Open VPN -> no internet access


i configured my openVPN as described in your manual and I am able to connect with my iPhone and the OpenVPN app to my network. But I am not able to reach any websites because all my VPN traffic is instanly blocked.

21:40:03 DROP_FORWARD tun1 UDP 64327 53(DOMAIN)

Do I need some additional firewall routes to get that working?


Sorry I’m not a VPN expert but as a guess: Is there a firewall rule related to DNS (port 53)?

Thx for your answer. That was also my first guess but when i turn my firewall (Default firewall behaviour) into “FORWARD -> Allowed” mode every traffic outgoing should be allowed. That worked for every network (green, blue) but not for my VPN. I think i need a rule for my tun1 (VPN) interface. But i cant find the interface in my firewall rules.

Are you looking for the menu Firewall > Firewall Rules? Or something else?

You should not need any special rule for OpenVPN. I don’t have any rules for OpenVPN and all works A-OK. FYI - I am set to “FORWARD -> Allowed” also.

Ok so if you configure OpenVPN every connected client is able to connect to the internet through the firewall? I have the option “redirect-gateway” enabled because all my traffic should go through the firewall. But in my case something is wrong because my firewall is blocking every connection from a connected client as you can see. Internet access is not possible with my connected iPhone. (OpenVPN APP)

21:40:03 DROP_FORWARD tun1 UDP 64327 53(DOMAIN)

As you can see the firewall is blocking the “tun1” interface. But in my Firewall rules i cant set a rule to allow the “tun1” interface because i cant find this interface in my rules. Maybe i have to edit the iptables manually.

any ideas? :slight_smile:

Yes. All works A-OK and I am sending this message via my iPhone using the IPFire OpenVPN.

I just set it up last night to make sure it works.

I have redirect gateway in also.

Can you send screenshots of your IPFire openvpn?


I’m located near Chicago, US and I’m guessing you located in another part of the world :smile:


yes but in the evening… :slight_smile: It makes no sense that the firewall is blocking my VPN Client because Forward is allowed.

Can you send me a screenshot from your firewall logs when your iPhone is connected via VPN and you try to open a website?


The IPFire Firewall logs? There is nothing in there related to the iPhone, or tun, or the website. This is why I think you have a Firewall rule that is causing the issue.

Below: I connected via the iPhone OpenVPN at 11:10 AM.

my open vpn is definitly correct configured. and my firewall is allowing all outgoing traffic. but my firewall blocks my VPN interface “tun1” as you can see in my firewall log. and as i can see in your firewall log you are blocking some data over your red0 interface. thats is not your handy connected via vpn. vpn is tun1 or tun0 interface

@gaerbsch Did you ever get resolution for this?

Hi all,
did someone used OpenVPNs DNS directive ?



1 Like