I have been installed OpenVPN server on my CentOs VPS, and it started successfully
And try to configure iptables for it by following command:
iptables -A FORWARD -m state -–state RELATED,ESTABLISHED -j ACCEPT
iptables -A FORWARD -s 10.8.0.0/24 -j ACCEPT
iptables -A FORWARD -j REJECT
iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -j SNAT --to 209.54.48.68But I can't connect to it,so I run nmap on my computer:
nmap -p 1194 209.54.48.68 Starting Nmap 5.21 ( http://nmap.org ) at 2011-12-27 22:28 IRST Nmap scan report for 209.54.48.68.nativehosting.com (209.54.48.68) Host is up (0.53s latency). PORT STATE SERVICE 1194/tcp closed unknown Nmap done: 1 IP address (1 host up) scanned in 3.22 seconds
Now where is the problem and how should I solve it? Why 1194 is closed after install OpenVPN?
I have followed http://tipupdate.com/how-to-install-openvpn-on-centos-vps/ to install and configure it.
Just to note, your nmap scan was against TCP/1194. By default, OpenVPN will use UDP/1194, so your scan, as specified, isn't looking at the right place. Add the
-sUoption to scan for UDP, like this:nmap -sU -p 1194 209.54.48.68.In any case, make sure the
openvpndaemon is running (ps auxw |grep openvpn) and thenetstatcommand that Khaled posted. If you have default DENY on iptables, you will need to open up UDP/1194 also.First, you need to make sure the service is running and listening on the expected port. You can use:
Second, it is not clear whether you are running iptables on the same server or on another one. Make sure you enable IP forwarding if iptables is configured on another machine. If these rules are applied on the same VPN server, you need to add the accept rules to 'INPUT' chain.
Don't you need to have the port open in the RH-Firewall-1-INPUT or INPUT chains ?
or