From Michael's Information Zone
Jump to: navigation, search

As of this writing I am still very green when it comes to IPTables. Used to know more about them, but as time went on and I worked with more systems the knowledge became a blur.
I find myself in need of a tunneling through our network vendor's equipment. I don't trust them to diagnose their equipment so I am taking matters into my own hands. With already having a CentOS 7 box acting as DHCP and DNS, it was only natural to install openvpn and enable ip forwarding.
[1]

firewall-cmd --permanent --add-interface=tun0 --zone=dmz
firewall-cmd --reload
nmcli con mod tun0 connection.zone dmz
nmcli c reload
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.d/ip_forward.conf
sysctl -p /etc/sysctl.d/ip_forward.conf
firewall-cmd --permanent --zone=dmz firewall-cmd --add-masquerade
firewall-cmd --reload