Site-to-Site VPN Firewall Rules

When adjusting settings for a site-to-site VPN, don’t forget to update the firewall rules. Make sure the appropriate subnets for your networks are covered. In /etc/ufw/before.rules: # OpenVPN Rules *nat :POSTROUTING ACCEPT [0:0] # Allow traffic from OpenVPN client to ens32 -A POSTROUTING -s 192.168.52.0/24 -o ens32 -j MASQUERADE -A POSTROUTING -s 172.22.1.0/24 -o ens32 … Read more