It’s probably some basic port forwarding issue, i’m lost now anyway.
I have Openvpn configured and it seem to work fine. I made a port forward rule with as Source a configured openVPN client - Destination is an internal Host - Protocol is a service with the port I use for SSH.
In the firewall log I do see the FORWARDFW rule from the VPNclient to the server over the said port. I don´t get my SSH connection however.
What am I missing here?
(The firewall is up-to-date btw)
Regards,
Edwin
If you have configured a “Host-to-Net Virtual Private Network (RoadWarrior)” connection, have you selected the “zones” to which the client should have access?
edit
PS. The OpenVPN RoadWarrior client has an IP address from the “Dynamic Client Subnet” or “Static IP address pools” — the destination host must accept connections from this IP address.
Thanks for your reply iptom!
I’m indeed trying to configure a roadwarrior vpn. The option below Advanced client options was selected (BLUE in my case).
I get a nice green “Connected” in the WUI when I make the VPN connection, so it seems to connect okay.
I use Static IP Address pools, so in the firewall rules I can select the name of the Openvpn client as source, my internal server (on BLUE) as destination and my SSH-port as (preset) protocol. It all seems very straightforward, it just doesn’t do what I want 
.
The (Debian) server I’m trying to SSH into via VPN allows my SSH-port from anywhere. Disabling the firewall completely on that machine didn’t help either.
The workstation I’m running the vpn-clientsoftware is Linux Mint btw. Using “Sudo openvpn –config .ovpn” to setup the vpn.
Regards,
Ediwn.
After adding the OpenVPN RoadWarrior client connection, you don’t need to set up port forwarding.
You “automatically” 
get access to the “zone” selected in “Advanced client options.”
Yes, of course – then “automagic” doesn’t work
However, in IPFire, this setting is allowed by default.
The author of this thread does not mention that he changed this setting.
Regards
Thanks for the replies iptom and and Phil SCAR, sorry for my late reply.
I tried to get the VPN working before we went on vacation. That didn’t succeed at first. Luckily I Installed OpenVPN and downloaded the client-files on my laptop so I could try again during our holiday-trip. It turned out I had to delete the line “mssfix 0“ in the .ovpn file. I don’t know what that line is for, but my Openvpn roadwarrior is now working fine.
Thanks again.
Regards,
Edwin.
The mssfix parameter is mentioned on the following Wiki pages.
