How to set IPTABLES on Ubuntu server to accept incoming route call from LAN?

Bo Berglund bo.berglund at gmail.com
Sun Jan 16 08:34:46 UTC 2022 

I have an OpenVPN server running on an Ubuntu Server 20.04.3 and it has worked
well for a long time.

Now I have put another ASUS router on my summer home and it is set up to connect
a VPN connection back home so I can reach my home data from any device at the
summer home. Basically connecting the two LAN's together. This works just fine
as seen from the summer home.

But I also want the same visibility of the summer home from my home LAN and
currently that is not working. I figured this is possible to solve by routing
from the ASUS router to the OpenVPN server.

I want to be able to use it to route calls backwords through the VPN tunnel that
has been established by the ASUS router at my summer home.

So I have added a static route in the home router to the OpenVPN server machine
for the network at the summer home:
192.168.117.0  255.255.255.0 192.168.119.216  2  LAN

But the OpenVPN server seems to do *nothing* about these calls and I suspect
that it is caused by the IPTABLES rules present...

I have tested using ping and tracert from Windows and ping from Linux and it
seems to reach the OpenVPN server but then nothing...

So how can I change IPTABLES such that a routed call from the main gateway on
the ASUS router is picked up and acted on through the tunnel?

Here is the current IPTABLES content as listed by sudo iptables-save:

$ sudo iptables-save
# Generated by iptables-save v1.8.4 on Sun Jan 16 09:13:27 2022
*nat
:PREROUTING ACCEPT [182594:41756566]
:INPUT ACCEPT [86852:22032356]
:OUTPUT ACCEPT [22172:4760131]
:POSTROUTING ACCEPT [22659:4811617]
-A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.8.139.0/24 -o eth0 -j MASQUERADE
COMMIT
# Completed on Sun Jan 16 09:13:27 2022
# Generated by iptables-save v1.8.4 on Sun Jan 16 09:13:27 2022
*filter
:INPUT ACCEPT [24964781:33135883667]
:FORWARD ACCEPT [17015727:19826479357]
:OUTPUT ACCEPT [20189356:26849307557]
COMMIT
# Completed on Sun Jan 16 09:13:27 2022

I don't know much about how IPTABLES work, the current state was set up when the
OpenVPN server was installed many years ago.
Any suggestions welcome.


-- 
Bo Berglund
Developer in Sweden

More information about the ubuntu-users mailing list