Awesome guide!! Worked like a charm.
I'm having one issue however. When I connect to the VPN into my local network, I'm unable to access jail resources when the jail is logged into the jail's VPN. I've accommodated the IPFW rules to allow access from my VPN subnet. And, when I disconnect OpenVPN on the jail, I'm able to access the jail resources when connected to my local VPN. When connected to my local network, I'm able to connect to all jail resources with no issues. I'm assuming I'm missing some rule which is preventing me from accessing my jail resources when it's connected to the external OpenVPN connection. Any help is greatly appreciated.
Local Network Subnet: 10.110.1.0/24
Local VPN Subnet: 10.110.4.0/24
IPFW Rules:
##DNS
01000 allow log udp from 10.110.0.0/16 to 208.67.222.222 dst-port 53 keep-state
01002 allow log udp from 10.110.0.0/16 to 205.171.3.25 dst-port 53 keep-state
01004 allow log udp from 10.110.0.0/16 to 8.8.4.4 dst-port 53 keep-state
01006 allow log udp from 10.110.0.0/16 to 129.250.35.250 dst-port 53 keep-state
01008 allow log udp from 10.110.0.0/16 to 10.110.1.1 dst-port 53 keep-state
##Local Network
01010 allow ip from 10.110.0.0/16 to 10.110.0.0/16 keep-state
##OpenVPN Provider
02000 allow ip from 10.110.0.0/16 to 104.156.240.160 keep-state
02004 allow ip from 10.110.0.0/16 to 104.156.240.152 keep-state
02008 allow ip from 10.110.0.0/16 to 104.156.240.168 keep-state
02012 allow ip from 10.110.0.0/16 to 104.156.240.161 keep-state
02018 allow ip from 10.110.0.0/16 to 104.156.240.147 keep-state
##Loopback
04000 allow ip from 127.0.0.1 to any
04300 allow ip from 10.30.0.0/16 to any
04302 allow ip from any to 10.30.0.0/16
04310 allow ip from 10.31.0.0/16 to any
04312 allow ip from any to 10.31.0.0/16
04320 allow ip from 10.32.0.0/16 to any
04322 allow ip from any to 10.32.0.0/16
65534 deny ip from any to any
I'm having one issue however. When I connect to the VPN into my local network, I'm unable to access jail resources when the jail is logged into the jail's VPN. I've accommodated the IPFW rules to allow access from my VPN subnet. And, when I disconnect OpenVPN on the jail, I'm able to access the jail resources when connected to my local VPN. When connected to my local network, I'm able to connect to all jail resources with no issues. I'm assuming I'm missing some rule which is preventing me from accessing my jail resources when it's connected to the external OpenVPN connection. Any help is greatly appreciated.
Local Network Subnet: 10.110.1.0/24
Local VPN Subnet: 10.110.4.0/24
IPFW Rules:
##DNS
01000 allow log udp from 10.110.0.0/16 to 208.67.222.222 dst-port 53 keep-state
01002 allow log udp from 10.110.0.0/16 to 205.171.3.25 dst-port 53 keep-state
01004 allow log udp from 10.110.0.0/16 to 8.8.4.4 dst-port 53 keep-state
01006 allow log udp from 10.110.0.0/16 to 129.250.35.250 dst-port 53 keep-state
01008 allow log udp from 10.110.0.0/16 to 10.110.1.1 dst-port 53 keep-state
##Local Network
01010 allow ip from 10.110.0.0/16 to 10.110.0.0/16 keep-state
##OpenVPN Provider
02000 allow ip from 10.110.0.0/16 to 104.156.240.160 keep-state
02004 allow ip from 10.110.0.0/16 to 104.156.240.152 keep-state
02008 allow ip from 10.110.0.0/16 to 104.156.240.168 keep-state
02012 allow ip from 10.110.0.0/16 to 104.156.240.161 keep-state
02018 allow ip from 10.110.0.0/16 to 104.156.240.147 keep-state
##Loopback
04000 allow ip from 127.0.0.1 to any
04300 allow ip from 10.30.0.0/16 to any
04302 allow ip from any to 10.30.0.0/16
04310 allow ip from 10.31.0.0/16 to any
04312 allow ip from any to 10.31.0.0/16
04320 allow ip from 10.32.0.0/16 to any
04322 allow ip from any to 10.32.0.0/16
65534 deny ip from any to any