Hi, how should I configure my firewall on a machin...
# clientb
billowy-lighter-15580
10/24/2022, 4:29 PMHi, how should I configure my firewall on a machine that have netclient to connect to a VPN network were UDP hole punching is enabled???
b
bored-island-21407
10/24/2022, 4:30 PMYou have to allow outgoing udp and 443 TCP.
bored-island-21407
10/24/2022, 4:31 PMand incoming to established connections
b
billowy-lighter-15580
10/24/2022, 4:33 PMCan’t allow all incoming and outcoming udp on all ports
billowy-lighter-15580
10/24/2022, 4:33 PMWhat is the port range used by netclient ?
billowy-lighter-15580
10/24/2022, 4:35 PMAnd isn’t the hole punching functionality is here to manage the opening port automatically and open only required udp ports ?
b
bored-island-21407
10/24/2022, 5:20 PMwith hole punching, any udp port could be assigned. The connection is established by the netclient host so only outgoing udp is required. Incomming connections will reuse this port.
if this is not acceptable, turn off udp hole punching for the node in questions and port forward the udp port at your firewall.
b
billowy-lighter-15580
10/24/2022, 5:40 PMDosent seem to work: I have udp hole punching enabled and OUTPUT firewall default policy ACCEPT.
b
bored-island-21407
10/24/2022, 5:41 PMwhat kind of ISP are you using.... CGNAT by any chance?
b
billowy-lighter-15580
10/24/2022, 5:42 PMNo
b
bored-island-21407
10/24/2022, 5:43 PMif no NAT is involved, why do you want to use udp holepunching?
b
billowy-lighter-15580
10/24/2022, 5:46 PMIt enabled by default on the netmaker network. And if I understand well the hole punching will prevent manually opening udp ports on firewall