Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.


nikcnikc Member


Does anyone have any experience with running OpenVPN behind CSF ?

I have a working OpenVPN (when I add a NAT rule manually), but when I stick CSF in front of it (with UDP 1194 open), I can connect but can't route beyond the gateway.

Just trying to figure out if I am missing something above and beyond making sure the NAT rule is in and the port is open.



  • You need add some iptables rules in

    I'm on mobile now. I will share the rules later.

    Thanked by 1nikc
  • budi1413budi1413 Member
    edited December 2013

    nano /etc/csf/

    iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
    iptables -A FORWARD -s -j ACCEPT
    iptables -A FORWARD -j REJECT
    iptables -t nat -A POSTROUTING -s -o eth0 -j MASQUERADE // for kvm or xen
    iptables -t nat -A POSTROUTING -s -j SNAT --to (server ip) // for openvz

    csf -r

    ps: In the last 2 line, just use the one depending on your vps virtualization.

  • Perfect, thanks @budil413 :)

  • @nikc said:
    Perfect, thanks budil413 :)

    No problem. :)

Sign In or Register to comment.