Hi list,
I am running PF on OpenBSD 5 with 2 external links.
One is ASDL and other is Leased line.
my /etc/mygate is set to adsl ip.
So, default route via ADSL.
But, I want to access OpenVPN (i.e port 1194) via Leased line from the
Internet.
when, I try to access I get below error.
Feb 02 13:21:04.717389 rule 17/(match) pass in on ne1: 220.x.y.z.53208
> 172.16.x.1.1194: udp 14
Feb 02 13:21:04.718461 rule 6/(match) block out on ne2:
192.168.1.z.1194 > 220.x.y.z.53208: udp 26
Feb 02 13:21:06.043509 rule 6/(match) block out on ne2:
192.168.1.z.1194 > 220.x.y.z.53208: udp 14
ip 192.168.1.z is the ip address of PF firewall that connects to ADSL router.
my pf.conf file looks like this.
vpn= "tun0"
match out on $wan_if from 10.0.1.0/24 nat-to ($wan_if)
# filter rules
block in log
block out log
#pass out quick log
antispoof quick for { lo $int_if }
pass in quick log on $vpn
pass out quick log on $vpn
pass in log on $wan_if inet proto udp from any to $wan_if \
port 1194 reply-to ($wan_if $wan_gw)
I need your advice to solve this issue?
Anyway, if i set to with TCP like this
pass in log on $wan_if inet proto tcp from any to $wan_if \
port 1194 reply-to ($wan_if $wan_gw)
It works . Why It does NOT work for udp?
Hope to hear from you..
, it works
--
Thank you
Indunil Jayasooriya
