Choose style:

Author Topic: Setting rules in UFW to allow VPN connection  (Read 1957 times)

0 Members and 1 Guest are viewing this topic.

Offline AndyInMokum

  • Global Moderator
  • Hero
  • *****
  • Posts: 4889
  • Karma: 1058
  • "Keep on Rockin' in the Free World"
    • View Profile
  • Peppermint version(s): PM 9 & PM 10 (64-bit)
Setting rules in UFW to allow VPN connection
« on: March 03, 2015, 03:31:28 pm »
Hi all, I'm asking for some advice about applying firewall rules to allow the network manager to use PTPP VPNs.  What would be the safest port(s) to use for this protocol and how would I set it up?  The firewall I'm using is UFW.  Many thanks  ;).
Backup! Backup! Backup! If you're missing any of these -  you ain't Backed Up!
For my system info please L/click HERE.

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26452
  • Karma: 65531
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: Setting rules in UFW to allow VPN connection
« Reply #1 on: March 03, 2015, 07:13:07 pm »
I don't think this is a question of opening ports .. try setting both incoming and outgoing to ALLOW, it still blocks the VPN.
(also allowing ALL traffic on the VPN's IP makes no difference)

I think this is more about forwarding traffic on pptp0 to wlan0

or possibly dhcp .. it *seems* to be failing whilst requesting an address from the VPN server (with ufw enabled)

Looking into it....
« Last Edit: March 03, 2015, 07:15:45 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline AndyInMokum

  • Global Moderator
  • Hero
  • *****
  • Posts: 4889
  • Karma: 1058
  • "Keep on Rockin' in the Free World"
    • View Profile
  • Peppermint version(s): PM 9 & PM 10 (64-bit)
Re: Setting rules in UFW to allow VPN connection
« Reply #2 on: March 03, 2015, 07:30:00 pm »
Thanks for looking into it, just for a reference, here are the rules I have set for miniDLNA:
Code: [Select]
andy@AMILO-Li3710 ~ $ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip

To                         Action      From
--                         ------      ----
8200/tcp                   ALLOW IN    Anywhere
1900/udp                   ALLOW IN    Anywhere
8200/tcp (v6)              ALLOW IN    Anywhere (v6)
1900/udp (v6)              ALLOW IN    Anywhere (v6)

andy@AMILO-Li3710 ~ $
;)
Backup! Backup! Backup! If you're missing any of these -  you ain't Backed Up!
For my system info please L/click HERE.

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26452
  • Karma: 65531
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: Setting rules in UFW to allow VPN connection
« Reply #3 on: March 04, 2015, 04:54:06 pm »
This is doing my head in, but I refuse to be beaten  ;)

Oddly an OpenVPN tunnel I have configured goes through the firewall without issue (no ufw rules necessary)  .. go figure  :-\
« Last Edit: March 04, 2015, 04:57:16 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline AndyInMokum

  • Global Moderator
  • Hero
  • *****
  • Posts: 4889
  • Karma: 1058
  • "Keep on Rockin' in the Free World"
    • View Profile
  • Peppermint version(s): PM 9 & PM 10 (64-bit)
Re: Setting rules in UFW to allow VPN connection
« Reply #4 on: March 04, 2015, 05:12:01 pm »
I know what you mean.  I have ZenMate VPN plugin installed to Google Chrome.  That works fine with the firewall on or off.  I have disabled it to see if that would make a difference to running a VPN through the Network Manager.  Alas, no such luck.  I still have to turn off the firewall to allow normal PTPP VPN access  :-\.
Backup! Backup! Backup! If you're missing any of these -  you ain't Backed Up!
For my system info please L/click HERE.