OpenVPN instructions for ubuntu server behind router firewall and no ufw
-
I'm exploring installing OpenVPN server on an Ubuntu (24.04) server. I use a router based firewall and am not running ufw on the server. However, all instructions I've found refer to configuration of ufw firewall.
Are there instructions available for setting up OpenVPN server on my network server without ufw, or guidance on how to work around these instruction steps?
Or am I missing something?
Thanks
-
@timbopoise if you want to setup this on the Ubuntu server, you maybe have a better chance of getting help in an Ubuntu/Linux forum. pfSense is based on FreeBSD, a very different OS.
As a side note: ufw is the default firewall on Ubuntu. ufw is a frontend to nft (new/current) or iptables (before nft). If you are searching for OpenVPN server instruction using "nft" I'm very positive that you will find plenty of information.
-
@patient0 said in OpenVPN instructions for ubuntu server behind router firewall and no ufw:
As a side note: ufw is the default firewall on Ubuntu. ufw is a frontend to nft (new/current) or iptables (before nft). If you are searching for OpenVPN server instruction using "nft" I'm very positive that you will find plenty of information
Thanks for the reply. I searched for openvpn forums and got routed here. In any case, I'm beginning to think I'm misunderstanding what ufw is. I have assumed it's a software firewall running local to a server, but for servers running behind a network router that provide firewall protection ufw is not necessary. I have no idea (apologize for my ignorance) what nft or iptables are, nor how to deal with them given my situation.
In any case, I will try to hide my embarrassment as I continue research and learning. Thanks
-
@timbopoise I'd argue that all the firewalls are local to a server/router ;). And indeed if you have a router with firewall already then the local server won't need a firewall. Unless you want to restrict what local clients are allowed to access on that particular server.
I'm beginning to think I'm misunderstanding what ufw is. I have assumed it's a software firewall running local to a server
UFW homepage: https://help.ubuntu.com/community/UFW
Linux firwalls: nft or iptables
Linux firewall configuration tools/frontends: ufw, firewalld and others I probably forgot.And since you won't need the firewall on the local server you can disable it. And use an installation guide without the firewall part:
OpenVPN guides:
- DigialOcean's OpenVPN on Ubuntu guide: https://www.digitalocean.com/community/tutorials/how-to-set-up-and-configure-an-openvpn-server-on-ubuntu-20-04
- Ubuntu documentation: https://documentation.ubuntu.com/server/how-to/security/install-openvpn/
-
@patient0 Thanks
-
@patient0 said in OpenVPN instructions for ubuntu server behind router firewall and no ufw:
ufw is a frontend to nft (new/current) or iptables (before nft). If you are searching for OpenVPN server instruction using "nft" I'm very positive that you will find plenty of information
Wow! I've gone off and become more aware of how ufw, nftables (iptables) fit or work together to provide host firewall, thanks to you. I think I've learned that my network router is my 'network' firewall and host based firewall still has it's use/importance. Thank for being patient and helpful.
-
@timbopoise said in OpenVPN instructions for ubuntu server behind router firewall and no ufw:
Or am I missing something?
Setting up a VPN behind the router, instead of on it, causes routing issues. Devices on your LAN have to learn somehow what the route to the other end of the VPN is. DHCP won't do it. If the VPN is on the routing, it sorts things out as usual.
