Menu
What's new
By:
Filters Better Search

Trouble Setting Up iptables

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

A

a5m

Regular Contributor
Hello everyone,

I need some help setting up iptables. I've followed this guide: https://torguard.net/knowledgebase.php?action=displayarticle&catid=60&id=165

I'm currently running the latest Merlin on a RT-AC68R and have setup OpenVPN using this guide: https://torguard.net/knowledgebase.php?action=displayarticle&id=216

Only changes I've made are setting Accept DNS Configuration to Exclusive, Cipher Negotiation to Enable (with fallback) and Force Internet Traffic Through Tunnel to Policy Rules (strict) and routing only the NAS IP 192.168.1.69 through the tunnel.

For iptables destip I've used the NAS IP 192.168.1.69 but all internet traffic is getting blocked except for the NAS. I'm pretty sure iptables needs something added or modified but I'm not sure what. Any help would be greatly appreciated.

Thanks in advance
 
a5m said:
Hello everyone,

I need some help setting up iptables. I've followed this guide: https://torguard.net/knowledgebase.php?action=displayarticle&catid=60&id=165

I'm currently running the latest Merlin on a RT-AC68R and have setup OpenVPN using this guide: https://torguard.net/knowledgebase.php?action=displayarticle&id=216

Only changes I've made are setting Accept DNS Configuration to Exclusive, Cipher Negotiation to Enable (with fallback) and Force Internet Traffic Through Tunnel to Policy Rules (strict) and routing only the NAS IP 192.168.1.69 through the tunnel.

For iptables destip I've used the NAS IP 192.168.1.69 but all internet traffic is getting blocked except for the NAS. I'm pretty sure iptables needs something added or modified but I'm not sure what. Any help would be greatly appreciated.

Thanks in advance
Click to expand...
Here is another reference for you

https://github.com/RMerl/asuswrt-merlin/wiki/Policy-based-Port-routing-(manual-method)

I recommend configuring the router IP address to use the WAN iface in the Policy Routing section on the VPN client screen.
 
  • Like
Reactions: a5m
Just following up in case anyone else was having a similar issue.

I left everything the same as stated in my original post, except for iptables I deleted the top half and left only the following:

iptables -I FORWARD -i tun11 -p udp -d destIP --dport Port -j ACCEPT
iptables -I FORWARD -i tun11 -p tcp -d destIP --dport Port -j ACCEPT
iptables -t nat -I PREROUTING -i tun11 -p tcp --dport Port -j DNAT --to-destination destIP
iptables -t nat -I PREROUTING -i tun11 -p udp --dport Port -j DNAT --to-destination destIP

That seems to have done the trick. All traffic is flowing normally now.
 
You must log in or register to reply here.

Similar threads

J
Asus RT-AC68R /w latest Merlin 386.12 firmware - Openvpn client issue
Replies
2
Views
769
jdolence
J
A
Setting up OpenVPN client
Replies
10
Views
1K
ColinTaylor
C
Pyrrhus Zaurus
Temporary port forward using SSH
Replies
0
Views
1K
Pyrrhus Zaurus
Pyrrhus Zaurus
P
Switching from WireGuard to OpenVPN site-to-site due to perf issues
Replies
9
Views
2K
elorimer
E
I
Solved ASUS RT-AX86U Merlin 386.4 OpenVPN routing help/ideas
Replies
7
Views
3K
ivannn
I
Similar threads
Thread starter Title Forum Replies Date
gdgross Setting up VPN server (router?) for offsite access VPN 13

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 951 (members: 26, guests: 925)
Top