Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VPN Client as Gateway and incoming connections not filtered

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 376 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      Fabio72
      last edited by

      I set up a vpn client, associated with an interface. I configured outgoing nat and the gateway. Using policy routing I can force hosts to navigate using the VPN.
      I set up some NAT to allow connections to some services from the VPN interface. Apart from the automatic nat rules, the vpn-gateway firewall tab is empty (not the openvpn).

      Now I tried a port scan from outside to the public IP associated to my VNP iface and I can see opened all sort of local ports in addition to the natted ones: 53, nrpe, DNSBL 8081 and 8083

      So there isn't a default block policy on the vpn interface?

      –edit--

      is the openvpn tab in firewall to be intended and an interface group of all vpn (client and server) definitions?

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        Yes, the OpenVPN tab is an interface group.
        If you need different rules for your OVPN instances delete all rules here and assign a separate interface to each vpn instance and set the needed rules there.

        1 Reply Last reply Reply Quote 0
        • F
          Fabio72
          last edited by

          that makes sense now  :D

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.