Start a new topic

COMMON FIREWALL SITUATIONS - Send traffic from VPN to the Internet

By default VPN clients do not go out to the Internet.
If the client is configured to route all traffic to the VPN - then the following rules from below must be added to the VNS3 Firewall.


To allow traffic to Internet use "Add Rule" to add each of these rules one at a time
OR use "Advanced" --> "Whitebox Entry" to paste them in at once.


POSTROUTING -s ${vns3_overlay_subnet} -o eth0 ! -d ${vns3_overlay_subnet} -j MASQUERADE-ONCE

FORWARD -s ${vns3_overlay_subnet} ! -d ${vns3_overlay_subnet} -j ACCEPT




NOTE: Your client device must have proper settings to be sending all data to the VPN as a gateway to the Internet vs. your local network.
The rules above assure that traffic that arrives from your client for the Internet is sent out and returned correctly.