Bonjour,
Je viens d’installer un openvpn sur un Debian 11 hébergé sur un VPS.
J’ai repris la même config que sur mon ancien VPS qui était sous Debian 9.
J’ai mis les mêmes ports en DMZ qu’avant, pour les avoir ouverts lorsque je suis connecté sur le VPN (laissant les autres fermés par défaut).
Je n’ai fais aucune modif sur la D11, sauf 1 chose que m’a conseillé le support d’openvpn :
update-alternatives --set iptables /usr/sbin/iptables-legacy
update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
Mais les ports restent fermés.
Est-ce que vous avez une idée d’où cela pourrait venir ?
Merci de votre aide.
JC
Si ça peut vous aider, voici le résultat de la commande
root@openvpn:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
AS0_ACCEPT all -- anywhere anywhere state RELATED,EST ABLISHED
AS0_ACCEPT all -- anywhere anywhere
AS0_IN_PRE all -- anywhere anywhere mark match 0x2000 000/0x2000000
AS0_ACCEPT udp -- anywhere openvpn.seedbox.top state NEW udp dpt :openvpn
AS0_WEBACCEPT all -- anywhere anywhere state RELATED, ESTABLISHED
AS0_WEBACCEPT tcp -- anywhere openvpn.seedbox.top state NEW tcp dpt:943
Chain FORWARD (policy ACCEPT)
target prot opt source destination
AS0_ACCEPT all -- anywhere anywhere state RELATED,EST ABLISHED
AS0_IN_PRE all -- anywhere anywhere mark match 0x2000 000/0x2000000
AS0_OUT_S2C all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
AS0_OUT_LOCAL all -- anywhere anywhere
Chain AS0_ACCEPT (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
Chain AS0_IN (4 references)
target prot opt source destination
ACCEPT all -- anywhere 172.27.224.1
AS0_IN_POST all -- anywhere anywhere
Chain AS0_IN_NAT (0 references)
target prot opt source destination
MARK all -- anywhere anywhere MARK or 0x8000000
ACCEPT all -- anywhere anywhere
Chain AS0_IN_POST (1 references)
target prot opt source destination
ACCEPT all -- anywhere 10.0.0.0/24
AS0_OUT all -- anywhere anywhere
DROP all -- anywhere anywhere
Chain AS0_IN_PRE (2 references)
target prot opt source destination
AS0_IN all -- anywhere 169.254.0.0/16
AS0_IN all -- anywhere 192.168.0.0/16
AS0_IN all -- anywhere 172.16.0.0/12
AS0_IN all -- anywhere 10.0.0.0/8
ACCEPT all -- anywhere anywhere
Chain AS0_IN_ROUTE (0 references)
target prot opt source destination
MARK all -- anywhere anywhere MARK or 0x4000000
ACCEPT all -- anywhere anywhere
Chain AS0_OUT (2 references)
target prot opt source destination
AS0_OUT_POST all -- anywhere anywhere
Chain AS0_OUT_LOCAL (1 references)
target prot opt source destination
DROP icmp -- anywhere anywhere icmp redirect
ACCEPT all -- anywhere anywhere
Chain AS0_OUT_POST (1 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain AS0_OUT_S2C (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere mark match 0x10000 00/0x1000000
AS0_OUT all -- anywhere anywhere
Chain AS0_WEBACCEPT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere