[QUESTION] How to add iptable rule to accept i…

[QUESTION] How to add iptable rule to accept in/out going traffic for specific subnet?:

I have a Linux machine on a segregated network that I VPN into. When I VPN in, I get assigned a virtual IP by the VPN server.

I’ve found that when I VPN in, I can RDP to Windows boxes no problem. Ping, http, rdp, etc.. all work. However, the Linux box is not immediately accessible. In fact, I have to first RDP onto a machine already on that segregated netowork, and then I can ssh into the Linux box.

This tells me the Linux box is only accepting traffic from devices on its native subnet and that I need to tell it to accept traffic from the virtual VPN subnet from which external devices will be assigned.

I’ve tried this rule:

sudo iptables -A INPUT -p tcp -s -m conntrack –ctstate NEW,ESTABLISHED -j ACCEPT

Where is the virtual VPN subnet. But I still cannot ping the Linux box yet from mty connected host machine. So either I added the wrong rule, or added it incorrectly. Any tips/guidance?

submitted by /u/Tikiyetti
[link] [comments] via Linux 101 stuff. Questions are encouraged, noobs are welcome!