: 192.168.11.176
destination network: 192.168.69.0

So can somebody please tell me, what I have to add?

Thanks in advance.

pmueller · 7 December 2020 16:52

Hi,

yes, this sounds like there is a firewall rule missing.

Do you observe any dropped packets in the logs related to your SSH and FTP connection attempts?

Aside from that: Why, if I may ask, don’t you want to use IPFire as a VPN peer?

Thanks, and best regards,
Peter Müller

little_falter · 7 December 2020 17:28

Because I didn’t get run this and so I try another way to get the connection works.
No, I see no dropped packets.

little_falter · 12 December 2020 23:10

So in general. Can you tell me, which rule is needed? I mean, I have a special IP-range on the “other side” who should be reached. Especially, SSH, FTP, SMB etc. but I think, all ports should be forwarded. Means, source is my local network, destination is the other network reached via (open)VPN via (VPN)Gateway-Raspberry Pi.