This guide explains how to configure firewall rules directly from the LumaDock control panel. You can allow ping (ICMP), whitelist your IP, and open ports for VPNs like OpenVPN or WireGuard — all without needing to access the server itself.

1. What You Need to Know

  • Rules are checked from top to bottom — order matters.
  • If you add a Drop All rule without first allowing SSH or RDP, you can lock yourself out of your LumaDock VPS.
  • Start with safe rules, test connectivity, and then tighten security.

2. Recommended Setup Steps

  1. Allow your own IP for SSH/RDP/VPN access.
  2. Allow ICMP (ping).
  3. Open the necessary VPN ports (e.g., OpenVPN or WireGuard).
  4. (Optional) Allow all outbound traffic.
  5. (Optional) Drop all other incoming connections.

How to Add Rules in LumaDock

Log in to your LumaDock client area, go to Services → Your VPS → Firewall tab to start adding rules.

1. Allow your own IP (SSH / RDP / VPN)

Direction: Inbound
Action: Accept
Protocol: TCP
Port: 22 (for SSH) or 3389 (for RDP)
Source IP: your public IP (e.g., 123.123.123.123)
Comment: Allow admin IP

2. Allow ICMP (Ping)

Direction: Inbound
Action: Accept
Protocol: ICMP
Port: (leave blank)
Source IP: (leave blank)
Comment: Allow ping

3. Allow VPN Ports

For OpenVPN (UDP 1194):

Direction: Inbound
Action: Accept
Protocol: UDP
Port: 1194
Source IP: (optional)
Comment: Allow OpenVPN

For WireGuard (UDP 51820):

Direction: Inbound
Action: Accept
Protocol: UDP
Port: 51820
Source IP: (optional)
Comment: Allow WireGuard

4. Allow Outbound Traffic (optional)

Direction: Outbound
Action: Accept
Protocol: Any
Port: Any
Destination IP: Any
Comment: Allow all outbound

5. Drop All Other Inbound Traffic (optional, add last)

Direction: Inbound
Action: Drop
Protocol: Any
Port: Any
Source IP: Any
Comment: Drop all other traffic

Example Rule Set for a VPN Server

Direction Action Protocol Port Source IP Comment
Inbound Accept TCP 22 123.123.123.123 SSH from your IP
Inbound Accept UDP 1194 Any OpenVPN
Inbound Accept ICMP Any Any Allow ping
Outbound Accept Any Any Any Allow all outbound
Inbound Drop Any Any Any Drop everything else

Tips for LumaDock Users

  • Always whitelist your IP first to avoid losing access to your LumaDock VPS.
  • You can use 123.123.123.123 for a single IP or 192.168.0.0/24 to allow an entire subnet.
  • Use meaningful comments to organize your rules.
  • Apply one rule at a time and test it before adding restrictive ones like DROP ALL.

If you're not sure what to allow, or you lose access after a rule change, just contact LumaDock support. We're here to help you get back online safely.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

Installing from ISO images

You can reinstall your VPS from ISO images at any time from your client area. Please note that...
LumaDock Firewall Guide for Linux VPS

This guide helps you configure firewall rules for your Linux-based VPS in the LumaDock control...
LumaDock Firewall Guide for Windows VPS

This guide shows you how to configure firewall rules in the LumaDock panel for your Windows-based...
LumaDock Firewall Guide – VPN Configuration

Want to use your VPS as a VPN server (OpenVPN or WireGuard)? Here’s how to configure your...