OpenVPN server / Firewall question on AX88u.

Tvbaas

Occasional Visitor
I have successfully configured a OpenVPN server on my Asus ax88u running Merlin 386.3_2 firmware and the remote client connects instantly.
However I do have a question on how the remote clients are able to connect without opening the assign port in the Firewall of the AX88u for this?
When checking for additional port forwarding's for the OpenVPN server , I can't find any.
Can someone explain how this works?
 

netware5

Very Senior Member
I have successfully configured a OpenVPN server on my Asus ax88u running Merlin 386.3_2 firmware and the remote client connects instantly.
However I do have a question on how the remote clients are able to connect without opening the assign port in the Firewall of the AX88u for this?
When checking for additional port forwarding's for the OpenVPN server , I can't find any.
Can someone explain how this works?
It is because the OpenVPN server listens on its port to the WAN, so this port is permanently open. Then OpenVPN client communicates with the OpenVPN server using that port and creates tunnel. No other ports are used, so that is the reason you don't see any forwarded port.
 

Tvbaas

Occasional Visitor
Thank you @netware5 for your feedback. I would still expect that there are some firewall rules added to let the OpenVPN server communicate on the assigned WAN port, but cant find any...
 

ColinTaylor

Part of the Furniture
I would still expect that there are some firewall rules added to let the OpenVPN server communicate on the assigned WAN port, but cant find any...
It's the first rule in the PREROUTING chain in the nat table and the first rule in the INPUT chain in the filter table.
 

Tvbaas

Occasional Visitor
It's the first rule in the PREROUTING chain in the nat table and the first rule in the INPUT chain in the filter table.
Could be me looking at the wrong place , but can not find any lines which include the assigned OpenVPN server port number. Not in filter_rules nor in nat_rules.
 

ColinTaylor

Part of the Furniture
Could be me looking at the wrong place , but can not find any lines which include the assigned OpenVPN server port number. Not in filter_rules nor in nat_rules.
Don't look in those files in /tmp as they don't contain modifications made by services like OpenVPN. Look at the actual output of the iptables command.
 

Tvbaas

Occasional Visitor
Don't look in those files in /tmp as they don't contain modifications made by services like OpenVPN. Look at the actual output of the iptables command.
Thank you @ColinTaylor , found them. Good to know that services like OpenVPN will created these entries themselves and don't show up in the Asus Router GUI.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top