電訊茶室 - Powered by Discuz! Board

標題: Openconnect VPN server implementation on OpenWRT since version 22.03.x [打印本頁]

作者: tomleehk 時間: 2022-12-18 15:27 標題: Openconnect VPN server implementation on OpenWRT since version 22.03.x

本帖最後由 tomleehk 於 2022-12-18 16:16 編輯

Reference
http://www.telecom-cafe.com/forum/viewthread.php?tid=6770

iptables rules are no longer supported in Openwrt since version 22.03.x(Firewall uses fw4，ie. nftables) and therefore following firewall rules are unable to be captured at LUCI (Network/Firewall).
iptables -I INPUT -p tcp --dport 443 -j ACCEPT
iptables -I INPUT -p udp --dport 443 -j ACCEPT
iptables -I FORWARD -i vpns+ -s 192.168.60.0/24 -j ACCEPT
iptables -I INPUT -i vpns+ -s 192.168.60.0/24 -j ACCEPT

An equivalent configuration can be created at Firewall/Traffic Rules to do the same job.
Name : OpenConnect
Protocol : TCP/UDP
Source zone : Any zone
Source address : 192.168.60.0/24
Source port : any
Destination zone : wan/wan6
Destination port : any
Action : accept

作者: Skypeus 時間: 2022-12-24 10:07

楼主可以出个在Openwrt里设置使用OpenConnect的图文教程吗？

作者: tomleehk 時間: 2022-12-25 15:16

本帖最後由 tomleehk 於 2023-1-3 17:35 編輯

楼主可以出个在Openwrt里设置使用OpenConnect的图文教程吗？
Skypeus 發表於 2022-12-24 10:07

Reference
Openconnect VPN server implementation on OpenWRT router using certificate authentication
http://www.telecom-cafe.com/forum/viewthread.php?tid=6770

手上嘅hardware已經轉哂upgrade哂, openwrt version 都已經 upgrade 咗上 version 18.x 19.x 或以上, d cert files, config files, .p12 file 大致上可保留沿用...

個人覺得 version 18.x 同 19.x 連線比較快比較稳定, 用咗21.x 同 22.x 一段時間, 最近都轉番用 18.x 同 19.x

歡迎光臨電訊茶室 (http://telecom-cafe.com/forum/)