How do I configure the firewall for OpenConnect interface?

kingkong · October 6, 2021, 10:48am

Hello,

I’m afraid I need step-by-step instructions on how to set up openconnect on the GL-MT300N-V2.
What I have managed to do so far:

My openConnect server is running on a RaspBerry PI 3B+.
The openconnect server uses a Let’s Encrypt certificate.

With the ios app Cisco AnyConnect I can connect to the Raspberry, and the iPhone’s internet traffic then runs through the RaspBerry as well.

The GL-Inet runs in repeater mode, i.e. an existing WLAN is used, and the GL-Inet opens its own WLAN.

On the GL-Inet the Luci console has to be installed - I did that.

Via the Luci console I installed luci-proto-openconnect.
This also installs the openconnect package.

Via Luci → Network-> Interfaces I created a new interface with the self chosen name “VPN”.

In the configuration I only have to enter the address of my OpenConnect server, the username and the password.

But how do I proceed now ?

How do I run the WLAN traffic and the LAN cable over OpenConnect ?

I have already tried some instructions, but nothing works.

Translated with DeepL Translate: The world's most accurate translator (free version)

alzhao · October 6, 2021, 12:08pm

Did Openconnect actually connect to your server?

As far as I know, if you use MT300N-V2, there is not enough space to install openconnect. You may need to use an USB key and use exroot to install everything on the USB.

After openconnect actually build the turnnel, you should see network interfaces and you can add firewall rules to route the traffice.

kingkong · October 7, 2021, 1:26pm

How do i configure firewall/routing ?

alzhao · October 8, 2021, 7:59am

Can you show the firewall section?

alzhao · October 8, 2021, 8:06am

Here is my settings when using openvpn for your reference.